No, Firewalking is information-gathering only. It has nothing to do with spoofing sessions, or creating connections that weren't already there, it is merely determining if a host is passing through a packet filter, and if so, on which ports. A NAT device will stop attempts at firewalking simply by being in the way. You won't be able to determine if the NAT device is also packet filtering because there is no decrease in TTL for any of their traffic. Through a normal routed network, there is, hence how firewalking was born.
Define "reverse NATing from the outside". You can't route NAT-usable (local) addresses across the net, since routers won't know what to do with them. And a good NAT box will reject any incoming traffic (even ICMP control packets) that doesn't match a known connection anyway.
That is what he is going to use!
I asked where the heck you going to get a Table!
He said he can snif the packets to do that
Also I no longer have Standard IP address to log in to router........ I reset it
It doesn't matter even if he knows the addresses of your local machines -- the NAT box will reject any packets coming from outside with those addresses. Reverse NAT is something that has to be supported by the router and configured manually, not something that is automatically turned on and providing a security hole.
Resetting the router? Usually that just resets the passwords to get into it. If you surf to http://192.168.0.1 (or whatever address it's at), you can still access the router's HTML interface.
Resetting the router? Usually that just resets the passwords to get into it. If you surf to http://192.168.0.1 (or whatever address it's at), you can still access the router's HTML interface.
You can only reset by manual switch!
You have to hold it down for 7sec; then my router will reset to Factoy Default!
WIthout phyiscal pressing that switch; it can't be done!
I talked to him today. He is complaining I have tighten/close/stealth ports. He wants me to open an ICMP port.
He also getting agitated; because all is requesting getting discarded.
He also getting agitated; because all is requesting getting discarded.
no offense... but all those people who boast about cracking things... never have the know-how to actually make good on their boasting.
those that don't say anything... and play dumb, those are the ones you need to worry about.
there are ways to "get around" the NAT box... but to crack it... umm... i dunno.
i'll assume he means that the device allows for remote administration and the end-user didn't bother to change the generic password... don't laugh, it happens more than you'd think.
it's sorta like cisco people telling giving horror stories of routers they've seen in production envornments with cisco/class password/secret combos.
i guess, if this guy was behind a proxy that the end user was communicating with, he could peer into the network while the session was still active... and other stuff like that. but you gotta' be pretty high level to pull this stuff off... not any joe-shmoe can do it.
as for sniffing the packets... i took a fundamentals of security class, and some wannabe stood up in class and thought he was pretty slick. he said prettymuch the same thing, that he could sniff packets. the instructor immediately knew this guy was full of it, and quickly shut him up. unless he has a device that is sniffing packets between the end-user and where he's going.... which is unlikely he does. (try sneaking over to a place, putting a hub on the outbound network connection and plugging a computer into that hub and covering it with bushes... yeah there are other ways... but they're about as impractical)
besides, i'm pretty sure most of these devices block outside requests that come from the same subnet as the internal network. at least i hope they do. i know with more advanced devices you need to specifically specify this rule.
correct if anything is wrong.
those that don't say anything... and play dumb, those are the ones you need to worry about.
there are ways to "get around" the NAT box... but to crack it... umm... i dunno.
i'll assume he means that the device allows for remote administration and the end-user didn't bother to change the generic password... don't laugh, it happens more than you'd think.
it's sorta like cisco people telling giving horror stories of routers they've seen in production envornments with cisco/class password/secret combos.
i guess, if this guy was behind a proxy that the end user was communicating with, he could peer into the network while the session was still active... and other stuff like that. but you gotta' be pretty high level to pull this stuff off... not any joe-shmoe can do it.
as for sniffing the packets... i took a fundamentals of security class, and some wannabe stood up in class and thought he was pretty slick. he said prettymuch the same thing, that he could sniff packets. the instructor immediately knew this guy was full of it, and quickly shut him up. unless he has a device that is sniffing packets between the end-user and where he's going.... which is unlikely he does. (try sneaking over to a place, putting a hub on the outbound network connection and plugging a computer into that hub and covering it with bushes... yeah there are other ways... but they're about as impractical)
besides, i'm pretty sure most of these devices block outside requests that come from the same subnet as the internal network. at least i hope they do. i know with more advanced devices you need to specifically specify this rule.
correct if anything is wrong.
ROFLMAO
why doesnt he ask for your passwords why he is at it
can you imagine the call to a bank it helpdesk
Bank: "hello bank of cash IT"
Hacker: " er can you help me"
Bank: "certainly whats the problem"
Hacker: "I am trying to hack your network and cant can you open a port or two on your firewall for me"
bank: "f*** off"
Now he saying; he wants to reverse the LAN/WAN :Q He gona make router to believe Internet is LAN, and LAN is WAN.
Is it even possiable
I am not sure how he is going to do
Since I disable that remote function!
I change the Factory default password and LAN setting (IP) ...........
Let see what he can do now :evil:
Is it even possiable
I am not sure how he is going to do
Since I disable that remote function!
I change the Factory default password and LAN setting (IP) ...........
Let see what he can do now :evil:
Lol, xyyz has it on the money. The guy is full of it.
Personally, if it were me someone were making the bet with, I would toy with his mind and break out a honeypot that emulated the linksys software. Hack up a bit of apache source, save the HTML output of all the pages, and presto, you have yourself some fun. I would probably set aside the time to do that, which may or may not be sad, when you think about it.
Personally, if it were me someone were making the bet with, I would toy with his mind and break out a honeypot that emulated the linksys software. Hack up a bit of apache source, save the HTML output of all the pages, and presto, you have yourself some fun. I would probably set aside the time to do that, which may or may not be sad, when you think about it.
Disable SSH? How would you admin the box? Most firewalls don't have keyboards/monitors attached to them.. If anything you should disable telnet and leave SSH since it's secure (hence the name Secure Shell)..
But yeah, you could root the firewall/NAT, and then write rules to accept traffic from IP x.x.x.x and NAT it into the LAN. Or write your own port forwarding rules.. Once you root the box, you can do pretty much anything you want to launch an attack internally.. After you're done destroying stuff, remove the rules, and back out you go.. It IS difficult, but can be done..
But yeah, you could root the firewall/NAT, and then write rules to accept traffic from IP x.x.x.x and NAT it into the LAN. Or write your own port forwarding rules.. Once you root the box, you can do pretty much anything you want to launch an attack internally.. After you're done destroying stuff, remove the rules, and back out you go.. It IS difficult, but can be done..
Only the most pathetic firewall/NAT would allow remote admin (even SSH) from *outside* the LAN unless specifically configured for it. If it did, anyone with enough patience could crack it.
Besides, I doubt his router even supports reverse NAT, so he still wouldn't be able to get in even if he had root access to it.
Besides, I doubt his router even supports reverse NAT, so he still wouldn't be able to get in even if he had root access to it.
Its a Dlinkl 713P Router/Switch/PrinterServer.
So far he had no luck
SSH is only accesable from inside!
No port Fwd is allowed!
He wants me to open 113 and 139 ports. I told him NO WAY
So far he had no luck
SSH is only accesable from inside!
No port Fwd is allowed!
He wants me to open 113 and 139 ports. I told him NO WAY
Tell him that opening ports defeats his uberness, and that real men don't need no stinking ports opened.
Toss another one into the lamer file, lol.
Toss another one into the lamer file, lol.
I once had a person do this type of thing to me. I was behind a netgear router with no ports forwarded. I was talking to him on aim and he told me that he could get my IP address from netstat. So I asked him what my IP address was and he gave my the IP of the AIM server. I told him that's not my address. He did some more things, and finally I told him I would give him my IP address, just to be nice to him (but that he was really lame since he couldn't figure it out). I gave him 192.168.2.1. He then complained that he couldn't ping it. So I told him that I made my computer not respond to pings. He said that wasn't possible.
fun, fun
fun, fun
heheh this reminds me of a 133t kid who just came on IRC and told me this :
l33t kid : "Im gona hack you man..."
GeSuN: "Really? cool, needed to format anyway... so how are you going to bypass NAT?"
(off course it IS possible to bypass NAT, but just see what he's going to say and you definatly know he is not even able to hack an unpatched IIS server v.4 with Netbus and BackOrifice and whatever, installed on it )
l33t kid : "Well do you have Linux ?"
GeSuN: "I do have a computer running Linux, but it is not connected to my network right now... why?"
l33t kid : "If you don't have linux, you're firewall won't work"
GeSuN: "Nooo please! Noooo don't hack me..."
So remember guys, no linux = firewall not working....
I didn't even know someone could be that stupid... *sigh*
l33t kid : "Im gona hack you man..."
GeSuN: "Really? cool, needed to format anyway... so how are you going to bypass NAT?"
(off course it IS possible to bypass NAT, but just see what he's going to say and you definatly know he is not even able to hack an unpatched IIS server v.4 with Netbus and BackOrifice and whatever, installed on it
)l33t kid : "Well do you have Linux ?"
GeSuN: "I do have a computer running Linux, but it is not connected to my network right now... why?"
l33t kid : "If you don't have linux, you're firewall won't work"
GeSuN: "Nooo please! Noooo don't hack me..."
So remember guys, no linux = firewall not working....
I didn't even know someone could be that stupid... *sigh*
Well, see, it's like this:
The good news is that NAT is fairly hard to get around from a brute-force perspective. The bad news is that brute force is seldom necessary.
It's much easier to plant a bug / trojan / root kit in a file called something like "Wild Teenage Sex" or some desirable music files or movies, or pictures, or , or , or ... and let some " I wasn't gonna buy it anyway so it's not really stealing" kinda person pimp themselves. It happens thousands of times every day, and virus / trojan / worm / pop-up etc blocking isn't always effective. Once the invading code is on your system, it's owned, and the networked systems are next, or at least available.
Even Intrusion Detection Systems (IDS) have some weaknesses and can be defeated without too much effort. If the administration and monitoring is weak or lazy, the system WILL be compromised. Even in a tight system, it can be an uphill battle against the GD users and folks with portable / laptop systems that can connect outside the corporate security perimeter.
Check the .sig - it's true " There is no patch for human stupidity"
A good security policy is the first, best step to locking down a network. Fill in the hardware blanks, hire a crew to watch everything, and you have a chance.
FWIW
Scott
The good news is that NAT is fairly hard to get around from a brute-force perspective. The bad news is that brute force is seldom necessary.
It's much easier to plant a bug / trojan / root kit in a file called something like "Wild Teenage Sex" or some desirable music files or movies, or pictures, or , or , or ... and let some " I wasn't gonna buy it anyway so it's not really stealing" kinda person pimp themselves. It happens thousands of times every day, and virus / trojan / worm / pop-up etc blocking isn't always effective. Once the invading code is on your system, it's owned, and the networked systems are next, or at least available.
Even Intrusion Detection Systems (IDS) have some weaknesses and can be defeated without too much effort. If the administration and monitoring is weak or lazy, the system WILL be compromised. Even in a tight system, it can be an uphill battle against the GD users and folks with portable / laptop systems that can connect outside the corporate security perimeter.
Check the .sig - it's true " There is no patch for human stupidity"
A good security policy is the first, best step to locking down a network. Fill in the hardware blanks, hire a crew to watch everything, and you have a chance.
FWIW
Scott
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes + WCL Discussion Threads
- Started by Tigerick
- Replies: 22K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 23K
-
News NVIDIA and Intel to Develop AI Infrastructure and Personal Computing Products- Started by poke01
- Replies: 409
-
Facebook
Twitter