Page 2 of 4 FirstFirst 1234 LastLast
Results 11 to 20 of 36

Thread: router udp logs

  1. #11
    @ÞΜĮЙǐЅŦГǻţΩЯ D0pp139an93r's Avatar
    Join Date
    May 2003
    Location
    St. Petersburg, FL
    Posts
    1,705
    Quote Originally Posted by dinowuff View Post
    WireShark is your friend.
    This.


    A quick dissection of the traffic will tell you exactly what it is. You can use any port you want, but you can't really hide the payload.
    Real security doesn't come with an installer.

  2. #12
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    Ok...we have developed a new networked device that uses Avahi...
    http://avahi.org/wiki/AboutAvahi
    to discover and communicate to other devices on the LAN....hence the constant DNS requests going out to our ISP...through 2 routers

    I am concerned when a customer plugs this device at home ...the device will have excessive DNS requests through their routers to the customers ISP....Is that going to be an issue?? will the ISPs freak??

    Not knowing much about all this and why we have a consultant working on this (at my request)....I want to ask the the guy is it not possible to keep these requests localized within the LAN ???

    Too bad hes such an arrogant a$$...else I could try and work with him on this..

    I appreciate your thoughts on this!!

    off to read up more on this

    MLF
    Last edited by morganlefay; August 31st, 2010 at 06:10 PM.
    How people treat you is their karma- how you react is yours-Wayne Dyer

  3. #13
    THE Bastard Sys***** dinowuff's Avatar
    Join Date
    Jun 2003
    Location
    Third planet from the Sun
    Posts
    1,253
    Hey MLF:

    Why do you need DNS - SD?

    I thought you were running on a Windows 2003 AD network?
    09:F9:11:02:9D:74:E3:5B8:41:56:C5:63:56:88:C0

  4. #14
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    This is a device we have developed that runs *nix based OS....

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  5. #15
    THE Bastard Sys***** dinowuff's Avatar
    Join Date
    Jun 2003
    Location
    Third planet from the Sun
    Posts
    1,253
    Quote Originally Posted by morganlefay View Post
    This is a device we have developed that runs *nix based OS....

    MLF

    Ah.. Makes sense now. I thought you were a windows only shop.
    09:F9:11:02:9D:74:E3:5B8:41:56:C5:63:56:88:C0

  6. #16
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    This device sits outside our network and is developed for home use...hence the auto discovery of other devices...

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  7. #17
    THE Bastard Sys***** dinowuff's Avatar
    Join Date
    Jun 2003
    Location
    Third planet from the Sun
    Posts
    1,253
    Quote Originally Posted by morganlefay View Post
    This device sits outside our network and is developed for home use...hence the auto discovery of other devices...

    MLF

    /self mode set = confused again
    09:F9:11:02:9D:74:E3:5B8:41:56:C5:63:56:88:C0

  8. #18
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    It has its on LAN.....with other devices...separate from our corporate LAN sharing our internet..

    Its own "subnet" if you will ;-)
    How people treat you is their karma- how you react is yours-Wayne Dyer

  9. #19
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    Ok...figured it out...well kinda sorta....
    its not our device... phew...we are about to go into production with this

    its something on his laptop...not sure what it is though.....its some kind of P2P client for sure.

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  10. #20
    Senior Member gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    Is this in a setting where you are the Network Admin? Basically I'm wondering what kind of say you have over what people do, and, if you can make a "Policy" where all people using things on your network have to follow what you've set.

    This would make things easier, and you can make some BS policy where you have rules against P2P traffic if it's an actual problem. If the person doing this has a valid reason, that's one thing (He may be using P2P to get legal software... I know, most probably don't, but some software is actually released with P2P and it's a better way of getting it than the main server the stuff is hosted on) so if it's valid and it's not bogging you down, that's one thing, but if he's using it to grab movies or music illegally, then, well, you know.

    If you can get away with it, make a policy that dictates you need to know what software each client is using before they're allowed access, and if your boss or whoever you have to report to gets iffy about it, just say "I'm making sure our asses are covered in the event that someone comes in from the outside, plugs into the network, downloads a few thousand songs or a few hundred movies, and we get sued for Piracy" which is normally enough to get your way or at least get them to agree since no one likes being sued.

    This would allow you some control over what network apps people are actually allowed to use. And if this is in fact a setting where you are responsible for this stuff, well, again, you should be able to at the very least, make a form of a policy where you can say no to some moron attempting to turn your network into a piracy house.

    The College I went to had a policy where students were allowed to not only bring their laptops in, but hook them up to the network and surf the net, which is cool because when you were doing something like a project, you were able to grab info from the net, whack it into a Presentation software package, and go.

    They did have a rule though, where P2P wasn't allowed for things that weren't legal. One of the main professor's allowed some P2P because for Linux distros when we did Security + and Linux + both, it was easy to let people grab a distro of Linux over Bit Torrent, or whatever else, and then go from there. The college didn't mind because it saved them money on CDs and so on, and it worked out.

    However, the Network Admin, had a policy where if this was abused, they lost access. You can pretty easily tell with the right software. I'm not sure if you have access to a REAL Packet Sniffer (A hardware model for instance) but it can pretty much plug in, watch, and print out what happens that looks suspicious.

    And did I read this right? You have a Unix based product in use and it's working out for you? And you're admitting it wasn't the issue?

    Also, if this guy is, as you've said, got a HUGE attitude problem, I'd personally go to my boss, bring up the situation, and say that he's basically not the type who's going to admit to anything, and that he's got a problem with people in general. This of course adds to the CYA principle, and makes sure you aren't the one who takes the blast when "it" hits the fan.

Similar Threads

  1. Auditing Routers: The Checklist - Looking for Feeback
    By KuiXing-2005 in forum Network Security Discussions
    Replies: 2
    Last Post: April 4th, 2005, 04:44 PM
  2. Linksys Router Owners - HEADS UP!
    By thehorse13 in forum Network Security Discussions
    Replies: 31
    Last Post: June 8th, 2004, 08:19 AM
  3. Central Secure Logging in a Win2k Environment
    By Tiger Shark in forum The Security Tutorials Forum
    Replies: 5
    Last Post: March 4th, 2004, 05:00 PM
  4. anyone want to help me with some cisco hw?
    By Simo in forum Miscellaneous Security Discussions
    Replies: 7
    Last Post: October 28th, 2003, 03:47 PM
  5. how to hack cisco a router... wow
    By NUKEM6 in forum Non-Security Archives
    Replies: 1
    Last Post: February 3rd, 2002, 11:28 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •