[ale] Any experience w/D-Link wired DSL routers?
John Mills
johnmills at speakeasy.net
Tue Dec 16 09:24:41 EST 2003
bo bo -
Thanks for the note. Good suggestion.
On Mon, 15 Dec 2003, bo bo wrote:
> Have a buddy nmap your router, from the OUTSIDE, and
> then re-post.
>
> Try:
> nmap -v -p 1-65535 192.168.X.X Of course, there are
> other combinations...experiment!
Minor quibble: That would be a scan from INSIDE in my system: not useless,
but probably not the path of a mass-market virus because it would mean you
are working from, or have cracked, localhost. More like a 'friendly fire'
attack (not a negligible risk, but a smaller one for systems that are
effectively single-user).
If you cracked my system on the way in, nothing significant would impede
you on the way out, so cracking the router's firewall seems to add little
value. Please correct me if I'm missing some issues here.
If you have a static external IP (or set up a dynamic connection and tell
the other party your current IP), your suggestion works fine.
OTOH, the Gibson scan as suggested by Pete Hardie will look back into a
dynamic IP, down a dial-up, etc. It's my routine check on firewall setup
for my PPP dial-ups.
'grc.com' expects you to authorize the scan, and I think it has to be
directed back towards the requesting IP. These both match the policy
requirements of many ISPs including mine.
That said, it'll try to get around to a scan 'RealSoonNow'.
- John Mills
john.m.mills at alum.mit.edu
More information about the Ale
mailing list