Re: getting routes from internet facing routers



Hi Martin,

Attacker can get the routing info by exploiting routing protocol in
use or the router itself. Routers run on OS which can have security
vulnerability, which is not patched. This can be exploited to get
access and modify the config to the attackers benefit. Like he may
change routing table so that the traffic passed through his network or
get info on the internal network for further penetration. Such things
are possible only when proper ACLs is not in place or if they are
misconfigured.

Regards,

On Wed, Jul 22, 2009 at 1:23 AM, martin <martiniscool@xxxxxxxxx> wrote:

Hi Shreyas

Thanks for the reply - but that's not what I'm after !  I'm not trying to block these thing, I'm trying to figure out how attackers get routing tables from routers. Do they use ICMP ?  Or how is it done ?

Thanks !
M



On 21 Jul 2009, at 18:55, Shreyas Zare <shreyas@xxxxxxxxxxxxxx> wrote:

Hi,

Just have a proper ACL on the router, it will do the job. Also, many
routing protocols support authentication. So that can provide some
security though.

Regards,

On Tue, Jul 21, 2009 at 12:47 PM, martin <martiniscool@xxxxxxxxx> wrote:

Thanks for the reply Chris.  Having re-read my original e-mail I see I
woreded it really badly :-(  The part from my original mail I'm
actually interested in is this line:

I've also heard that it's possible to get routes from a router/firewall facing the public domain without having to login to it

In other words, that potential hackers can start to build a diagram of
my network by sending crafted packets to my internet facing router and
seeing what private IP routes (ie 10.0.0.0, 192.168 etc etc) routes
lie inside.

I've googled this and found nothing.  Do you (or anybody else) have
any ideas how to get these routes out when you don't have access to
the router ?  Is it by using ICMP ?

Also, is it possible to "extract" routes from an internet facing
router regardless of what routing protocol it's running, or even if
it's running just static routing ?

Hope I've explained myself better this time ?

M

2009/7/21 Chris <cweindel@xxxxxxxxx>:

If you're routing with BGP, you can filter it by blocking port 179.  all
ICMP does it block those types of packets - it won't help you block
advertised routes.

of course, the ultimate externally facing router is in front of a firewall /
in a DMZ...

C

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------




--
("If at first you don't succeed; call it version 1.0")

Shreyas Zare
Co-Founder, Technitium
eMail: shreyas@xxxxxxxxxxxxxx

..::< The Technitium Team >::..
Visit us at www.technitium.com
Contact us at theteam@xxxxxxxxxxxxxx

Join Sci-Tech News group and get the latest science & technology news
in your inbox. Visit http://tech.groups.yahoo.com/group/sci-tech-news
to join.

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------




--
("If at first you don't succeed; call it version 1.0")

Shreyas Zare
Co-Founder, Technitium
eMail: shreyas@xxxxxxxxxxxxxx

..::< The Technitium Team >::..
Visit us at www.technitium.com
Contact us at theteam@xxxxxxxxxxxxxx

Join Sci-Tech News group and get the latest science & technology news
in your inbox. Visit http://tech.groups.yahoo.com/group/sci-tech-news
to join.

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------



Relevant Pages

  • Re: Confusing Route issue.
    ... It seems you have indeed isolated the issue to an XP routing issue. ... The best workaround I can suggest is removing the static routes from all the ... create static routes on the corporate router to the other ... They are opening and saving CAD files from our customer. ...
    (microsoft.public.windowsxp.network_web)
  • Re: Server 2003 RRAS Routing
    ... You simply enable IP routing in RRAS. ... That just enables the router. ... how do I enable Internet routing through RRAS? ... However, when any user attempts to connect to the VPN, they only get routes for the subnet local to the RRAS server. ...
    (microsoft.public.windows.server.networking)
  • Re: Two Routers VPN Community Wireless
    ... The routing table is standard with the primary gateway at 192.168.12.138. ... I think I have a understanding of how routes work from the PC but combine ... tables in the Router even come into play when the VPN tunnel is established? ... If it would help I can bring the actual routing table in tomorrow from home. ...
    (microsoft.public.windowsxp.network_web)
  • Re: Q: multi-homed server with multiple default routers
    ... Instead only the destination address and routing table are used ... >> to determine the interface and hardware destination. ... to add a permanent route other than adding a default router. ... It is also a method to add one or more permanent routes that are not ...
    (comp.unix.solaris)
  • Re: getting routes from internet facing routers
    ... Just have a proper ACL on the router, ... routing protocols support authentication. ... seeing what private IP routes ... Securing Apache Web Server with thawte Digital Certificate ...
    (Security-Basics)