[ale] Any experience w/D-Link wired DSL routers?

John Mills johnmills at speakeasy.net
Tue Dec 16 09:24:41 EST 2003


bo bo -

Thanks for the note. Good suggestion.

On Mon, 15 Dec 2003, bo bo wrote:

> Have a buddy nmap your router, from the OUTSIDE, and
> then re-post.
> 
> Try:
> nmap -v -p 1-65535 192.168.X.X  Of course, there are
> other combinations...experiment!

Minor quibble: That would be a scan from INSIDE in my system: not useless,
but probably not the path of a mass-market virus because it would mean you
are working from, or have cracked, localhost. More like a 'friendly fire'
attack (not a negligible risk, but a smaller one for systems that are
effectively single-user).

If you cracked my system on the way in, nothing significant would impede
you on the way out, so cracking the router's firewall seems to add little
value. Please correct me if I'm missing some issues here.

If you have a static external IP (or set up a dynamic connection and tell
the other party your current IP), your suggestion works fine.

OTOH, the Gibson scan as suggested by Pete Hardie will look back into a 
dynamic IP, down a dial-up, etc. It's my routine check on firewall setup 
for my PPP dial-ups.

'grc.com' expects you to authorize the scan, and I think it has to be 
directed back towards the requesting IP. These both match the policy 
requirements of many ISPs including mine.

That said, it'll try to get around to a scan 'RealSoonNow'.

 - John Mills
   john.m.mills at alum.mit.edu



More information about the Ale mailing list