router security
NoOp
glgxg at sbcglobal.net
Sat May 23 01:21:18 UTC 2009
On 05/22/2009 05:17 PM, Rashkae wrote:
> Robert Holtzman wrote:
>> I'm running a Linksys wireless router with wpa encryption for my
>> laptop and a desktop is hardwired into it. I'm wondering how
>> secure the wired connection is in as much as wireless isn't
>> involved. It seems as though the wired connection wouldn't be
>> secure if the router got cracked. The router has a 64 hex character
>> passphrase.
>>
>> Anyone knowledgeable have any thoughts on this?
>>
>
> Indeed, if someone takes the time and effort to crack your WPA, which is
> possible (last I checked, Elcomsoft was selling software to do exactly
> that,) the attacker would have free reign to snoop on your wired
> connection, or otherwise try their hand at launching attacks against any
> computer on your network, wired or wireless. If you're that concerned
> about it, you can install two NIC's on a computer and put wireless and
> wired on their own Nic and subnet, and configure iptables so traffic
> between those two interfaces is never allowed to cross (with the
> exception of allowing traffic to the gateway, if that is located on one
> of the two subnets.) I've used exactly this configuration at a few
> locations where they wanted to provide public or semi-public wireless
> internet access while also allowing simple file sharing within the
> office Lan.
>
I don't disagree w/dual nics (I actually connect my wireless router
(different subnet) to a wired router with a considerably stronger
built-in firewall). However I wonder if the Elcomsoft approach is really
anything new (other than the fact that they can now use gpu's to speed
up the attacks). The 'auditing' software performs brute force password
attacks; wouldn't fail2ban and denyhosts and iptables suffice to block
such attacks to begin with?
Those of course are used on the client rather than the router, but if
the client security is used would it really matter if the router is
cracked? Don't know, but I'd think it would be akin to just using a dsl
modem to connect w/added fail2ban and denyhosts type security.
I forget the thread where we discussed this in greater detail, but it
might be worth digging it back up.
http://www.fail2ban.org/wiki/index.php/Main_Page
http://denyhosts.sourceforge.net/
More information about the ubuntu-users
mailing list