An interesting vulnerability... Sorry this is a tad off-topic.

[David_Biggins@usermgmt.com]

Noticing some traffic on the cable modem at a time when none was
expected,  I hit the cable modem's standby button,  and loaded Zone
Alarm outside my firewall to see what was going on.

When it came up,  Zone Alarm immediately reported a few incoming probes.

I opened a box to ping -a and backtrack the source,  and the ping
failed....

At which point I noticed that the cable modem was still on standby.

Muttering evil thoughts about Zone Labs,  and mentally accusing them of
fake alerts for PR purposes,  I leaned over to turn the cable modem back
on,  and happened to see reflected the light from the rear-panel
ethernet connection from the modem to the system.   And it flashed.
And Zone Alarm reported a probe...   While the modem was still on
standby, with all its front panel lights, (including the power
indicator), out.    Muttering apologies to Zone Labs, I watched,  and
saw several other flickers on the cable modem's ethernet port,  each
accompanied by a Zone Alarm alert.

Further experimentation showed that attempts to initiate traffic out
while the cable modem is in standby are rejected,  but that incoming
probes (and therefore attacks) are permitted - almost exactly the
opposite of what you might want.

Any thoughts/comments?

## dave ##