Network Security: Detailed info on RE: Possible weird/insecure configuration of an ISP router exposed unfil

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Security-Basics

[Top] [All Lists]

RE: Possible weird/insecure configuration of an ISP router exposed unfil

from [David Gillett] Network Security

[Permanent Link]

Subject:	RE: Possible weird/insecure configuration of an ISP router exposed unfiltered to public internet?
Date:	Thu, 27 Jan 2005 15:17:23 -0800

4. (my main question!): The reason given by the ISP to expose 
the router is totaly weird, because the IP range for 
_outgoing_ ADSL-connections is irrelevant for router remote 
administration, which is performed in the opposite direction 
and need's only one IP, p.ex. the one of the target router.


  Uh, no.  Any TCP connection needs both source and target addresses.

  What the ISP said is:  We've considered only allowing telnet
connections to this box from specific source addresses (assigned
to those who should be able to administer the router).  We haven't
restricted access to only those sources yet; it's entirely possible
that the administrators need the option to access it from wherever
they are on the Internet *today*, and that changes, either because
they travel and/or they get an address via DHCP or other dynamic 
mechanism.

  It's entirely possible that certain "known nuisance" and invalid
or spoofed source addresses are blocked; yours doesn't (yet) happen
to be one of them.

David Gillett

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Possible weird/insecure configuration of an ISP router exposed unfiltered to public internet?, John Doe RE: Possible weird/insecure configuration of an ISP router exposed unfiltered to public internet?, David Gillett <= Re: Possible weird/insecure configuration of an ISP router exposed unfiltered to public internet?, John Doe RE: Possible weird/insecure configuration of an ISP router exposed unfiltered to public internet?, David Gillett Re: Possible weird/insecure configuration of an ISP router exposed unfiltered to public internet?, david kuhlman

Previous by Date:	Re: Apache attacks, Bernie Johnson
Next by Date:	RE: tool for mount a dd image, Yelland, Mike
Previous by Thread:	Possible weird/insecure configuration of an ISP router exposed unfiltered to public internet?, John Doe
Next by Thread:	Re: Possible weird/insecure configuration of an ISP router exposed unfiltered to public internet?, John Doe
Indexes:	[Date] [Thread] [Top] [All Lists]