[SATLUG] OT: Router-related question
demeler at biochem.uthscsa.edu
Wed Feb 10 14:55:10 CST 2010
> Does the above scenario require a directed attack against a specific AP?
> Yes, but given that it is now easier (and safer for the thief) to crack
> your AP's encryption then it is for him to kick in your front door,
> maybe we should all be a bit more paranoid. In my view leaving the
> gateway routers ssh port open, even if only internally and for specific
> IP and MAC, is tantamount to leaving the front door key under the flower
> pot on the front porch. This is especially true if the WIFI AP is on
> the very same router/firewall that the ssh port is open on, a very
> common setup for home gateway routers.
> but hey maybe I am only this paranoid cuz I happen to be studying for my
> security+ exam.
My laptop is on a wired connection, but let's for the sake of argument
assume you manage to pull a DHCP address on my wifi network, you would
still need a password to get into my computer, router and my personal info,
just as you would for any other of the millions of computers connected
to the network with ssh. And even if you manage to bypass security on
my router, how is that going to give you access to my laptop? You might
be able to mess with my network (which I'll figure out immediately),
but its another story altogether to break into my computer. Seems like
a lot of effort for little return.
BTW, I have had ssh open to the outside since forever, blocking script
kiddies and being half-way reasonable about what IPs I allow in, I
NEVER had a problem. Of course, absence of evidence is not evidence of
absence...but the more you block your computer the less functional it
becomes, and I like to actually use my computer. If you are paranoid
over data loss, encrypt your info and back it up off-line.
PS. my computer runs linux, so security is acceptable.
PPS. Good luck with the exam :-)
More information about the SATLUG