ExpressLane (05-11-2021)
https://www.ncsc.gov.ie/emailsfrom/D...ess/index.htmlThey could find out certain IP addresses I suppose from the routing tables, and presumably the access lists to determine what traffic is allowed into and out of the router network. Although access to their firewall ingress and egress rules would be more useful.
Egress Filtering
Description
Egress filtering is the practice of monitoring, controlling and restricting traffic leaving a network with the objective of ensuring that only legitimate traffic is allowed to leave and that unauthorised or malicious traffic is prevented from doing so.
Egress filtering is primarily achieved through the use of predefined security rules and policies implemented on the perimeter firewall, to block outbound traffic that uses protocols and destination ports that are unnecessary or subject to abuse. Network administrators are advised to ensure that appropriate measures are taken to prevent unauthorised access to the internet access router, as it is located outside the perimeter firewall, and if SNMP enabled, that apprioate measues are implemented to prevent it from being exploited.
While Egress filtering is not primarily focused on protecting one's own network, it does serve to protect the networks of other organisations, by preventing the spread of malware or traffic with a forged source (spoofed) IP address from leaving the network that has been compromised, either through the deliberate malicious activity of an individual user or the malicious activity caused by infections, botnets and other malware within the network
Ingress Filtering
Description
Ingress filtering is the practice of monitoring, controlling and restricting traffic entering a network with the objective of ensuring that only legitimate traffic is allowed to enter and that unauthorised or malicious traffic is prevented from doing so.
Ingress filtering is primarily achieved through the use of predefined security rules (e.g. packet filtering) and policies implemented on the perimeter firewall, to ensure that inbound traffic is from the network from which it claims to originate from. Network administrators are advised to ensure that appropriate measures are taken to prevent unauthorised access to the internet access router, as it is located outside the perimeter firewall, and if SNMP enabled, that apprioate measues are implemented to prevent it from being exploited.
Ingress filtering is a simple and effective method to limit the impact of a Denial of Service (DoS) attack, by denying traffic with a forged source (spoofed) IP address access to the network, and to help ensure that traffic is traceable to its correct network.
ExpressLane (05-11-2021)
TRUMP WILL TAKE FORTY STATES...UNLESS THE SAME IDIOTS WHO BROUGHT US THE 2020 DUNCE-O-CRAT IOWA CLUSTERFUCK CONTINUE THEIR SEDITIOUS ACTIVITIES...THEN HE WILL WIN EVEN MORE ..UNLESS THE RED CHINESE AND DNC COLLUDE, USE A PANDEMIC, AND THEN THE DEMOCRATS VIOLATE ARTICLE II OF THE CONSTITUTION, TO FACILLITATE MILLIONS OF ILLEGAL, UNVETTED, MAIL IN BALLOTS IN THE DARK OF NIGHT..
De Oppresso Liber
ExpressLane (05-11-2021)
cancel2 2022 (05-11-2021)
blackascoal (05-11-2021), no worries (05-12-2021)
Talk about much ado about nothing. Seriously. When a request is made of a government entity, lawyers will review the request and respond. In this case, they responded by saying the request was overly broad. IT HAPPENS EVERY FUCKING DAY. This is what we have courts for. They will hear the arguments and make a decision.
Why is Trump so desperately trying to hide his tax returns?
Oops.
cancel2 2022 (05-11-2021)
evince (05-11-2021), no worries (05-12-2021), Phantasmal (05-11-2021)
AMERICAN HISTORY ITSELF IS A TESTAMENT TO THE STRENGTH AND RESILIENCE OF AFRICAN PEOPLE. WE, ALONG WITH THE COURGE AND SACRIFICES OF CONSCIOUS WHITE AMERICANS, LIKE VIOLA LIUZZO, EVERETT DIRKSEN, AND MANY OTHERS, HAVE FOUGHT AND DIED TOGETHER FOR OUR FREEDOM, AND FOR OUR SURVIVAL.
In America, rights are are not determined by what is just, fair, equitable, honest, nor by what Jesus would do. Rights are determined ONLY by what you can DEMAND.
evince (05-11-2021), Phantasmal (05-11-2021)
How many times does a state get to certify the vote?
The votes have been verified and counted and certified
Why did the republicans wait so long to PRETEND there was fraud?
Let’s remember how many times republicans have turned voter information over to the Russians
Republicans can’t be trusted with this information
no worries (05-12-2021)
What a crock from you guys as you pretend to understand computer security.
When it comes to computer security of any kind the first rule is you don't give out your passwords. Period. End of Security lesson.
First rule of a router is you change the default password so others can't access your router. If someone is managing all the routers they may have given every router an unique password but that is unlikely. That means someone likely reused a password. Now you are saying they should give that password to a company that while it may be well intentioned you have no idea as to what computer security they have in place. This isn't just about Cyber Ninjas being bad actors, it is a question of how competent they are when it comes to securing their own equipment. We already have reports of laptops being left out in the open during this recount. We have no clue as to whether they even test their equipment for intrusions or if they are compromised in any way by failing to update as new avenues for attack are revealed. Bad actors could be in Cyber Ninjas computers already without them knowing it.
The logs for a router aren't going to reveal someone's SS number but they do contain lots of information that will make it easier to try to get that information from the computers behind the router. Have you ever actually looked at router logs?
By turning over the routers if the information is compromised in some way it does the following:
It reveals the router user/password which can then be used to attack all other county routers in case it was reused.
It reveals the type/brand of router so bad actors can direct known attacks against any security holes known to exist for that type of router.
It would likely reveal the email address of the router administrator since advanced routers routinely send reports by email.
It reveals the router's IP address meaning that any bad actor knows the IP of the router so can concentrate attacks knowing who their target is.
It reveals the open ports so any bad actor can concentrate attacks on those ports.
It reveals web locations that are routinely visited making it easier to do phishing since a bad actor can spoof the website or direct emails based on companies they know people use routinely.
It would reveal the IP address of any administrator that logs into the router which would then reveal any activity by that administrator that passes through the router.
It allows a deep dive into the data to compare to other data that has been stolen to find possible security holes. A county officer who's personal email has been hacked or someone who has reused passwords making it easier to attack their accounts.
Turning over a router and/or the logs would clearly create security issues. It might not result in a successful attack but it makes it more likely.
"We are all born ignorant, but one must work hard to remain stupid."
"Any fool can criticize, condemn and complain - and most fools do."
LV426 (05-11-2021), no worries (05-12-2021)
Excellence is an art won by training and habituation. We do not act rightly because we have virtue or excellence, but rather we have those because we have acted rightly. We are what we repeatedly do. Excellence, then, is not an act but a habit.
- -- Aristotle
Believe nothing on the faith of traditions, even though they have been held in honor for many generations and in diverse places. Do not believe a thing because many people speak of it. Do not believe on the faith of the sages of the past. Do not believe what you yourself have imagined, persuading yourself that a God inspires you. Believe nothing on the sole authority of your masters and priests. After examination, believe what you yourself have tested and found to be reasonable, and conform your conduct thereto.
- -- The Buddha
It is the mark of an educated mind to be able to entertain a thought without accepting it.
- -- Aristotle
no worries (05-12-2021)
I forgot to include the easiest way to compromise information once you have access to a WIFI router and it's settings.
Once you have access to the information from a WIFI router, you know the SSID, the MAC address and the password. This is what is used by everyone that connects using WIFI. Most people set up their devices to automatically connect when they are in range of the router.
By simply knowing the SSID and password used, you can run a man in the middle attack. Go to the coffee shop a block away and spoof the WIFI SSID/password. Everyone that comes into the coffee shop whose device is set to automatically connect will connect to you and you can record everything they send and receive. It's a simple thing to turn off the HTTPS on a router forcing all the information to be not encrypted. Who ever checks to see which network they are connected to when they are automatically connecting or checks to see if they are really using a secure connection?
"We are all born ignorant, but one must work hard to remain stupid."
"Any fool can criticize, condemn and complain - and most fools do."
I will not engage in any conversation with you because I believe you are disingenuous and incapable of a conversation based on information when such is introduced to you. If I see you act differently in the future I may begin to engage with you again (this post doesn't bode well for that though). But until then, this will be my only response to you.
Excellence is an art won by training and habituation. We do not act rightly because we have virtue or excellence, but rather we have those because we have acted rightly. We are what we repeatedly do. Excellence, then, is not an act but a habit.
- -- Aristotle
Believe nothing on the faith of traditions, even though they have been held in honor for many generations and in diverse places. Do not believe a thing because many people speak of it. Do not believe on the faith of the sages of the past. Do not believe what you yourself have imagined, persuading yourself that a God inspires you. Believe nothing on the sole authority of your masters and priests. After examination, believe what you yourself have tested and found to be reasonable, and conform your conduct thereto.
- -- The Buddha
It is the mark of an educated mind to be able to entertain a thought without accepting it.
- -- Aristotle
Bookmarks