Cisco DNCS System Release 2.7 3.7 4.2 Design Guide
4000358 Rev B
Introducing DOCSIS
1-9
Terminology,
Continued
Term
Definition
Ping floods
A type of network security breach in which a network
connected to the Internet is swamped with replies to
ping requests. A smurf attacker sends ping requests
to an Internet broadcast address. These are special
addresses that broadcast all received messages to the
hosts connected to the subnet. Each broadcast address
can support multiple hosts, so a single ping request
can be multiplied many times. The return address of
the request itself is spoofed to be the address of the
attacker's victim. All the hosts receiving the ping
request reply to this victim's address instead of the
real sender's address. A single attacker sending
hundreds or thousands of these ping messages per
second can flood the victim's network with ping
replies and bring the entire network down.
Registered Cable Modem A cable modem whose MAC address is located in the
back-end server database. When the cable modem is
registered, it is typically assigned a final Net 10
private IP address.
Service ID (SID)
A unique number assigned by the CMTS to each
DOCSIS cable modem. The CMTS and cable modem
use the SID for the purpose of upstream bandwidth
allocation, ranging, upstream channel privacy, and
class of service.
Smurf attacks
Security attacks that do not try to steal information,
but attempt to disable a computer or network. For
example, a smurf attack could attempt to disable a
network with ping floods.
Spoofing
A technique used to gain unauthorized access to
computers, whereby the intruder sends messages to a
computer using a source IP address indicating that
the message is coming from a trusted host. To engage
in IP spoofing, a hacker must first use a variety of
techniques to find an IP address of a trusted host and
then modify the packet headers so that it appears that
the packets are coming from that host.
Terminology,
Continued