okay did something stewpid....
Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: okay did something stewpid....

  1. #1
    Member
    Join Date
    Nov 2003
    Posts
    34

    okay did something stewpid....

    Okay I did something stewpid and realise just how much of a noob i am....
    posted to a list and a guy asks me for info on my network...which doh! I gave out. Firewall type. Switches in the network. OS of the server. Too trusting for once.

    So flame me if you like but I want to know, if he gets my ip...then he can pretty much tailor make some probes?
    Getting my ip will be hard for him as he thinks I am somewhere else than where I am I hope(My email address is linked to a server somewhere where my network is not).
    Could he use my domain name to find my network which is not connected to the mail server except over the net.?
    Living and learning is hard at this level!!
    \"\'Do not despise the snake for having no horns, for who is to say it will not become a dragon?\"

  2. #2
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Yes he could...

    never give out more than you know you can defend......

    Now, patch everything, check your firewall rules, scan your self from the outside using nmap to see what else you are giving away, check you IDS rules, (if you don't have one Snort is _the_ one), log everything and send it to a secure log server and don't do anything that silly again.....

    Ask more questions here, search AO for "tutorials on how to do......" and keep your eyes open and wits about you......
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  3. #3
    HeadShot Master N1nja Cybr1d's Avatar
    Join Date
    Jul 2003
    Location
    Boston, MA
    Posts
    1,840
    you took half his fun away from telling him that information...now he doesn't have to find it out with skiddie tools . I'm not sure but I dont believe he'll be able to find your IP through that, but he could find your IP through other ways. How were you communicating with this guy? IRC, AIM...any chat room or just plain email?


    edit: i stand corrected, as Tiger said, he could get your IP through that.

  4. #4
    Member
    Join Date
    Nov 2003
    Posts
    34
    okay...the list is plain text email.
    Also our mail server is in a different country to where we are. Does my ip address show when I retrieve mail?
    The ip of the domain is on servers in a totally different country to where we are too...so doesn't that mean my ip is 'safe'?
    Thanks for the advice guys.
    \"\'Do not despise the snake for having no horns, for who is to say it will not become a dragon?\"

  5. #5
    BANNED
    Join Date
    Nov 2003
    Location
    San Diego
    Posts
    724
    This may be a dumb suggestion but could he maybe change to a different firewall or change somethin up in the setup in his switches. Just because he told the guy his setup doesnt mean he cant just change it around a little bit to throw the guy off in his "planning". oh well if this is just a dumb newbie remark, sorry.
    When death sleeps it dreams of you...

  6. #6
    Member
    Join Date
    Nov 2003
    Posts
    34
    i'd thought the same thing too muert0. Luckily we are going to be changing our setup very soon so it's all in the budget anyway. *wipes brow*
    router's going and so is the server/os.
    \"\'Do not despise the snake for having no horns, for who is to say it will not become a dragon?\"

  7. #7
    Member
    Join Date
    Nov 2003
    Posts
    34
    Also...if our ip here is not static, does this make it more difficult for someone to set up exploits?
    \"\'Do not despise the snake for having no horns, for who is to say it will not become a dragon?\"

  8. #8
    IT Specialist Ghost_25inf's Avatar
    Join Date
    Sep 2001
    Location
    Michigan
    Posts
    648
    Yeah I would get rid of the routers too. change over to a switch "switch or die as they say" Switchs can be more secure than a router and can free up traffic problems on the LAN. Running with a switch will stop anyone from running a packet catchers on a network.
    S25vd2xlZGdlIGlzIHBvd2VyIQ

  9. #9
    rebmeM roineS enilnOitnA steve.milner's Avatar
    Join Date
    Jul 2003
    Posts
    1,018
    Originally posted here by Ghost_25inf
    Yeah I would get rid of the routers too. change over to a switch "switch or die as they say" Switchs can be more secure than a router and can free up traffic problems on the LAN. Running with a switch will stop anyone from running a packet catchers on a network.
    This advice is wrong!

    A switch will not replace a router.

    A switch can replace a hub and can help eliminate traffic problems, but in a complex network toplology it is possible to have too many switches.

    Running a switch will not stop packet sniffers on the internal network if the sniffers uses ARP Cache Poisoning (ettercap!).

    I'm sure that elmurado knows that you can't replace a router with a switch, but this needed to be corrected.

    Steve
    IT, e-commerce, Retail, Programme & Project Management, EPoS, Supply Chain and Logistic Services. Yorkshire. http://www.bigi.uk.com

  10. #10
    Senior Member
    Join Date
    Feb 2002
    Posts
    114
    Are you sure you mean routers and not hubs!!!

    Also you can use software to force a switch to broadcast storm all traffic.
    [pong][gloworange]665[/gloworange] Next door to the [glowpurple]devil[/glowpurple][/pong]

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •