Penetration Testing mailing list archives
Re: Router Access
From: Michael J McCafferty <mike () m5computersecurity com>
Date: Wed, 1 Jun 2005 16:44:36 -0700
Since you said Linksys, I am gonna make the assumption that this is a small site, using that linksys as the "firewall" as well as router. I'll also assume that there are no other firewalls and no DMZ. You also didn't specify if you meant physical access or login access to the router. The 0wner of the router could: 1) Establish a VPN with an unauthorized remote site 2) Set up port forwarding to a host inside. Essentially just put a host on the Internet. 3) Just generally screw it up. Default the config, change the config. 4) Change the password so the admin can't get in to it (also wont' discover the config change). 5) I hear that people are putting Linux on Linksys routers. Maybe they could do that. Quoting Sherwyn Williams <sherwill22 () tmail com>:
This might be a dumb question but here goes! once someone gets access to a say linksys for instance apart from setting up remote access to the router, or getting the clients real ipaddress, what else can someone do. I am doing a pentest, and I want to show what are some of the ways that someone can use the router acess to the advantage. Sherwyn Williams Technical Consultant (917) 650-5139 Sherwill22 () tmail com
-- ************************************************************ Michael J. McCafferty Principal, Security Engineer M5 Hosting 858-576-7325 Voice http://www.m5hosting.com ************************************************************ ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program.
Current thread:
- Router Access Sherwyn Williams (Jun 01)
- Re: Router Access Michael J McCafferty (Jun 02)
- Re: Router Access Matt (Jun 02)
- Lan access via wifi Sherwyn Williams (Jun 06)
- Re: Lan access via wifi Jose Selvi (Jun 06)
- Message not available
- Message not available
- Message not available
- Re: Lan access via wifi Sherwyn Williams (Jun 06)
- Re: Lan access via wifi Peter Van Epp (Jun 06)
- Re: Lan access via wifi Sherwyn Williams (Jun 07)
- Re: Lan access via wifi DokFLeed (Jun 07)
- Lan access via wifi Sherwyn Williams (Jun 06)