[Dshield] d-link router and security

Steve ITmanager at rjl-pensions.com
Fri Jan 2 20:43:50 GMT 2004


Chris,

What is the syntax used to do this I'm interested in this.. 

I know the ping "ip" -j host-list - but what is "host-list"

Thanks



-----Original Message-----
From: list-bounces at dshield.org [mailto:list-bounces at dshield.org] On Behalf
Of Chris Brenton
Sent: Friday, January 02, 2004 3:17 PM
To: General DShield Discussion List
Subject: Re: [Dshield] d-link router and security

On Fri, 2004-01-02 at 11:50, Josh Tolley wrote:
>
> Keith Bergen wrote:
> 
> > I am a firm believer that no system should be connected to a Cable 
> > or DSL line without a NAT router. The NAT router can protect you 
> > from port scans and attacks.

<snip>

> I'll second Keith - I wouldn't turn any computer on without a NAT 
> device in front of it

Actually, I would test the router to ensure it _does not_ support loose
source routing before I would put all my faith into it. If LSR is supported,
an attacker can simply use the IP options field to hop right over the device
and communicate with any privately addressed system sitting behind it that
also supports LSR (every Windows platform I've tested does by default, as
does Linux but its easy to shut off).

About two years ago I went through and tested a number of "home NAT
firewalls" to see if they could be circumvented with LSR. I *think* I
remember D-Link being one of the devices that failed my testing. Could be
they've fixed it since then, but I would test it just to be sure. The
Windows Ping utility can be used for this task with the "-j" switch.

HTH,
C
 

_______________________________________________
list mailing list
list at dshield.org
To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list

---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.557 / Virus Database: 349 - Release Date: 12/30/2003
 

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.557 / Virus Database: 349 - Release Date: 12/30/2003
 




More information about the list mailing list