Home page logo
/

basics logo Security Basics mailing list archives

Re: router question...
From: Yousef Syed <yousef.syed () gmail com>
Date: Mon, 23 Jan 2006 20:02:51 +0000

Personally, I've had anumber of problems with common-off-the-shelf
Routers/firewalls.
From wireless encryption no longer working after updating the firmware
(Belkin 54g) to Passwords refusing to be set (Dlink MIMO Wireless
Router).

<sigh> Smoothwall never gave me any such problems...
They may not be as "userfriendly" or easy to use, but atleast
Smoothwall style firewalls actually work. I keep Smoothwall as the
outside gateway, simply because I no longer trust these COTS
routers/firewalls.

ys

On 21/01/06, Dave <dlaud.flux () gmail com> wrote:
I had an odd experience yesterday and was wandering if anyone could help
shed some light on it...

I run a webserver that I keep behind a router/firewall. The router is a
standard store bought Linksys BEFSX41. The firewalls NAT feature is
disabled so someone on the local LAN can access the server via it's
Internet  domain name. The routers 'remote administration' feature is
disabled so no one outside the LAN can log into the config page.

The problem: Yesterday a couple of the websites being hosted on the
server were basiclly unavailable. At first we were thinking DoS of some
sort but no evidence in the servers logs to support this as far as I
know. At any rate, when I would try to access the problem page I was
greeted with the router log in prompt! I (using a local machine) log
into the router to verify that the 'remote administration' option is
dissabled...it was. So why when I tried to access the troubled website
via domain name (www.troubled_site.com) I was greeted with my routers
log in prompt?

The routers firmware is up to date...I call linksys and asked if they
knew what it could be. they did not know. I looked for and asked if
anyone knew of any exploit code that could do this to this router...no
luck (doesnt mean it doesnt exist). So why was my router (for a short
time only) prompting website visitors with it's log in prompt?

Any ideas / comments appreciated.

dave

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------




--
Yousef Syed
"One senior official said the consultancy "doesn't have the greatest
of reputations among civil servants. They come and state the bleeding
obvious using Powerpoint"."

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault