articles

• "DOCSIS: Insecure by design: Free anonymous internet using modified cable modems", Defcon 16, August 2008
• "Sniffing cable modems", Guy Martin, Defcon 16, August 2008
• The Cable Modem Hacking Bible

BPI+ is an mostly effective protection against sniffing

• BPI+ is an upgrade to the original BPI

possible attack methods

• if the cable modem company has configured things so BPI / BPI+ aren't used, then EVERYONE is vulnerable to sniffing
• users with modems that don't support the newest standards (eg. DOCSIS 3.0) will force the CMTS to fallback to older (less secure)

Motorola SB5100

• overview of available firmware (as of 2008)
• places you can get premodded ones:
  • magicmodem.com