Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Vuln-Dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [BUGTRAQ] RE: hacking the mitsubishi GB-50A

from [Joe] Network Security [Permanent Link]
Subject: Re: [BUGTRAQ] RE: hacking the mitsubishi GB-50A
Date: Mon, 24 Mar 2008 11:54:49 -0700 (PDT) 
On Mon, 24 Mar 2008, James C. Slora Jr. wrote:

If you read your own post you would realize that Mitsubishi
kept the device ipaddress prefix as 192.168.1 so only you
can attack yourself.


192.168 cannot be access from the internet ;-)
[unless you NAT at which point its your NAT config problem]


Wow, I'm glad to hear that machines with private addresses can't be
attacked unless NAT is misconfigured. I'm also glad that we only have to
worry about attacks coming directly from the Internet, and that our LANs
are as safe as ever.

A security "problem" that is only a problem if security =elsewhere= has been breached... is not a problem in and of itself. The breach of your LAN is the problem.

If the device can only be attacked locally then it's really a non-issue. This is why securing your LAN is of paramount importance - because once they cross your DMZ there is no end to the number of ways you're screwed.

--
Joe Harris         Administrator - Unix Systems
Avvanta, Inc       Security Officer Abuse Contact
(425) 818-9900     Hostmaster (DNS Administration)
(888) 662-5274     http://www.avvanta.com/

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: hacking the mitsubishi GB-50A, Chris Withers
Next by Date:  [SECURITY] [DSA 1530-1] New cupsys packages fix multiple vulnerabilities, Noah Meyerhans
Previous by Thread:  Re: hacking the mitsubishi GB-50A, Vincent Archer
Next by Thread:  Re: hacking the mitsubishi GB-50A, Chris Withers
Indexes:  [Date] [Thread] [Top] [All Lists]