Re: [BUGTRAQ] RE: hacking the mitsubishi GB-50A
- From: Joe <joe@xxxxxxxxxxx>
- Date: Mon, 24 Mar 2008 11:54:49 -0700 (PDT)
On Mon, 24 Mar 2008, James C. Slora Jr. wrote:
If you read your own post you would realize that Mitsubishi
kept the device ipaddress prefix as 192.168.1 so only you
can attack yourself.
192.168 cannot be access from the internet ;-)
[unless you NAT at which point its your NAT config problem]
Wow, I'm glad to hear that machines with private addresses can't be
attacked unless NAT is misconfigured. I'm also glad that we only have to
worry about attacks coming directly from the Internet, and that our LANs
are as safe as ever.
A security "problem" that is only a problem if security =elsewhere= has been breached... is not a problem in and of itself. The breach of your LAN is the problem.
If the device can only be attacked locally then it's really a non-issue. This is why securing your LAN is of paramount importance - because once they cross your DMZ there is no end to the number of ways you're screwed.
--
Joe Harris Administrator - Unix Systems
Avvanta, Inc Security Officer Abuse Contact
(425) 818-9900 Hostmaster (DNS Administration)
(888) 662-5274 http://www.avvanta.com/
- References:
- hacking the mitsubishi GB-50A
- From: Chris Withers
- RE: hacking the mitsubishi GB-50A
- From: Desai, Ashish
- RE: hacking the mitsubishi GB-50A
- From: James C. Slora Jr.
- hacking the mitsubishi GB-50A
- Prev by Date: Re: hacking the mitsubishi GB-50A
- Next by Date: [SECURITY] [DSA 1530-1] New cupsys packages fix multiple vulnerabilities
- Previous by thread: Re: hacking the mitsubishi GB-50A
- Next by thread: Re: hacking the mitsubishi GB-50A
- Index(es):
Relevant Pages
- RE: hacking the mitsubishi GB-50A
... kept the device ipaddress prefix as 192.168.1 so only you ... can attack
yourself. ... [unless you NAT at which point its your NAT config problem] ... I'll
stop worrying about securing Intranet devices and applications, ... (Bugtraq) - Re: Just want to keep the crap out!!
... hardware NAT. ... My browser uses outgoing port 1045 to connect to yahoo:80.
... Someone would have to target that 1045 port while i'm using it. ... to slip
into the open stream and execute some man-in-the middle attack ... (comp.security.firewalls) - Re: firewall needed?
... It's difficult but not impossible to attack a NAT router. ... ocx, vbx,
etc, etc to access the Internet. ... (comp.security.firewalls) - Re: Just want to keep the crap out!!
... My Tiny Firewall 2.0.13. ... cheap hardware solution. ... this
is not a NAT attack... ... It's an attack against which NAT - even if it ...
(comp.security.firewalls) - Re: Are you protected by NAT?
... if youre talking bi-directional NAT then NAT on its own doesnt provide ... >an
effective security solution at all. ... Scripting is UNINSTALLED on all systems,
... >for a directed broadcast attack, or a smurf attack - both of which NAT would ...
(comp.security.firewalls)
