Routing is the process of moving packets across a network from one host to a another. It is usually performed by dedicated devices called routers.
0
votes
1answer
24 views
No advanced settings option in router [on hold]
How can I configure NAT Settings when my router doesn't have advanced settings option.
4
votes
3answers
141 views
How does “traceroute over TCP” work, what are the risks, and how can it be mitigated?
There is a utility called tcptraceroute, and this enhancement called intrace that is used just like a standard traceroute, but it works over TCP.
How is the syn flag in TCP used to achieve ...
4
votes
1answer
102 views
Firewall defined Akamai IP Range [closed]
With obvious dangers of opening up a wide range of ips, does anyone know how I can get a source of IP ranges for Akamai?
When talking to Akamai they say 'not possible' which I find surprising.
I ...
4
votes
2answers
110 views
What are the security implications of enabling UPnP in my home router?
I found port forwarding entries in home router that I haven't manually configured. Is that because of UPnP?
Are applications simply able to tell the router to forward ports on their own? Are there ...
0
votes
0answers
17 views
How risky is a personal-use-only wireless subnet inside the corporate subnet? [migrated]
My company's security policy with respect to wireless routers is to not use them at all -- everyone's wired in. Devices for personal use, such as laptops or cell phones, have to use their phone's data ...
3
votes
1answer
67 views
What are the requirements to sniff UDP packets in a Wireless Ad-Hoc network?
In a wireless Ad-Hoc network, I have two computers which communicates in UDP together from 192.168.1.3 to 192.168.1.5
I have a third computer (192.168.1.6) which wants to listen to the packets which ...
16
votes
3answers
1k views
Router password vs MAC filtering?
I just bought a Galaxy S4, and it didn't connect to the WIFI in my house (I have a 14$ router). After a bit of testing, I've decided to leave my connection open without a password, but added the ...
-2
votes
1answer
68 views
What is the security concern with allowing source routing? [closed]
Source routing allows the sender of a packet to specify the route it will take through the network. This feature is disabled by default on cisco routers. What is the security concern with this ...
2
votes
2answers
205 views
How actually is Tor hidden service hidden from public?
Let's suppose I have a web server X, listening on port N for instance and configured as a Tor hidden service.
How and where is implemented its' hiddenness from public access?
5
votes
2answers
125 views
Out-of-the-box Network Intrusion Appliance for non-Power User
First, let me apologize if any of this question is naive or beneath the scope of this board. Bear in mind the context and that I'm asking as an attempt to exhaust all resources.
Also, I understand if ...
-1
votes
1answer
69 views
Routable Domain for DC?
What is the impact of having a routable domain name in windows network infrastucture ?
Having example.com in place of exemple.local as domain name have an critical impact ? if yes what should I keep ...
7
votes
1answer
329 views
How can I stop this DOS attack?
I have this entry appearing constantly in my router logs:
[DOS Attack] : 5 [RST Scan] packets detected in last 20 seconds, source ip [xx.xx.xx.xx]
They just never stop. It doesn't seem to affect ...
4
votes
2answers
160 views
Encryption of headers in IPsec tunnel mode
I am learning about IPsec's transport and tunnel modes. I understand that transport mode encrypts only the payload of an IP packet and is used for communication between two entities that both ...
2
votes
1answer
65 views
find hardware and OS specs on routers
How do you determine the model and IOS version of a Cisco router, if you have its IP address remotely, but have no physical access. For example, I run nmap -sP and can see the router's IP, but all ...
2
votes
2answers
136 views
Does “loose source and record route” drop the source address?
Is the source IPv4 address lost when a person uses "loose source and record route" and the destination address is put before the end of the list of addresses through which routing should occur?
It ...
2
votes
2answers
389 views
do different subnet masks on home network provide any security?
So I have two routers on my home network: one is provided by my ISP, and the other is my private router.
Router A- ISP router: 192.168.1.x
router B- private router: 192.168.2.x
Clients on my ...
0
votes
1answer
156 views
How to conduct a disguised LSA attack against OSPF?
I want to do disguised LSA attacks on OSPF network and be able to more analyze, so I do not know how it works in practice. This is a penetration test.
The attack is described in the address [+]. I ...
1
vote
1answer
102 views
What is the fight-back mechanism in OSPF?
I want to know more about the fight-back security mechanism in OSPF routing protocol.
When is the mechanism activated and how does it work?
I found the source description of OSPF fight-back, but the ...
2
votes
1answer
208 views
Loki How to crack the password hash OSPF?
I have created for myself a lab of routers in GNS3 . Routing protocol between routers is OSPF.
Now,by Loki penetration testing, I found that routers are the feature authentication.
Using wireshark, I ...
6
votes
4answers
3k views
How is Tor secure?
If Tor is open source and thus its process of concealing your IP is known, then how does it keep anything secure? Couldn't someone look at the source code and figure out how to reverse the routing ...
1
vote
1answer
250 views
Any safety with private IP addresses? [duplicate]
Possible Duplicate:
How can someone hack my PC if I am connecting to the internet through NAT?
Private IP addresses (172., 192. etc.) are not routable addresses, and not visible to the ...
1
vote
3answers
262 views
Attaching hotspot to existing network - can it be secured?
I used to work for a company that did wireless hotspots, and this is the challenge that was given to me one day. I don't believe there is a secure solution to it, but it still bugs me for some ...
0
votes
1answer
83 views
linux accept connection based on request [closed]
I don't know if this is even possible...
I have a single static IP and 3 servers connected to the router. 1 server is Ubuntu Linux with an SSH server. 6 or 8 domain names are linked to my 1 static IP. ...
4
votes
3answers
4k views
Is NAT Loopback on my router a security problem?
Some DSL routers prevent NAT loopback. Security is sometimes cited as the reason. Is NAT loopback really a security issue? And if so, how is this exploited?
NAT loopback... where a machine on the LAN ...
2
votes
4answers
342 views
Securing private IP space
As we all know, routers that you buy from the store come preset to hand out IP addresses using DHCP, generally on one of three networks: 10.0.1.1/24, 172.16.0.1/24, and 192.168.1.1/24. I personally ...
0
votes
1answer
117 views
Is there a router that acts as a VPN to get into the network but also sends traffic out through a VPN?
I have several servers that I want to lock down so they're only assessable from inside the network so I need a router that allows me to VPN in. On top of that I want certain ports(22,8022) from my ...
0
votes
1answer
108 views
Tracing The Source Of IDS/IPS Alerts
This may be more of a routing question than a security one but I am asking for the reason of security.
I monitor an IPS on a remote network and there have been high alerts triggered recently that ...
2
votes
3answers
9k views
How to bypass restrictive mac address filtering on home network (not malicious)
Background
A short sketch of my situation before I formulate my question: I am on a large home network, which is privately administered by a couple of admins. The network consists of a lan and a ...
1
vote
2answers
242 views
Wireless LAN router fingerprinting
Does anyone know of a database that lists the range of MAC addresses that are assigned to each particular brand of router? I would like to use this information for fingerprinting.
I know I can find ...
3
votes
2answers
322 views
1 PIX firewall, 2 routers, 2 switches. Please answer a couple questions about hack lab
I bought a bunch of cisco equipment for a project and I got
1 PIX firewall
2 switches
and 2 routers
This is my plan for a topology but I am new at this so I need help.
I am basing this off the ...
14
votes
11answers
10k views
Public DMZ network architecture
Years ago, when I was a student, a network security professor taught me in a class what a DMZ is. The architecture he used in his slides was similar to this one:
Now that I got employed, my boss, a ...
0
votes
3answers
2k views
PING BLOCKING: How to do? How to break?
I can access each page of a site through the browser (firefox). I can also see the ip and port address in firebug, but when I open cmd->ping site ->it says "request timeout".
I also tried traceroute. ...
0
votes
1answer
100 views
Best practice for selective opening of ports on network gateway
Our network is currently isolated from the outside by a Linux box, running iptables and Squid to control web access.
By default we deny all outgoing traffic from all IP's, to force Web traffic ...
4
votes
1answer
2k views
What is packet drop, packet loss and how Packet drop attack works?
I confused with the three terms:
Packet drop.
Packet loss.
Packet drop attack.
I understand Packet drop as the prameter the application (e.g. Skype) allows to drop packets and still keeping ...
1
vote
3answers
121 views
How to reverse the communication for security
I have the following use case - There are two networks - internal network where the application server is deployed and has no internet access and external network that is accessible from internet but ...
4
votes
3answers
2k views
Why do I need a firewall on my router?
I just bought a new router, and as usual the router manufacturer make a big deal out of the firewall.
I have never understood why the firewall is needed, sure, stopping dos attacks (such as ...
5
votes
4answers
1k views
Two SSIDs on same Access point- not good?
If I were to offer two networks (one for trusted users and one to visitors) on one physical access point, is this dangerous because a visitor could compromise the trusted network across via the ...
0
votes
3answers
196 views
How to rewrite config files using SNMP?
I scanned a router and found that the community string is public. The write access is also enabled. Now I want to change the configuration of the router. Can anybody tell me about tools and tutorials ...
2
votes
4answers
533 views
Best way to push data to a client without being blocked by firewall
I'm asking this question here since I think people on this forum
probably have the best knowledge of firewalls and routers.
Say I'm designing a multi-player game and I want to push data to the client ...
1
vote
3answers
689 views
What devices support the permanent addition of an ARP table entry? What tools are available to manage this?
I would like to improve wireless security and certain other on-net security scenarios with a permanent ARP table entry. The idea being that someone on the same subnet or WiFi network will have a more ...
3
votes
4answers
195 views
What does a switched network protect us from? What does it not protect us from?
There seems to be some misconceptions regarding what a switched network will protect us from, and what technologies/precautions a secure environment requires when segmenting trusted users from hostile ...
3
votes
2answers
177 views
Software suggestions on building a “passive” and “active” WAN simulation and fuzzing device?
I want to build a more-or-less self-contained box that I can plug two or more endpoints into (routers, mainly) that will simulate a WAN. I want to be able to mess up traffic in all sorts of ways, both ...
7
votes
3answers
6k views
How to best set up public WiFi without giving access to the rest of my network?
For reference, this is just for my home network. Anyway, I have quite a few of my neighbors ask me to share my internet with them. I'd really like to eliminate this "here's the password" portion ...
0
votes
1answer
799 views
Is OpenVPN secure in this way?
I'm familiar with OpenVPN because my home router has a builtin OpenVPN server.
I would like to use OpenVPN all the time, but how do I deal with situations where I don't own the routers?
ex.: in a ...
4
votes
4answers
475 views
Can the loopback interface be hijacked?
Inspired by this question I came up with this weird idea of making what that user actually wants to prevent. So, bear with me for a little bit:
Let's assume that for some reason we could make the ...
4
votes
8answers
411 views
How can I be sure that an intranet app is absolutely not accessible from the internet?
I am developing an intranet application using Apache/MySQL. The server hosting it does not have a public IP address itself, but can access the internet through a router. There is not any sensitive ...
2
votes
3answers
784 views
Use a Common Firewall for two Different Subnets
I want to implement a security scheme in a new network configuration. There are two buildings for the client:
Office Building 1 (OB1) with address 10.0.0.0 / 255.255.255.0,
Gateway 10.0.0.1 ( ...
5
votes
3answers
368 views
Solaris: IP Spoofing Across Ethernet Ports
Given a Solaris machine with two network interfaces corresponding to the separate ethernet ports in the back.
0: 192.168.0.5/255.255.255.0
1: 192.168.1.5/255.255.255.0
with /etc/defaultrouter set ...
7
votes
2answers
2k views
Strange STP traffic in my network, possible MitM attack?
I live at a student dorm, where we are connected to a student network. The administrators of this network have forgotten to disable STP broadcast on non-infrastructure ports.
Periodically, I lose my ...
2
votes
1answer
401 views
How do Cisco devices identify routers?
Our network administrators forbid the usage of private routers in our college. They bought new Cisco equipment (routers, switches) which detect routers and automatically ban them (it disconnects the ...
