Acces over LAN ?
Results 1 to 8 of 8

Thread: Acces over LAN ?

  1. #1
    Junior Member
    Join Date
    Jan 2003
    Posts
    2

    Acces over LAN ?

    Hi all..
    I am new to AO ...and this is my first Post/question.
    Imagine there is a Computer conntected to Internet.This Computer is also connected to 2 or 3 other PC`s by LAN.The other Computers also have connection to Internet but only over the first machine.If one of these 2 or 3 by LAN connected Computers were infected by a trojan or something similar,is it possible to Connect to these Computers although only the first PC is connected to the Internet directly ? Or is it possible to detect these Computers by a Scanner such as Nmap ? I am asking this cause i know only the first machine that is connected directly to the Internet has a Real IP Adress...the others only have this internal IP`s such as 192.0.0.1 or something similar...
    Thank you for answers..
    Fatal error....
    ...use Linux..

  2. #2
    Senior Member
    Join Date
    Jan 2003
    Posts
    686

    Post Here's an option

    I'm not sure exactly what you are trying to get at. But if you have a computer that is infected by a virus/trojan or whatever then use:

    http://security.symantec.com/ssc/hom...WFYJOKMFIDPMSV

    That's symantec (Norton) online virus scanner. Doesn't cost you anything, and is always up-to-date. I'm glad to have found that, because that way if you're virus scanner is infected, or you don't have one, you don't have to worry.

  3. #3
    Senior Member
    Join Date
    Jan 2002
    Posts
    371
    I with AciDriveHB, Im not too sure want to mean.

    If you are asking whether these 2 machines are vulnerable to attacks from the Internet. Well, rule of thumb is that ANY machine that has internet connectivity is can be compromised.

    The only protection you can have is tight firewalls rules, antivirus etc...

    Do a search of the forums for more info on securing your Internet conxion.

    Good luck!!
    SoggyBottom.

    [glowpurple]There were so many fewer questions when the stars where still just the holes to heaven - JJ[/glowpurple] [gloworange]I sure could use a vacation from this bull$hit, three ringed circus side show of freaks. - Tool. [/gloworange]

  4. #4
    Senior Member
    Join Date
    Jan 2003
    Posts
    686
    Yeah that's true Soggy Bottom, I never thought of that. Guess I was too direct in thinking about the question. Yes slewrate, if you could give a more defined question, or maybe just explain a little more of what you want, then we can help you. If you want options for how to setup a firewall, what type of firewall software/hardware to use, antivirus software, etc... just ask. There are many people who can help you out and give you lots of things to choose from.

    I also forgot to meantion in my last post, but congradulations on your first post! =D
    [shadow]There is no right and wrong, only fun and boring...
    Formatting my server because someone hacked into it sounds pretty boring to me...
    That\'s why it\'s all about AntiOnline.com!
    [/shadow]

  5. #5
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,884
    It sounds like he wants to know if you can see boxes behind a NATing device....

    " is it possible to detect these Computers by a Scanner such as Nmap ? I am asking this cause i know only the first machine that is connected directly to the Internet has a Real IP Adress...the others only have this internal IP`s such as 192.0.0.1 or something similar... "

    The answer is no, you can't get the 192.168.1.x addresses returned (or you shouldn't be able to if it is configured correctly) however theoretically there is a way to figure out how many machines are behind a NAT device. AT&T has a doc out that dicusses this technique. More or less, there is an IP header field that can be read in such a way that they can enumerate the number of boxes behind the NAT device. Anyway, way off the quesiton here. Sorry for the rant.

    Hope this helps out!
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  6. #6
    Member
    Join Date
    Jan 2003
    Posts
    36

    Re: Acces over LAN ?

    Originally posted here by slewrate
    Hi all..

    ...

    I am asking this cause i know only the first machine that is connected directly to the Internet has a Real IP Adress...the others only have this internal IP`s such as 192.0.0.1 or something similar...
    Thank you for answers..
    Just a hint:

    192.0.0.1 is *not* within the private adress space. It has to be 192.168.x.x


    Alaaf

  7. #7
    Junior Member
    Join Date
    Jan 2003
    Posts
    2

    well...

    Thank you all for your replys...

    Sorry for my bad english ....but i am working on it...

    thehorse13 wrote:
    The answer is no, you can't get the 192.168.1.x addresses returned (or you shouldn't be able to if it is configured correctly) however theoretically there is a way to figure out how many machines are behind a NAT device. AT&T has a doc out that dicusses this technique. More or less, there is an IP header field that can be read in such a way that they can enumerate the number of boxes behind the NAT device. Anyway, way off the quesiton here. Sorry for the rant.

    Thank you ...that was just what i wanted know....however it would be very interessting for me to read this Doc from AT&T.....do you know where i can find it ??...
    Thanks..

    To Uhu:
    Danke für Deinen Hinweis ....mir ist natürlich klar das die IP`s im Netzwerk mit:
    192.168.x.x anfangen.....(sonst würd`s ja nicht funzen)....war wahrscheinlich in Gedanken
    bei der Localhost IP (127.0.0.1)...

    Thanks all ..
    Fatal error....
    ...use Linux..

  8. #8
    Member
    Join Date
    Dec 2002
    Posts
    88
    slewrate, there's a post from phishphreek80 linking to this arcticle: http://www.antionline.com/showthread...&postid=600309
    credits to him for finding it
    There's something you might be aware of.. perhaps you may have problems with malware like keyloggers or something like this, that will connect to another host from your computer, in this case, NAT won't protect you because the lamer on the remote side only needs to receive stuff. It could be used like this:
    1) you run a trojaned program, it installs itself.
    2) everything you type is recorded by the program.
    3) from time to time, it opens a connection to a server owned by the attacker. It could be, for instance, a homemade server (using nc, for example) which logs everything to a file. Or the trojan can mail the person, there are some alternatives.
    It could hide in a registry key, bat files, and even on mstask (the task scheduler, was thinking about it right now. Ive never seen it being used, and no, I am not giving you (malicious) ideas, but it's something you should check).

    So, be careful about what you run.. Now I can see that the bible and firewalls have a relation..
    It's not only what enters through your ports that is harmful, but also what leaves them. Argh, this was.. duh!
    And you can imagine a trojan that only execute stuff by connecting to somewhere else and retrieving the instructions, instead of leaving an open door. I am glad afaik, they don't do it (the ones I know of), and I am only thinking about possible threats, but if I am thinking about them now, probably hundreds of others did as well.. and perhaps wrote something :sigh: . be careful dude, you are invisible, but there are still things you should take care of. Use a firewall to avoid this menace.
    good luck!

    Found in a diary:
    \".... and yes, since i am a l337 hax0r, i am also using vi to write this. ^[[D^[[B^ exit ^X^C quit :x :wq dang it :w:w:w :x ^C^C^Z^D\"

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •