Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
   Glossary   Glossary
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Author Topic: Help with penetration test wanted  (Read 3733 times)

Weaver

  • Senior Kitizen
  • ******
  • Posts: 11459
  • Retd s/w dev; A&A; 4x7km ADSL2 lines; Firebrick
Help with penetration test wanted
« on: August 04, 2015, 08:01:51 PM »

Would anyone be willing to help penetration test my router? That is, scan it and try to break in to it for me.

I realise any helpful kitizen might want some reassurance, which I would need to work out for you, somehow, not quite sure how to do that? Any suggestions?

Actually, failing that I wonder if there are any online services out there that are actually any good. The ones I've tried have been very basic and not very useful in inspiring confidence.
Logged

Ronski

  • Helpful
  • Kitizen
  • *
  • Posts: 4300
Re: Help with penetration test wanted
« Reply #1 on: August 04, 2015, 08:48:13 PM »

I bet I can break it, I have a few large hammers  :P

Have you tried Shields Up
Logged
Formerly restrained by ECI and ali,  now surfing along at 390/36  ;D

Weaver

  • Senior Kitizen
  • ******
  • Posts: 11459
  • Retd s/w dev; A&A; 4x7km ADSL2 lines; Firebrick
Re: Help with penetration test wanted
« Reply #2 on: August 04, 2015, 09:01:08 PM »

I have used Shields Up, yes. A decent tool.
« Last Edit: August 04, 2015, 09:45:40 PM by Weaver »
Logged

burakkucat

  • Respected
  • Senior Kitizen
  • *
  • Posts: 38300
  • Over the Rainbow Bridge
    • The ELRepo Project
Re: Help with penetration test wanted
« Reply #3 on: August 04, 2015, 09:26:41 PM »

b*cat has, in the past, when requested, run nmap scans on fellow Kitizens' lines.  :)
Logged
:cat:  100% Linux and, previously, Unix. Co-founder of the ELRepo Project.

Please consider making a donation to support the running of this site.

Weaver

  • Senior Kitizen
  • ******
  • Posts: 11459
  • Retd s/w dev; A&A; 4x7km ADSL2 lines; Firebrick
Re: Help with penetration test wanted
« Reply #4 on: August 04, 2015, 09:48:34 PM »

Burakkucat, would you be willing to test <IPv4 & IPv6 available on req> ?  = my firebrick

much appreciated
« Last Edit: August 04, 2015, 11:19:31 PM by Weaver »
Logged

burakkucat

  • Respected
  • Senior Kitizen
  • *
  • Posts: 38300
  • Over the Rainbow Bridge
    • The ELRepo Project
Re: Help with penetration test wanted
« Reply #5 on: August 04, 2015, 09:56:26 PM »

A sneaky, ping-less, scan of all 65536 software ports of your IPv4 address is currently in progress.  ;)
Logged
:cat:  100% Linux and, previously, Unix. Co-founder of the ELRepo Project.

Please consider making a donation to support the running of this site.

underzone

  • Reg Member
  • ***
  • Posts: 442
Re: Help with penetration test wanted
« Reply #6 on: August 04, 2015, 10:15:12 PM »

Not great, certainly not stealthed:

Host is up (0.070s latency).
Not shown: 65527 closed ports
PORT     STATE    SERVICE      VERSION
25/tcp   filtered smtp
135/tcp  filtered msrpc
136/tcp  filtered profile
137/tcp  filtered netbios-ns
138/tcp  filtered netbios-dgm
139/tcp  filtered netbios-ssn
445/tcp  filtered microsoft-ds
3544/tcp filtered unknown
Too many fingerprints match this host to give specific OS details
Network Distance: 12 hops
« Last Edit: August 04, 2015, 10:19:22 PM by underzone »
Logged

Weaver

  • Senior Kitizen
  • ******
  • Posts: 11459
  • Retd s/w dev; A&A; 4x7km ADSL2 lines; Firebrick
Re: Help with penetration test wanted
« Reply #7 on: August 04, 2015, 10:17:54 PM »

@underzone - thanks for that, does "filtered" mean that icmp error packets are coming back related to those ports?
Logged

underzone

  • Reg Member
  • ***
  • Posts: 442
Re: Help with penetration test wanted
« Reply #8 on: August 04, 2015, 10:26:07 PM »

No, the report is just showing that ports are accessible. Hackers would then try to exploit such ports. A more advanced firewall would be able to stealth any open ports to an IP port scan. Really you want to be invisible. So when port scanned you would appear 'Down'.

Initiating Ping Scan at 22:21
Scanning 81.??.??.?? [7 ports]
Completed Ping Scan at 22:21, 0.09s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 22:21
Completed Parallel DNS resolution of 1 host. at 22:21, 0.01s elapsed
Initiating SYN Stealth Scan at 22:21
Scanning ??.??.81.in-addr.arpa (81.??.??) [1000 ports]
Completed SYN Stealth Scan at 22:21, 3.20s elapsed (1000 total ports)
Initiating UDP Scan at 22:21
Scanning  [1000 ports]
Discovered open port 500/udp on 81.??.??
Completed UDP Scan at 22:21, 5.51s elapsed (1000 total ports)
Initiating Service scan at 22:21
Scanning 999 services on ??.??.81.in-addr.arpa (81.??.??)
Service scan Timing: About 0.30% done
« Last Edit: August 05, 2015, 07:21:50 AM by underzone »
Logged

Weaver

  • Senior Kitizen
  • ******
  • Posts: 11459
  • Retd s/w dev; A&A; 4x7km ADSL2 lines; Firebrick
Re: Help with penetration test wanted
« Reply #9 on: August 04, 2015, 10:26:55 PM »

I've made a change due to Underzone's findings. Thanks! :-)  :-)
Logged

CrazyTeeka

  • Reg Member
  • ***
  • Posts: 104
  • A&A Customer - Home::1TB
Re: Help with penetration test wanted
« Reply #10 on: August 04, 2015, 10:34:49 PM »

Change <rule-set name="Firewall: LAN" target-interface="LAN" no-match-action="reject" comment="Default firewall rule for traffic to LAN">
to <rule-set name="Firewall: LAN" target-interface="LAN" no-match-action="drop" comment="Default firewall rule for traffic to LAN">

 ;)
Logged

burakkucat

  • Respected
  • Senior Kitizen
  • *
  • Posts: 38300
  • Over the Rainbow Bridge
    • The ELRepo Project
Re: Help with penetration test wanted
« Reply #11 on: August 04, 2015, 10:43:01 PM »

Someone has a PM to read . . .  ;)
Logged
:cat:  100% Linux and, previously, Unix. Co-founder of the ELRepo Project.

Please consider making a donation to support the running of this site.

Weaver

  • Senior Kitizen
  • ******
  • Posts: 11459
  • Retd s/w dev; A&A; 4x7km ADSL2 lines; Firebrick
Re: Help with penetration test wanted
« Reply #12 on: August 04, 2015, 10:51:01 PM »

@crazyteeka - thanks. I realised that what I had done wasn't ideal. Made just the very change you suggested.
Logged

Weaver

  • Senior Kitizen
  • ******
  • Posts: 11459
  • Retd s/w dev; A&A; 4x7km ADSL2 lines; Firebrick
Re: Help with penetration test wanted
« Reply #13 on: August 04, 2015, 10:53:31 PM »

Guys, very very kind of you to give your time, improvements made.
Logged