[SATLUG] OT: Router-related question

redpill toddwbucy at grandecom.net
Wed Feb 10 11:06:13 CST 2010


On Wed, 2010-02-10 at 10:50 -0600, Borries Demeler wrote: 
> > 
> > On Wed, 2010-02-10 at 10:21 -0600, Borries Demeler wrote: 
> > > > one more thing...are you sure you want other people to remotely run
> > > > arbitrary scripts on your gateway router?
> > > > Todd
> > > 
> > > You can control which IP is allowed to do it, for example, only allow
> > > ssh connections from the private side, then it wouldn't be just anyone.
> > > 
> > > -b.
> > sure you can and IP addresses can be spoofed.  I'm just saying that one
> > should really consider the risks of opening up remote access and control
> > of their home gateway router as it often doubles as their primary
> > firewall.  
> 
> How do you spoof a private (192.168.x.x, 10.x.x.x) address on a public network? I thought
> they were never routed.
> 
> -b.
In this case you wouldn't have to.  He said that the script would be run
from his wife's laptop.  One could assume that means via wifi. Crack the
wifi encryption (lets hope he's not using WEP) spoof the ip and your in.

Todd



More information about the SATLUG mailing list