Home > IT Answers > Security > LAN vulnerability behind a Router – with firewall – connected to the Ineternet (Through an Open Port!)
ToneEzeeJ
0 pts.
 LAN vulnerability behind a Router – with firewall – connected to the Ineternet (Through an Open Port!)
Access control, Browsers, Cabling, filtering, Firewalls, Forensics, Hardware, Hubs, Incident response, Intrusion management, Network security, Networking, Remote management, Routers, Security, Servers, SSL/TLS, Switches, VPN, Web security, Wireless
Hi, I would just like some reassurance: I have a Router on my LAN that connects all host PCs to each other and the internet. Qu: How exposed is my LAN behaind the Router that has a port open for internet access (and in future anther for remote desktop terminal connection) would a port scanner see my router and its open port? Or is it only hosts I connect to that become aware of my IP Address and open port?

Software/Hardware used:
ASKED: May 9, 2006  7:28 AM
UPDATED: May 24, 2006  10:53 PM
RELATED QUESTIONS
Answer Wiki:
I can't answer the question but I'm definately curious about how someone would go about exploiting a vulnerability within a LAN sitting behind a router running NAT/NAPT...where would you start? Routing Tables? Hacking the modem? I have 1 XP SP2 Machine running providing PPTP VPN connections and a Webcam Security System (webcamxp) Forwarded Ports 1723,gre,7 for the VPN and just 81 Webcamxp plus 82 if I needed sound....but my mic is broken. If I run a Security Scan on my host name (myhostname.dyndns.org) using LAN Guard Network Security Scanner with NAT/NAPT forwarding ports to 10.0.0.*** (XPBOX) the scanner doesnt find any computers or return any results.... BUT if I stick my XPBOX into a DMZ (aka Default NAPT - on a Speedtouch 530) and run a scan from the outside I can see all my open ports 1723-XPVPN -81 WebcamXP -80 Apache aswell as a list of all possible exploits.... So having NAT/NAPT enabled is definately good but how would one go about gaining access to the LAN....would remote administration have to be turned on for someone to change modem settings??? The only way I can see someone gaining access is by attacking webcamxp there are vulnerabilities in the sanitisation of chat text and cross site scripting e.g. http://myhostname.dyndns.org:81/chevron-script-chevron-alert('alert')-chevron-/script-chevron- Although these vulnerabilities appear to now be patched.....what other options would one have?? PTPP VPN Hacking.....is possible but I'm using MS-CHAPV2 which is pretty hard to crack....MS-CHAPV1 is supposedly fairly easy but still difficult to pull off.... HOW SECURE AM I?
Last Wiki Answer Submitted:  May 24, 2006  12:12 am  by  Ladrick   0 pts.
All Answer Wiki Contributors:  Ladrick   0 pts.
To see all answers submitted to the Answer Wiki: View Answer History.


RSS - Discussions Help
Discuss This Question:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

 

Sounds like you have a router/firewall. How secure you may be depends on the strength and type of access allowed. Port 80 allows web traffic both ways. If it is open and filtered, then you have more protection than if it is just open. Even then, one visit to a malicious web site and it may be all over, because then your network may be breached by something loaded by the web site.

You need to take a look at what you have, what you want, and what you can afford. While I have a router/firewall here at home, I also use software firewalls on all the machines here. At my office, we have a seperate firewall. Most of the clients I work with have seperate firewalls, but some have a router/firewall, albeit better ones than I have here. On thoswe with weaker equipment, I’ll also at least add the free Zone Alarm software firewall to the workstations.

Steve//

Stevesz
 2,015 pts.