Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Wake On LAN from the Internet

from [Jon Hart] Network Security [Permanent Link]
Subject: Re: Wake On LAN from the Internet
Date: Thu, 27 Oct 2005 14:02:51 -0400 
On Wed, Oct 26, 2005 at 10:17:38PM -0400, Mark Owen wrote:

 Only way I can think of is to setup a VPN in which you log in to that
will then connect you to the destined computer.
 Easier move would be to ditch the password and rely strictly on the
mac address.
 WOL depends on upd port 9 and the mac address to be available to wake.
 The mac address is a unique 6 hex byte code (12 alphanumeric
characters a-f, 0-9).  Good enough password for me if you block
unnecessary ports.
 I'd open udp port 9 on your dlink and forward it to your computer. 
IP address would be the public IP assigned to your dlink.


Not to nitpick... but keep in mind that while there are 16^12 possible
MAC addresses, in reality the brute force of one is much simpler than
that.  Vendors use MAC addresses that are in a very specific range.
I don't have exact numbers, but if you assume that the target MAC is one
of Dell, Intel or 3com, your brute force space suddenly gets quite a bit
smaller.  For example, if I assume you've got a dell, I only need to
brute force MACs that start with:

   0:6:5b           
   0:8:74
   0:b0:d0
   0:b:db
   0:c0:4f
   0:d:56

Still not an easy task at 16^6 combinations, but well within the range
of being doable.  Worthwhile?  Maybe, maybe not.

I've never really looked into WOL before but found this:

   http://www.depicus.com/wake-on-lan/woli.aspx

-jon





--
Mark Owen
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Cisco Books, Andrew Chong
Next by Date:  Re: Integrating logs from PIX, IIS and WAS, phunked up!
Previous by Thread:  Re: Wake On LAN from the Internet, Mark Owen
Next by Thread:  RE: Wake On LAN from the Internet, Chris Goodwin
Indexes:  [Date] [Thread] [Top] [All Lists]