Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Full-Disclosure] Zonet ZSR1104WE Router problem

from [J Wachtel] Network Security [Permanent Link]
Subject: [Full-Disclosure] Zonet ZSR1104WE Router problem
Date: Thu, 29 Apr 2004 09:39:50 -0400 
Zonet ZSR1104WE

 

Router does not report inbound connections with their WAN ip address.
All inbound connections are posted as the routers LAN address.

 

This issue is a simple one.  The ZSR1104WE router with the listed
firmware / hardware will not report an inbound TCP/IP connections WAN
address.  We host a service that uses port 443 @ 192.168.1.2 that is
forwarded through the routers NAT firewall.  Lets say an inbound
connection from 24.156.189.3 establishes a socket connection to the
service on port 443.  Our services IP logging tool and Windows XPPro SP1
netstat command line utility will not report the WAN address of this
connection.  Instead the LAN IP address of the router will be reported
as the inbound connections address.  It is analogous to NAT in reverse.
All inbound connections are masked as the router's LAN IP address.  Our
service and some other tools discriminate security rights depending on
whether the connection is from the WAN or LAN, this behavior makes that
impossible.  The connection will behave normally.  However I speculate
that it is using the MAC address to get the routing correct.  I have
contacted their support to inform them of this error and their response
is to not fix it as it does not break the connection. 

 

 

-Jason Wachtel

 

Zonet ZSR1104WE

Hardware Version   Rev. A 

Boot Code Version   1.0 

Runtime Code Version   2.41
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [Full-Disclosure] Zonet ZSR1104WE Router problem, J Wachtel <=
Previous by Date:  [Full-Disclosure] Re: [0day] Heads up: Possible lsass worm in the wild, Darren Bounds
Next by Date:  RE: [Full-Disclosure] Heads up: Possible lsass worm in the wild, Randal, Phil
Previous by Thread:  [Full-Disclosure] Exploit Identification Request, System Administrator
Next by Thread:  [Full-Disclosure] agobot and 1025, Willem Koenings
Indexes:  [Date] [Thread] [Top] [All Lists]