2

Is it possible that a neighbour could see my traffic (*), when we both have cable Internet? Or: Under which conditions might this be possible?

I would assume, "Never!", but after reading these two answers, I’m unsure.

At the Server Fault question ISP broadcasting all IP-packets, so I can see traffic of other clients from ISP, closetnoc answered:

For Cable, this is normal. Cable is segmented by neighborhoods depending upon area saturation. A neighborhood could be many miles or one block. This is normal since cable is not a frame connection but based upon broadcast standards much like ethernet over thin-net/thick-net back in the day. Your cable router may or may not enforce network segmentation depending upon the router, either by age or by model. Cable connections almost always see traffic on the WAN side that is not intended for the LAN. But sometimes WAN traffic can be seen on the LAN side. This is not unusual even today with the larger carriers.

At the question Does the method of Internet connection affect the security of your the network?, Tom Leek answered:

In the "neighbour is the attacker" scenario, point-to-point mediums are also somewhat better than broadcast mediums; I know of some Cable providers where the cable is a thinly disguised carrier for ethernet frames, which are broadcasted throughout the building, the ISP "box" acting as a filter.

Am I misunderstanding something?

(* I’m not talking about a neighbour trying to sniff/decrypt my WLAN traffic, so assume that no WLAN is involved.)

Community
  • 1
unor
  • 1,769
  • 1
  • 19
  • 39

3 Answers3

4

There are different network types, but one of the most common is passively switched fiber to the street. In other words, somewhere around 32 customers share a common fiber line from the ISP. The signal from the ISP is passively split out to reach all 32 houses, so all data that is transmitted from the ISP can be received at each house. Information sent from each house should only go directly to the ISP.

That said, a few different things can limit this behavior. The cable modems are configured by the ISP to only pick up the traffic addressed to you. Similarly, it is becoming increasingly common for encryption to additionally be used rather than a simple address for the filtering of traffic. If your ISP has switched to using the encrypted system, then each customer's cable modem is the only one that can decode the communication sent to it.

AJ Henderson
  • 41,896
  • 5
  • 63
  • 110
  • [Wikipedia](http://upload.wikimedia.org/wikipedia/commons/thumb/5/51/HFC_Network_Diagram.svg/864px-HFC_Network_Diagram.svg.png) implies that the sharing population was 500-2000 in the year 2009. Are you saying this has fallen closer to 32 over the last 5 years? I might be misapplying Wikipedia, so please correct me if I'm making some mistake. – bobuhito Aug 23 '14 at 22:42
  • 1
    @bobuhito - it depends on the type of network. Fiber to the neighborhood serves a larger number of customers per fiber line because it is using a coaxial distribution network. In fiber to the curb (what at least my local Road Runner uses), it is around 32 to 64 passively split fiber lines to one end point. Fiber to the premise (such as FIOS uses a similar split). [This wikipedia article](http://en.wikipedia.org/wiki/Fiber_to_the_x) may be more helpful. – AJ Henderson Aug 23 '14 at 22:59
  • 1
    Just to add specifically on the encryption, if they're using DOCSIS it's BPI as documented [here](https://en.wikipedia.org/wiki/DOCSIS#Security) – Matthew1471 Apr 19 '16 at 22:13
1

I am semi-retired from IT consulting specializing in the telecom industry. I will leave the best answer to the younger folks who work in this field. This is what I have seen lately.

The answer to the question depends largely on where you are and who your carrier is.

Our local carrier is a major carrier that took over another major carrier that went bankrupt. The previous company did almost nothing for security, however, the new company is making headway. I have to say that this is in the country and in the mountains. It has been 5 years and I still see older equipment and WAN traffic on the LAN side, but not everywhere. At my Moms house, she was seeing WAN traffic on the LAN side. This all changed one day and a while later they came by with new equipment with a fairly decent firewall. The new company has done a good job.

As well, in a city which is a rather small city and some distance away but still the closest one, there is another smaller carrier that had issues with security and had a bad reputation for it. However, when I lived in Washington D.C. there were no issues with WAN traffic on the LAN side and that was 12 years ago. Here each small block or half a block was segmented and remains that way today.

closetnoc
  • 111
  • 3
-1

Net+ certified here.

If I remember correctly the packets you should really care about are those that are not sent with encryption. These are, for example, non-https requests and the like. I'm going to use this example in the case of web servers and authentication.

Any sensible company is going to be using HTTPS on their site when accepting user data. This includes your username and your password. What the server does through authentication is basically how PGP encryption and key sharing works. You have the server send the client the server's public key. Nothing is changed the client sends the data along with a private key. This private key is a key that can only be read by the server unless compromised by an intrusion and it becomes public.

In short, you'll be fine. While the router does provide a firewall on your side, the places you really want to be concerned with are with non-https because the traffic is unencrypted and can easily be taken by something like a man-in-the-middle attack.

koodeta
  • 1
  • 1