Actiontec Router Security Issues?

[giggler]

I am a little worried about the way my Actiontec router and my FiOS TV set top box (Motorola QIP6416-2) are configured. The Actiontec router is connected to the outside world using a coax cable. I have a bunch of security features (firewall, etc.) turned on to protect my internal network. However, it seems that the FiOS TV set top box that is only connected to coax somehow gets an IP address on my internal network (192.168.1.101). To me, the coax cables represent the untrusted network, and thus, an untrusted device on the external network being able to get an IP address in my internal network is worrisome.

Does anybody know how the FiOS set top box authenticates to the Actiontec router? I could set up network sniffers to figure it out and see how vulnerable it is to attack, but I'm wondering if somebody already knows how this works.

Also, does anybody know what is listening on ports 7501, 21303, 21306 and 21307 on the set top box? Those ports are open, but it doesn't look like there are any standard services running on those ports.

[Justin]

I do not have the Actiontec router because I got FiOS before Verizon started using it, but I have read some forum postings, etc, and it is my understanding that the WAN and LAN traffic are on two different frequencies on the coax, and that the LAN traffic never goes outside your private network (ie, the ONT does not transmit any of that traffic out to the internet). Thus all of your LAN traffic really is behind the firewall in the Actiontec even though it physically uses the coax along with the WAN traffic.

I don't think there is any security issue here, hopefully someone with more detailed knowledge can confirm what I said, or correct me if I am wrong. You might also want to go to the Actiontec website and check out the specifications for the router, I think it supports what I said above.

I have no idea about the ports. Sorry....

[giggler]

If that is true, it is somewhat reassuring. However, the main problem that I am worried about is not whether my LAN traffic gets broadcast on the WAN; it is whether anybody on the WAN can join my internal network in the same way that the TV set top box does.

For example, can my neighbor spoof my TV set top box to my Actiontec router and get an IP address on my internal network? Maybe the network topology prevents this, and packets destined to "internal" IP addresses get dropped at some point before they get to my router.

Alternately, I know this sounds paranoid, but can my neighbor tap into my coax line where it leaves my garage and spoof the TV set top box from there? This is not something I am really worried about, but the whole idea of having a device on the untrusted side of the network join your internal network without having to configure any credentials on the device seems fishy.