News Ultimarc Emu Loader Programming MAME Artwork progetto-SNAPS MAMEUI HBMAME EmuChat Hardware The Loony Bin MAME Artwork X

Entrance | Main Index | Search | New user | Login | Who's Online | FAQ | Rules

MAMEWorld >> The Loony Bin Index   Threaded

Pages: 1 URherenow Reged: 09/21/03 Posts: 4260 Loc: Japan Send PM Firewall security question #330413 - 08/23/14 03:02 AM Reply Ok, so I live in a place where I'm not too worried about anybody close enough to pick up my wireless signal being both smart and malicious enough to tap into my network with my routers configured for MAC filtering (and after more than a couple of years, I've never seen an unknown device connected) Some of my devices have trouble streaming from my computer, and SEP seems to not like port scans from my HP printer so it breaks my scan from network function. I would never do this in a work/business environment, but what are your opinions on setting my top firewall rule to allow all IP traffic on all ports and protocols to ALLOW for my entire local subnet range? Just broke my personal record for number of consecutive days without dying! Vas Crabb BOFH Reged: 12/13/05 Posts: 4465 Loc: Melbourne, Australia Send PM Re: Firewall security question [Re: URherenow] #330428 - 08/23/14 05:29 AM Reply > Ok, so I live in a place where I'm not too worried about anybody close enough to pick > up my wireless signal being both smart and malicious enough to tap into my network > with my routers configured for MAC filtering (and after more than a couple of years, > I've never seen an unknown device connected) MAC address filtering requires the unauthorised user to use MAC address spoofing (trivial to do). MAC address spoofing has the added benefit (for the attacker) of not showing up as an unknown device. You'd need to spot them by traffic analysis. > Some of my devices have trouble streaming from my computer, and SEP seems to not like > port scans from my HP printer so it breaks my scan from network function. > > I would never do this in a work/business environment, but what are your opinions on > setting my top firewall rule to allow all IP traffic on all ports and protocols to > ALLOW for my entire local subnet range? It's pretty common to do that in a business environment anyway. If there are malicious devices on your LAN you're fucked anyway. Also, firewalls aren't a particularly great line of defence. For an unexpected port to be opened, there must be malicious software running on your machine. Ergo, you're fucked already. Sune Connected Reged: 09/21/03 Posts: 5648 Loc: Lagoa Santa, Brasil Send PM Re: Firewall security question [Re: Vas Crabb] #330433 - 08/23/14 06:40 AM Attachment: MAC address.PNG 39 KB (0 downloads) Reply > > Ok, so I live in a place where I'm not too worried about anybody close enough to pick > > up my wireless signal being both smart and malicious enough to tap into my network > > with my routers configured for MAC filtering The MAC addresses of your wireless devices are broadcasted unencrypted and they are easy to pick up for someone with the right tools. > MAC address filtering requires the unauthorised user to use MAC address spoofing > (trivial to do). MAC address spoofing has the added benefit (for the attacker) of not > showing up as an unknown device. Just to show how easy it is: [ATTACHED IMAGE] URherenow Reged: 09/21/03 Posts: 4260 Loc: Japan Send PM Re: Firewall security question [Re: Sune] #330442 - 08/23/14 09:00 AM Reply I live on base. On the 7th floor of a housing tower on base. I have no worries of anybody within reach of my network having any kind of knowledge on the matter, let alone the tools... I'm just wondering if such a rule would open me up *more* to outside (internet side) hackers somehow... Just broke my personal record for number of consecutive days without dying! Vas Crabb BOFH Reged: 12/13/05 Posts: 4465 Loc: Melbourne, Australia Send PM Re: Firewall security question [Re: URherenow] #330443 - 08/23/14 09:11 AM Reply > I live on base. On the 7th floor of a housing tower on base. I have no worries of > anybody within reach of my network having any kind of knowledge on the matter, let > alone the tools... Anyone can be a script kiddy - don't need to understand anything to use an attack kit. Traso MAME Fan Reged: 01/15/13 Posts: 2687 Send PM Re: Firewall security question [Re: Vas Crabb] #330471 - 08/23/14 08:48 PM Reply > > I live on base. On the 7th floor of a housing tower on base. I have no worries of anybody within reach of my network having any kind of knowledge on the matter, let alone the tools... > Anyone can be a script kiddy - don't need to understand anything to use an attack kit. Anyone [could] be a script kiddie. Always: how paranoid do you want to be? If you're worried about it, don't ask here. Research it, see what you need to do, and what you want to put your time into doing. Scifi frauds. SF illuminates. _________________ Culture General Contact Unit (Eccentric) lharms MAME Fan Reged: 01/07/06 Posts: 908 Send PM Re: Firewall security question [Re: Traso] #330475 - 08/23/14 10:38 PM Reply > > > I live on base. On the 7th floor of a housing tower on base. I have no worries of > anybody within reach of my network having any kind of knowledge on the matter, let > alone the tools... You may want to ask around they may have rules one what you have to do anyway. Military installations are a bit more strict on what you can/cant do. They may require you to do it anyway even though there isnt another computer within 20 miles. > > > > Anyone can be a script kiddy - don't need to understand anything to use an attack > kit. > > > Anyone [could] be a script kiddie. Always: how paranoid do you want to be? If you're > worried about it, don't ask here. Research it, see what you need to do, and what you > want to put your time into doing. Why *not* set it up? Seriously. It is trivial to setup. Pick a passphrase from your favorite movie as the password write it as a sticky note on top of the router if you are afraid you will forget it. You are spending more time NOT setting it up than setting it up. When I first setup my network there was maybe 1 other wirelese network in the whole neighborhood. Now there are at least 30 that I can see from the comfort of my couch. 3 are wep and 2 unencrypted at least the rest are wpa2. Its not like the houses are close to each other either. I can see more if I go upstairs. Do a network scan and see if there are any others hanging out there. The built in windows one usually stinks in doing that. Get something like inssider or one of the many open source ones. However, if you are dead set on doing what he is talking about set the thing up as a router/bridge and not a nat device (which is the default). Most of them let you do that. It really depends on the wireless router you bought. Usually it will be something like 'firewall off' or 'nat off' or both. If you do not care about the firewall it is easy enough to turn off in windows. Linux you just turn off the service and set it to not start up again. Just remember you will want some sort of firewall upstream if you plug it into the internet. You will also need real IP's for the real internet not something most isp's will come off these days unless you are talking ipv6 then they dont mind giving you a /64. Unless you are using static assignment or some other device being the dhcp server. Now *IF* you follow my advice and actually do this be prepared to reinstall your computer. Assume it *will* get rooted. Setting up the security is trivial. I 'trust' my neighbors not to do anything. But do I trust say their grandson who is visiting for a couple of weeks and found out about war driving last week and is really bored? Not really. URherenow Reged: 09/21/03 Posts: 4260 Loc: Japan Send PM Re: Firewall security question [Re: lharms] #330490 - 08/24/14 05:41 AM Reply Not sure what you're going on about. I never said I don't use a password. I just said that SEP was blocking some kind of port scan that my printer was doing, breaking the scan-to-network function (it's an all-in-one). Also some of my devices can't connect to my computer when I'm running streaming software like WMC, or PowerDVD. so... I was asking what the risk is of making the top rule of the SEP firewall state that all ports and protocols are allowed from all IP addresses in my local subnet (192.168.1.0-192.168.1.255) Let's just assume that nobody (local) is going to piggyback off of my wireless network... what danger does this rule put me in from the internet side? Like... is there a way to remote into a network and spoof packets to look like it's coming from a local computer? Just broke my personal record for number of consecutive days without dying! Vas Crabb BOFH Reged: 12/13/05 Posts: 4465 Loc: Melbourne, Australia Send PM Re: Firewall security question [Re: URherenow] #330494 - 08/24/14 06:33 AM Reply > Not sure what you're going on about. I never said I don't use a password. I just said > that SEP was blocking some kind of port scan that my printer was doing, breaking the > scan-to-network function (it's an all-in-one). Also some of my devices can't connect > to my computer when I'm running streaming software like WMC, or PowerDVD. > > so... I was asking what the risk is of making the top rule of the SEP firewall state > that all ports and protocols are allowed from all IP addresses in my local subnet > (192.168.1.0-192.168.1.255) > > Let's just assume that nobody (local) is going to piggyback off of my wireless > network... what danger does this rule put me in from the internet side? Like... is > there a way to remote into a network and spoof packets to look like it's coming from > a local computer? Your router or gateway will have two interfaces, one facing the internet and one facing your local network. On this device, for the interface facing the internet you configure a rule that discards any traffic where the destination is an address in your local network range, or any non-routable range for that matter (192.168.0.0/16, 10.0.08, 172.16.0.0/20, etc.). Then for devices on your local network (PCs etc.) you can make a rule that allows all traffic from other devices on the local network. This is a reasonable setup assuming: You can trust all the devices on the local network No device on your local network will be hacked/rooted No device on your local network will be tricked into running malware No device on your local network has an additional internet connection that bypasses the router You have no VPNs, tunnels, etc. facing into your network URherenow Reged: 09/21/03 Posts: 4260 Loc: Japan Send PM Re: Firewall security question [Re: Vas Crabb] #330495 - 08/24/14 06:35 AM Reply well, I do set my router to connect through a VPN quite often... Just broke my personal record for number of consecutive days without dying! Vas Crabb BOFH Reged: 12/13/05 Posts: 4465 Loc: Melbourne, Australia Send PM Re: Firewall security question [Re: URherenow] #330498 - 08/24/14 06:51 AM Reply > well, I do set my router to connect through a VPN quite often... That's outgoing VPN, I'm talking about having a VPN that allows you to connect into your local network from elsewhere on the internet. lharms MAME Fan Reged: 01/07/06 Posts: 908 Send PM Re: Firewall security question [Re: URherenow] #330514 - 08/24/14 06:33 PM Reply I misunderstood. I thought you were talking about removing the security off your router. You should be fine doing that. If your assumption is true. You may be better off just using the built in windows one which has the concept of 'zones'. Public/Work/Private and depending on which router you connect to it will change its rules. Pages: 1

MAMEWorld >> The Loony Bin Index   Threaded

Extra information Permissions Moderator:  GatKong  0 registered and 870 anonymous users are browsing this forum. You cannot start new topics You cannot reply to topics HTML is enabled UBBCode is enabled Thread views: 1700

Browser Test | Delete Cookies atom-guru atom-guru atom-guru atom-guru UBB.threads™ 6.3.2