• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Network Security Questions.. Case study ....

J

jimmyhaha

Platinum Member
Network Security Scenario

1. Have 3 PC behind a SOHO-class router equip with NAT (i.e. linksys), let's name them machine A, B, C. All running win2k/XP with 1 WAN IP, 3 DHCP LAN IP
2. For some unknown reason, someone manage to get the following information of the network.

a. WAN IP address
b. admin login/password of PC A

3. Router remote manager is turn OFF.
4. There is NO port forwarding and NO DMZ setup
5. File & Printer sharing is NOT turn on.

What vulnerbility does those 3 PC (A, B, C) has?
 
If a trojan managed to get downloaded/installed on system "a" it could in theory mine out the username/password and phone it home since a SOHO router doesn't block outbound connections.

As for getting your wan IP address, if there was actually a trojan on the system, the wan IP could be traced from that.
 
I agree with vi_edit.

It's way easier to get someone to download their own malicious crap than it is to pound away at an interface for minutes-to-hours-to-days and find out there's nothing there.

People are greedy enough; offer 'em a good deal / good steal, then infect 'em. Much easier.

Why do you think people give that stuff away?

.02

Scott
 
If the machines are not kept up to date with security patches and whatnot, and do not run anti-virus, and are used by morons, there is a good chance bad things can happen. There have been several vulnerabilities for IE that allowed a malicious site to run code on the client machine. I'm not sure if all of these vulnerabilities have patches yet, the page I usually go to for information on unpatched ie bugs appears to be down 🙁
 
Originally posted by: n0cmonkey
If the machines are not kept up to date with security patches and whatnot, and do not run anti-virus, and are used by morons, there is a good chance bad things can happen. There have been several vulnerabilities for IE that allowed a malicious site to run code on the client machine. I'm not sure if all of these vulnerabilities have patches yet, the page I usually go to for information on unpatched ie bugs appears to be down 🙁
Click to expand...


Maybe they didn't patch their web server 🙂
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top