Security Basics mailing list archives
Re: getting routes from internet facing routers
From: Shreyas Zare <shreyas () technitium com>
Date: Wed, 22 Jul 2009 21:44:10 +0530
Hi Martin, Attacker can get the routing info by exploiting routing protocol in use or the router itself. Routers run on OS which can have security vulnerability, which is not patched. This can be exploited to get access and modify the config to the attackers benefit. Like he may change routing table so that the traffic passed through his network or get info on the internal network for further penetration. Such things are possible only when proper ACLs is not in place or if they are misconfigured. Regards, On Wed, Jul 22, 2009 at 1:23 AM, martin <martiniscool () gmail com> wrote:
Hi Shreyas Thanks for the reply - but that's not what I'm after ! I'm not trying to block these thing, I'm trying to figure out how attackers get routing tables from routers. Do they use ICMP ? Or how is it done ? Thanks ! M On 21 Jul 2009, at 18:55, Shreyas Zare <shreyas () technitium com> wrote:Hi, Just have a proper ACL on the router, it will do the job. Also, many routing protocols support authentication. So that can provide some security though. Regards, On Tue, Jul 21, 2009 at 12:47 PM, martin <martiniscool () gmail com> wrote:Thanks for the reply Chris. Having re-read my original e-mail I see I woreded it really badly :-( The part from my original mail I'm actually interested in is this line:I've also heard that it's possible to get routes from a router/firewall facing the public domain without having to login to itIn other words, that potential hackers can start to build a diagram of my network by sending crafted packets to my internet facing router and seeing what private IP routes (ie 10.0.0.0, 192.168 etc etc) routes lie inside. I've googled this and found nothing. Do you (or anybody else) have any ideas how to get these routes out when you don't have access to the router ? Is it by using ICMP ? Also, is it possible to "extract" routes from an internet facing router regardless of what routing protocol it's running, or even if it's running just static routing ? Hope I've explained myself better this time ? M 2009/7/21 Chris <cweindel () gmail com>:If you're routing with BGP, you can filter it by blocking port 179. all ICMP does it block those types of packets - it won't help you block advertised routes. of course, the ultimate externally facing router is in front of a firewall / in a DMZ... C------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 -------------------------------------------------------------------------- ("If at first you don't succeed; call it version 1.0") Shreyas Zare Co-Founder, Technitium eMail: shreyas () technitium com ..::< The Technitium Team >::.. Visit us at www.technitium.com Contact us at theteam () technitium com Join Sci-Tech News group and get the latest science & technology news in your inbox. Visit http://tech.groups.yahoo.com/group/sci-tech-news to join.------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
-- ("If at first you don't succeed; call it version 1.0") Shreyas Zare Co-Founder, Technitium eMail: shreyas () technitium com ..::< The Technitium Team >::.. Visit us at www.technitium.com Contact us at theteam () technitium com Join Sci-Tech News group and get the latest science & technology news in your inbox. Visit http://tech.groups.yahoo.com/group/sci-tech-news to join. ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- getting routes from internet facing routers martin (Jul 20)
- Message not available
- Re: getting routes from internet facing routers martin (Jul 21)
- Re: getting routes from internet facing routers Shreyas Zare (Jul 21)
- Re: getting routes from internet facing routers martin (Jul 22)
- Re: getting routes from internet facing routers Jeffrey Walton (Jul 22)
- Re: getting routes from internet facing routers Shreyas Zare (Jul 22)
- Re: getting routes from internet facing routers martin (Jul 21)
- Message not available
- Message not available
- Message not available
- Message not available
- getting routes from internet facing routers martin (Jul 27)
- <Possible follow-ups>
- Re: Re: getting routes from internet facing routers stcroix111 (Jul 27)