Hello HTDorg, haven't posted in a while. Ok I was reading about dynamic DNS when when I encounter a security hole on my network. while resolving external ip's and what not, I discovered that you can still reach my router from the outside. I was presented with my login tab from the router. Now this may be normal if you are set up for remote administration which I have turned off. The embarrassing thing was that the router still had the default password. Even though I knew this and was able to get in, Any idiot or self respecting "Hacker" would try the default password in the first place. Security through obscurity was what I was counting on when I set up a router and left the default in place, Since you had to be a wired user to even access the router. Now I am a bit paranoid and have a couple of questions:
1 Is there a way to get to the router over encrypted transmissions?
2 Was I able to do this because my computer resolves to an internal LAN ip?
3 Has anyone ever heard of this or have links to something similar?
To facilitate any replies, The culprit router is a Linksys wrk54g, I did reach it using my external IP not my LAN IP, And remote administration is turned off
Linksys remote admin
-
- n00b
- Posts: 28
- Joined: Sat Mar 17, 2007 2:11 pm
- Location: wonderland
-
- Hacker in Training
- Posts: 70
- Joined: Thu Apr 16, 2009 6:26 pm
Re: Linksys remote admin
Some routers allow connections over ssh, check your routers documentation to see if this is also true for your model.
I don't completely understand your second question nor the explanation of how you discovered this router is accessible from outside your network. If you are on a wireless connection that has a local IP then that is why you can reach your control panel.
If you want to be absolutely sure visit your ip from a remote location or use a http proxy to do so.
I don't completely understand your second question nor the explanation of how you discovered this router is accessible from outside your network. If you are on a wireless connection that has a local IP then that is why you can reach your control panel.
If you want to be absolutely sure visit your ip from a remote location or use a http proxy to do so.
-
- n00b
- Posts: 28
- Joined: Sat Mar 17, 2007 2:11 pm
- Location: wonderland
Re: Linksys remote admin
Ok The second question is actually the solution to this whole ordeal. The question was meant to say if I was able to connect to the router because the computer accessing it was also on the same LAN, although I assumed that you could only reach it using the internal IP (192.168.1.*). I reached the router from a computer on the network, but I used my external IP. The mistake was that I assumed using the external IP would make the router assume I was on the outside.
I have learned 3 things from all this, I fail for leaving the default password, I can ssh to the router, And I need to do some more reading on DNS. Thank you for your effort and sorry for the loss of any brain cells in that redundant post.
I have learned 3 things from all this, I fail for leaving the default password, I can ssh to the router, And I need to do some more reading on DNS. Thank you for your effort and sorry for the loss of any brain cells in that redundant post.
- Thor
- htd0rg lieutenant
- Posts: 440
- Joined: Tue Dec 18, 2007 9:39 am
- Location: Location Location
Re: Linksys remote admin
catalepsic wrote:Hello HTDorg, haven't posted in a while. Ok I was reading about dynamic DNS when when I encounter a security hole on my network. while resolving external ip's and what not, I discovered that you can still reach my router from the outside. I was presented with my login tab from the router. Now this may be normal if you are set up for remote administration which I have turned off. The embarrassing thing was that the router still had the default password. Even though I knew this and was able to get in, Any idiot or self respecting "Hacker" would try the default password in the first place. Security through obscurity was what I was counting on when I set up a router and left the default in place, Since you had to be a wired user to even access the router. Now I am a bit paranoid and have a couple of questions:
1 Is there a way to get to the router over encrypted transmissions?
2 Was I able to do this because my computer resolves to an internal LAN ip?
3 Has anyone ever heard of this or have links to something similar?
To facilitate any replies, The culprit router is a Linksys wrk54g, I did reach it using my external IP not my LAN IP, And remote administration is turned off
So what's your external IP? :) How were you actually connecting to it? Were you physically in a different location or using a remote shell or something? Whatever is plugged into your routers LAN ports will be assumed to be on the LAN.
One experiment you could do is plug you computer into the "internet" port of your router and try connecting to it using various methods ie. Browser, shell, stuff like that on different ports. I would rather set up a shell account somewhere and see what you can do from there to test your security. There are many free shell accounts on the web. Google Dork: "free shell accounts"