PDA

View Full Version : Access PC via router WAN login?



marklodge
07-04-2008, 12:52 PM
Is it possible to gain access to the internal LAN via WAN login on a broadband (ADSL) router, if I know the router password?
Assuming i have access to the administration interface via WAN login and the router does have VPN, port forwarding & routing table modification functionality, then how exactly will it be done?

MrByte
07-04-2008, 02:53 PM
Depens on what you call "access". If you're in full control of the router, you can configure port forwarding so that you can access some services of the PCs of the internal LAN, such as file & print sharing or remote desktop connection, but you still need to know the login/password to access them. If these services are not password-protected, then yes, the computers of the internal LAN are in danger, as your control of the router basically means that they're no longer firewalled.

marklodge
07-05-2008, 10:23 AM
so, if file sharing is not enabled on the pcs connected to the internal lan it is impossible to access the files?

MrByte
07-05-2008, 11:04 AM
There are alternative ways to access files, for example Remote Desktop Connection (built-in Windows service) or similar third-party software, such as RAdmin ( http://www.all-nettools.com/remote-control-5/radmin-remote-control-2**74.htm ). Besides, the PCs may be running FTP servers. But if none of the above is running -- then yes, it's impossible to access the files.

marklodge
07-05-2008, 12:18 PM
There are alternative ways to access files, for example Remote Desktop Connection (built-in Windows service) or similar third-party software, such as RAdmin ( http://www.all-nettools.com/remote-control-5/radmin-remote-control-2**74.htm ). Besides, the PCs may be running FTP servers. But if none of the above is running -- then yes, it's impossible to access the files.

OK, so , to fully secure PCs behind NAT routers I do not need to install a firewall to monitor incoming traffic?

I just need to disable RDC and make sure no ports are open, correct?

But what if i need some ports to be open for bittorrents etc?
what are the implications of leaving ports open?
What is a malicious user able to do if i have forwarded port say: *2*45 to my ip: **6.25.75.* ?

could that be used to access my files?

MrByte
07-05-2008, 02:19 PM
OK, so , to fully secure PCs behind NAT routers I do not need to install a firewall to monitor incoming traffic?

A firewall is always a good thing to have. You don't necessarily need to "install" it, i.e. you don't necessarily need a *-rd party product, but you should at least use the built-in Windows firewall.


I just need to disable RDC and make sure no ports are open, correct?

I'd say "to make sure no ports offering access to files are open". If you completely close all ports, you won't be able to use many services, such as Skype.


But what if i need some ports to be open for bittorrents etc?
what are the implications of leaving ports open?
What is a malicious user able to do if i have forwarded port say: *2*45 to my ip: **6.25.75.* ?

could that be used to access my files?

Open ports, by themeselves, are not dangerous. Any computer has open ports, you can't be networked without open ports. What's important is that such ports shouldn't be exposing any data not intended for "outsiders". If you're running a local FTP server intended only for your LAN computers, make sure that either FTP access is password-protected or that your firewall restricts access to local IP addresses only. Bittorrent shouldn't be a problem.

marklodge
07-05-2008, 06:46 PM
Thanks
I have discussed this with many guys.
I am in South Africa, and since ADSL is just starting to become popular here and most people are totally unprotected and have no knowledge of pc security whatsoever, I wish to have a demonstration of what could be done to an unprotected ADSL user. Most people leave their default pwd/user on the adsl routers and i need to know everything or most things that could be carried out by a novice or experienced hacker
So far I have prepared material demonstrating how a malicious user is able to steal your WAN username and password (we are usually supplied with shaped capped 2gb accounts) and use your bandwidth, all in a few mins

So, if you have any other related info that will be useful for my presentation i would appreciate it

So, to sum it up;
a hacker is able to access your files via port forwarding and/or a static route if he has wan access to your router, and you have file sharing enabled, correct?

if you do not have file sharing enabled he willl only be able to access your files if he knows an admin user/pwd, correct?

gordo
07-05-2008, 08:16 PM
marklodge, an forwarded port on the router is not bad, as MrByte stated.It is the service using that port that can be exploited. When the game or whatever that uses that port is not running, the enabling the windows firewall will keep it safe. You can use google searches to help also.
http://www.google.com/search?hl=en&safe=off&client=firefox-a&channel=s&rls=org.mozilla%*Aen-US%*Aofficial&hs=*ab&q=bittorrent+port+exploits&btnG=Search
You may want to research wep cracking and wpa cracking too.

MrByte
07-06-2008, 06:28 AM
So, to sum it up;
a hacker is able to access your files via port forwarding and/or a static route if he has wan access to your router, and you have file sharing enabled, correct??

Only if he knows the PC's login and password.



if you do not have file sharing enabled he willl only be able to access your files if he knows an admin user/pwd, correct?

If you do not have file sharing enabled, if he knows the PC's login and password it may still be dangerous. He may be able to execute code remotely. File and print sharing is only one out of several services that uses Windows authentication. There is also RPC etc. See this thread where a person asks a similar question:

http://www.governmentsecurity.org/archive/t6*2*.html