[SATLUG] OT: Router-related question

redpill toddwbucy at grandecom.net
Wed Feb 10 16:15:28 CST 2010


On Wed, 2010-02-10 at 14:55 -0600, Borries Demeler wrote: 
> > 
> > Does the above scenario require a directed attack against a specific AP?
> > Yes, but given that it is now easier (and safer for the thief) to crack
> > your AP's encryption then it is for him to kick in your front door,
> > maybe we should all be a bit more paranoid.  In my view leaving the
> > gateway routers ssh port open, even if only internally and for specific
> > IP and MAC, is tantamount to leaving the front door key under the flower
> > pot on the front porch.  This is especially true if the WIFI AP is on
> > the very same router/firewall that the ssh port is open on, a very
> > common setup for home gateway routers.
> > 
> > but hey maybe I am only this paranoid cuz I happen to be studying for my
> > security+ exam.
> > 
> > regards
> > Todd
> 
> My laptop is on a wired connection, but let's for the sake of argument
> assume you manage to pull a DHCP address on my wifi network, 

Once your on the network you don't need to get to your laptop or any
other host.  Just wait for someone to access a bank account. 
> you would
> still need a password to get into my computer, router and my personal info,
> just as you would for any other of the millions of computers connected
> to the network with ssh. And even if you manage to bypass security on
> my router, how is that going to give you access to my laptop? You might
> be able to mess with my network (which I'll figure out immediately),
> but its another story altogether to break into my computer. Seems like
> a lot of effort for little return.
> 
> BTW, I have had ssh open to the outside since forever, blocking script
> kiddies and being half-way reasonable about what IPs I allow in, I
> NEVER had a problem.  
famous last words... the sort of attack i described would be relatively
easy to hide as once in, as it only requires monitoring.

> Of course, absence of evidence is not evidence of
> absence...but the more you block your computer the less functional it
> becomes, and I like to actually use my computer. If you are paranoid
> over data loss, encrypt your info and back it up off-line.
> 
true dat security is always a balancing act.  I just recommend that one
seriously consider opening up ports.  especially ssh ports to the
gateway router.  I personally only open that particular port up when I
know that I am going to be working on my system from the outside. 
> PS. my computer runs linux, so security is acceptable.
I love Linux just as much as the next lugger but I do not automatically
assume that its secure just because its Linux.  Security is a practice
not an operating system.

Todd



More information about the SATLUG mailing list