Help! External Attacks to My Home Network Via Spectrum Internet Service!

I use Spectrum's 200 Ultimate Internet service via a privately owned Arris SurfBoard 6183 Cable Modem connected to an Asus RT-AC3100 Router running TrendMicro's antivirus software and firewall. I keep getting multiple External Attacks on my Home Network that the TrendMicro software identifies as either "EXPLOIT Remote Command Execution via Shell Script -2" or "EXPLOIT Netcore Router Backdoor Access". Luckily, for now, the TrendMicro software has been able to block these External Attacks, but they seem to be getting more frequent, and I'm worried a breach could occur at some point in the future. The "client" listed in the Router's Security Event report with respect to these External Attacks is only identified with the MAC Address of 00:17:10:87:8e:cc. My lookup of that MAC Address shows it belongs to a network equipment vendor called Casa Systems, Inc., which produces CMTS equipment for cable ISPs, including Spectrum. Thus, I infer that the External Attacks that are being recorded and repelled by my Router security software are coming in to me directly via Spectrum's own CMTS equipment! I have two questions: (1) has anyone else seen this phenomenon, and what did you do about it with Spectrum? and (2) can anyone provide any SPECIFIC contact information for the Spectrum organization that should be protecting customers from these External Attacks through Spectrum's servers? The Spectrum "technical support" people I have dealt with (usually from the Philippines) are completely lost in addressing this issue, and they have been unable to provide me with any means to interface with any REAL network security experts at Spectrum who can address this concern of mine as well as protect that part of the Spectrum network that is being affected by these attacks. Whew! Many thanks in advance for any assistance you can provide!
2 REPLIES
Lead Moderator

Re: Help! External Attacks to My Home Network Via Spectrum Internet Service!

Doing a little searching on this message  "EXPLOIT Netcore Router Backdoor Access" I am seeing a lot of reports of issues with the router.

 

Have you contacted the manufacturer? There may be a firmware update that is needed to correct the issue.  Perhaps there is a forum that they have as well. This may be something that is in discussion there. 

 

Regards,
Julia R.
Spectrum-Social Media Customer Care
Lead Moderator-Community Forums

Proven Sharer

Re: Help! External Attacks to My Home Network Via Spectrum Internet Service!

This is most likely a "false positive detection" in the your TrendMicro anti-virus and firewall application software.  The CMTS verifies your modem's MAC address every time it renews the DHCP lease or tries to send an update to the modem.  You might need to open up the firewall so your modem CAN receive the updates being sent to it by Spectrum.