Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Bugtraq: Re: [BUGTRAQ] RE: hacking the mitsubishi GB-50A

Re: [BUGTRAQ] RE: hacking the mitsubishi GB-50A

From: Joe <joe_at_avvanta.com>
Date: Mon, 24 Mar 2008 11:54:49 -0700 (PDT)

On Mon, 24 Mar 2008, James C. Slora Jr. wrote:

>> If you read your own post you would realize that Mitsubishi
>> kept the device ipaddress prefix as 192.168.1 so only you
>> can attack yourself.
>
>> 192.168 cannot be access from the internet ;-)
>> [unless you NAT at which point its your NAT config problem]
>
> Wow, I'm glad to hear that machines with private addresses can't be
> attacked unless NAT is misconfigured. I'm also glad that we only have to
> worry about attacks coming directly from the Internet, and that our LANs
> are as safe as ever.

A security "problem" that is only a problem if security =elsewhere= has
been breached... is not a problem in and of itself. The breach of your LAN
is the problem.

If the device can only be attacked locally then it's really a non-issue.
This is why securing your LAN is of paramount importance - because once
they cross your DMZ there is no end to the number of ways you're screwed. 

-- 
Joe Harris         Administrator - Unix Systems
Avvanta, Inc       Security Officer Abuse Contact
(425) 818-9900     Hostmaster (DNS Administration)
(888) 662-5274     http://www.avvanta.com/
Received on Mar 25 2008
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]