Re: Linux vs LinkSys 4 port Cable router
From: Richard (webmin@nospam.richardwarwick.org)Date: 10/13/02
- Next message: Justin Tandy: "Re: Advice on IP addressing for network using Firebrick or similar"
- Previous message: David: "Re: Linux vs LinkSys 4 port Cable router"
- In reply to: Sony Antony: "Re: Linux vs LinkSys 4 port Cable router"
- Next in thread: Leythos: "Re: Linux vs LinkSys 4 port Cable router"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Richard" <webmin@nospam.richardwarwick.org> Date: Sun, 13 Oct 2002 14:54:59 -0400
Sony,
Yeah, I looked around. It's actually the Network Everywhere NR041...what
they call product support
is a joke.
It says it supports logging, but that's it.
Anyway, I'd go through the web config with a fine tooth comb and see if you
can find that IP address (239.255.255.250) anywhere.
As far as SNMP logging is concerned, who knows. I use IPtables
myself...Then again I have 10+ years experience implementing and managing
Unix boxen so that's where I feel most comfortable.
As an aside, as far as the NR041 is concerned, TANSTAAFL. You get what you
pay for....
I wish I could be more helpful Perhaps some of the other folks here can
shed some light on this particular router.
Sorry...
"Sony Antony" <sonyantony@hotmail.com> wrote in message
news:3eb007f1.0210131024.3adeacbb@posting.google.com...
> "Richard" <webmin@nospam.richardwarwick.org> wrote in message
news:<3da92b84$1@news.microsoft.com>...
> > Sony,
> >
> > Just out of curiousity, which Linksys 4 port Cable Router are you
talking
> > about?
> > I just looked at the User's guide for the BEFS41 (version 2)
>
> Thanks a lot for taking the effort for me.
>
> The one I use is NR041 ( Cable/DSL 4 port router ). It usually costs
> around 45 $. Bestbuy had a mail rebate after which I got it for 29.99.
> So far it has been impressive.
> Its user guide makes no mention of SNMP. It s possible that it doesn t
> even have this capability. ( Other posters were probably mentioning
> about SNMP capabilities of their higher end routers - on account of me
> not specifying the model number )
>
> and it made no
> > mention of SNMP
> > It does talk about logging to a PC,
>
> But by what means other than SNMP can it log to the PC. It will be
> strange if it uses a full fledged TCP connection for this.
>
>
>
>
> > > Talking about the hack: Is the vulnerability capable of completely
> > > controlling the router ( even capable of reconfiguring the ports I
> > > closed ). Or is it just about the logging. In other words is the only
> > > capability I have will be to specify a machine name to send the
> > > logfiles to. ( So if somebody sets this from the external interface
> > > with some victims IP address, victim will be flooded with my log
> > > details as UDP packets )
> >
> > Hack? Vulnerability? I'm not sure what you're referring to.
>
> When I posted my question about the quality of this router, somebody
> pointed out about a vulnerability of linksys router ( Now I wonder if
> that applies to mine since it migght not have SNMP capability )
> http://online.securityfocus.com/bid/3795
> http://lists.bikkel.org/archive/whitehat/Week-of-Mon-20020107/001319.html
>
>
> > According to the documentation (which you should read rather than asking
me.
>
> Which I read. ( I know a little bit about SNMP 1 ) ( Mainly from
> Richard Stevens UNP book )
>
>
>
> >
> > I strongly recommend that your actually read the documentation and test
the
> > configurations you're talking about before asking questions which are
> > clearly documented.
> >
> > Otherwise, some might get the idea you're trolling for information with
> > which to hack these boxes.
>
> Hmm that will be unfortunate. The documentation ( User's guide ) is
> very basic. Obviously it never talked about its own shortcomings. So I
> wanted to be sure before I throw away my linux based firewall/router.
>
> It also doesn t talk about any of its SNMP capabilities. From the
> responses of others, I thought maybe it has some undocumented SNMP
> capabilities. ( Now I think they were mostly talking about some other
> model )
> Actually I already replaced my old pentium linux router with linksys
> router. Soon I ll find out if this was a good decesion.
>
> BY the way yesterday I was looking at my network traffic and I found
> that in all internal linux machines I m getting exactly the following
> traffic in every 30 seconds. Do you have any clue what this is.
> 192.168.1.254 is my new linksys router. Initially I thought this was
> somebody trying to scan my network. But then I saw this coming even
> when I removed the external internet connection.
>
> 04:29:06.149527 192.168.1.254.1900 > 239.255.255.250.1900: udp 280
> 04:29:06.153672 192.168.1.254.1900 > 239.255.255.250.1900: udp 336
> 04:29:06.157066 192.168.1.254.1900 > 239.255.255.250.1900: udp 264
> 04:29:06.160646 192.168.1.254.1900 > 239.255.255.250.1900: udp 256
> 04:29:06.164449 192.168.1.254.1900 > 239.255.255.250.1900: udp 300
> 04:29:06.168670 192.168.1.254.1900 > 239.255.255.250.1900: udp 276
> 04:29:06.172759 192.168.1.254.1900 > 239.255.255.250.1900: udp 330
> 04:29:06.177191 192.168.1.254.1900 > 239.255.255.250.1900: udp 328
> 04:29:06.181663 192.168.1.254.1900 > 239.255.255.250.1900: udp 332
> 04:29:06.186890 192.168.1.254.1900 > 239.255.255.250.1900: udp 324
>
>
>
>
>
>
>
> --sony
- Next message: Justin Tandy: "Re: Advice on IP addressing for network using Firebrick or similar"
- Previous message: David: "Re: Linux vs LinkSys 4 port Cable router"
- In reply to: Sony Antony: "Re: Linux vs LinkSys 4 port Cable router"
- Next in thread: Leythos: "Re: Linux vs LinkSys 4 port Cable router"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
