Re: getting routes from internet facing routers

[Shreyas Zare <shreyas () technitium com>]

Hi Martin,

Attacker can get the routing info by exploiting routing protocol in
use or the router itself. Routers run on OS which can have security
vulnerability, which is not patched. This can be exploited to get
access and modify the config to the attackers benefit. Like he may
change routing table so that the traffic passed through his network or
get info on the internal network for further penetration. Such things
are possible only when proper ACLs is not in place or if they are
misconfigured.

Regards,

On Wed, Jul 22, 2009 at 1:23 AM, martin <martiniscool () gmail com> wrote:
> Hi Shreyas
>
> Thanks for the reply - but that's not what I'm after !  I'm not trying to block these thing, I'm trying to figure out 
> how attackers get routing tables from routers. Do they use ICMP ?  Or how is it done ?
>
> Thanks !
> M
>
>
>
> On 21 Jul 2009, at 18:55, Shreyas Zare <shreyas () technitium com> wrote:
>
> > Hi,
> >
> > Just have a proper ACL on the router, it will do the job. Also, many
> > routing protocols support authentication. So that can provide some
> > security though.
> >
> > Regards,
> >
> > On Tue, Jul 21, 2009 at 12:47 PM, martin <martiniscool () gmail com> wrote:
> > > Thanks for the reply Chris.  Having re-read my original e-mail I see I
> > > woreded it really badly :-(  The part from my original mail I'm
> > > actually interested in is this line:
> > >
> > > > > I've also heard that it's possible to get routes from a router/firewall facing the public domain without having 
> > > > > to login to it
> > >
> > > In other words, that potential hackers can start to build a diagram of
> > > my network by sending crafted packets to my internet facing router and
> > > seeing what private IP routes (ie 10.0.0.0, 192.168 etc etc) routes
> > > lie inside.
> > >
> > > I've googled this and found nothing.  Do you (or anybody else) have
> > > any ideas how to get these routes out when you don't have access to
> > > the router ?  Is it by using ICMP ?
> > >
> > > Also, is it possible to "extract" routes from an internet facing
> > > router regardless of what routing protocol it's running, or even if
> > > it's running just static routing ?
> > >
> > > Hope I've explained myself better this time ?
> > >
> > > M
> > >
> > > 2009/7/21 Chris <cweindel () gmail com>:
> > > > If you're routing with BGP, you can filter it by blocking port 179.  all
> > > > ICMP does it block those types of packets - it won't help you block
> > > > advertised routes.
> > > >
> > > > of course, the ultimate externally facing router is in front of a firewall /
> > > > in a DMZ...
> > > >
> > > > C
> > >
> > > ------------------------------------------------------------------------
> > > Securing Apache Web Server with thawte Digital Certificate
> > > In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, 
> > > how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, 
> > > purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for 
> > > set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital 
> > > certificates.
> > >
> > > http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
> > > ------------------------------------------------------------------------
> >
> >
> >
> > --
> > ("If at first you don't succeed; call it version 1.0")
> >
> > Shreyas Zare
> > Co-Founder, Technitium
> > eMail: shreyas () technitium com
> >
> > ..::< The Technitium Team >::..
> > Visit us at www.technitium.com
> > Contact us at theteam () technitium com
> >
> > Join Sci-Tech News group and get the latest science & technology news
> > in your inbox. Visit http://tech.groups.yahoo.com/group/sci-tech-news
> > to join.
>
> ------------------------------------------------------------------------
> Securing Apache Web Server with thawte Digital Certificate
> In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, 
> how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, 
> purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for 
> set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital 
> certificates.
>
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
> ------------------------------------------------------------------------



--
("If at first you don't succeed; call it version 1.0")

Shreyas Zare
Co-Founder, Technitium
eMail: shreyas () technitium com

..::< The Technitium Team >::..
Visit us at www.technitium.com
Contact us at theteam () technitium com

Join Sci-Tech News group and get the latest science & technology news
in your inbox. Visit http://tech.groups.yahoo.com/group/sci-tech-news
to join.

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------