Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




81 posts

Master Geek

Trusted

Topic # 140569 13-Feb-2014 08:46
Send private message

I understand a standard procedure to secure an internet facing router is to block incoming traffic from RFC1918 private address ranges.

My question is: if a hacker is using a source address with a private address, how is this a threat ? I am thinking that the packets cannot be returned to him anyway, due to private addresses not being routable on the net, so he is not getting any return traffic.
So apart from using private source addresses for a one directional DoS attack, how else could this actually cause harm ?

Thanks for any help.

Create new topic
564 posts

Ultimate Geek
+1 received by user: 89


  Reply # 986597 13-Feb-2014 09:28
3 people support this post
Send private message

I've never encountered this but would assume;

Like you mention if I could spoof an internal IP [i.e. 10.1.1.2] to your router then any replies are going to be routed to back to that address on your network which could result in a DDOS vulnerability against what could be your PC, firewall, domain controller etc.

Possibly could also be a way to pass malicious commands to your network devices (NTP update, DHCP release, remote shutdown etc) ? (Duno, just a guess)





3038 posts

Uber Geek
+1 received by user: 482

Trusted

  Reply # 986826 13-Feb-2014 16:24
One person supports this post
Send private message

+1 to that.

They send you a packet such as a ping from a private ip address. Your computer then sends the reponse to that address - which would probably be on the local network.
Okay so it gets dropped and goes nowhere.

They then use a botnet to send you millions of such pings and can cause you all sorts of problems.





Ray Taylor
Taylor Broadband (rural hawkes bay)
www.ruralkiwi.com

There is no place like localhost
For my general guide to extending your wireless network Click Here




Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Push notifications: A productivity killer
Posted 25-Jul-2017 14:15


Intergen takes SKYCITY to the cloud
Posted 25-Jul-2017 14:04


Nothing nebulous about Microsoft’s cloud-transition
Posted 21-Jul-2017 15:34


We’re spending more on tech, but not as much as Australians
Posted 21-Jul-2017 11:43


Endace announces EndaceFabric for network-wide packet recording
Posted 20-Jul-2017 20:49


Acorn 6: MacOS image editing for the rest of us
Posted 20-Jul-2017 17:04


HTC faces backlash over keyboard pop-up ads
Posted 19-Jul-2017 15:53


BNZ adds Visa credit cards to Android Pay wallet
Posted 18-Jul-2017 19:44


Still living in a Notification hell – Om Malik
Posted 18-Jul-2017 13:00


Duet Display uses iPad to extend Mac, PC
Posted 18-Jul-2017 10:58


PC sales could be worse
Posted 17-Jul-2017 07:34


Crypto-currencies, tulips, market bubbles
Posted 17-Jul-2017 06:38


NZ Tech Podcast: Big batteries, solar cars, cold war, IoT
Posted 16-Jul-2017 16:53


Vodafone Australia mulls Wisp alliance, NZ implications
Posted 13-Jul-2017 16:49


Rural health professionals see fibre pay-off
Posted 13-Jul-2017 11:52



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.