Hacking through routers?

**klepto** · October 9, 2005, 16:15

Originally posted by Red Squirrel

Other then finding an exploiting a program in which a port is forwarded to, is there other ways people can get into routers? Like let's say there's no ports whatsoever, not even administration.

You don't initially need for a port to be open from the outside to be able to gain control of the router, not even the administration port. However if your target is to gain control of it, then your exploit code or whatnot will obviously need to force a port open for you to be able to do so. I hope that makes sense.

I remember hearing something about using special type of packets which could spoof the IP and make the router think it's internal, but even then, if it's coming through on the external interface the router should/hopefully discard it right?

Not necessarily, that depends on ingress filtering which most basic routers lack, mostly home routers do not have such support.

We're studying the OSI layers and such and it's something I overlooked that there are low level protocols such as arp, rarp and probably others we did not touch, so hacking is not really limited to TCP/UDP ports if that's the case, right? So what are other things to consider when settingup a network and securing it from the outside?

You can only exploit the protocols it supports.

Hacking through routers?

Hacking through routers?

Comment