Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
   Glossary   Glossary
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Author Topic: Idea for feature request for Firebrick and other routers  (Read 241 times)

Weaver

  • Addicted Kitizen
  • *****
  • Posts: 7727
  • Retd sw dev; A&A; 4 ◊ 7km ADSL2; IPv6; Firebrick
Idea for feature request for Firebrick and other routers
« on: September 22, 2019, 11:06:58 AM »

Firebrick feature request idea. Might propose this if it makes sense. Let me know what you think

Say that you have a number of windows boxes and macs, plus various other O/Ss. The MS Windows boxen publish DNS by LLMNR  and the Mac OSX boxes publish via mDNS / Bonjour. I believe these are vaguely similar but not the same, annoyingly they couldnít agree and I wish they would upgrade both to bring them towards convergence who that they would become inter-operable. Avahi Bonjour/mDNS is, I believe, available for Linux but itís an add-in and if I understand it it is available as a component for use by certain apps but I donít know about it being integrated into the main o/s core dns - completely ignorant here so please accept my apologies.

Proposal: It seems to me that if a router such as my Firebrick were to implement both mDNS and LLMNR client functions then it could discover the addresses of any machines on the LAN that speak these protocols; it then could then re-publish discovered addresses to all Firebrick clients, including clients who may not have those protocols, such as my iPad (possibly?) This might greatly enhance the capabilities of some clients possibly and improve inter-operability ? As a central point accessed by DNS users the Firebrick could be a bridge between incompatible protocols/lack of protocols.

I think mDNS code (in C presumably) is available for free on github in the case of Avahi. LLMNR implementation however might be a lot of work unless someone else has already done this job.

What do you think ? I am not having to do the work though.
« Last Edit: September 22, 2019, 11:09:51 AM by Weaver »
Logged

dee.jay

  • Reg Member
  • ***
  • Posts: 344
Re: Idea for feature request for Firebrick and other routers
« Reply #1 on: September 23, 2019, 05:04:25 PM »

As someone who used to run Active Directory networks - LLMNR is something that should be turned off on Windows clients in all honesty. It is a huge security risk in a corporate network, because it enables a nefarious person to simply listen on the network for LLMNR responses, as it includes the hash of the users credentials in a response message.

Logged
Sky FTTC 69/17 @ 3dB SNR - HG612
AAISP FTTC 67/16 @ 3dB SNR - HG612
Routed by pfSense on VMware ESX 6.0
~600M Huawei cabinet

Weaver

  • Addicted Kitizen
  • *****
  • Posts: 7727
  • Retd sw dev; A&A; 4 ◊ 7km ADSL2; IPv6; Firebrick
Re: Idea for feature request for Firebrick and other routers
« Reply #2 on: September 24, 2019, 10:08:08 PM »

I didnít know about the security problems with it.
Logged

dee.jay

  • Reg Member
  • ***
  • Posts: 344
Re: Idea for feature request for Firebrick and other routers
« Reply #3 on: September 25, 2019, 08:29:08 AM »

Yes, I've worked in companies where we've had pentests conducted - LLMNR (coupled with one or two other poorly secured things in Windows networks) basically allow for anyone to sit and listen to the LLMNR responses. Those hashes I mention can be replayed through John the Ripper (password recovery tool) or some such.

Took all of 15 minutes for the tester to find someone with a domain administrator account and a weak password . . .
Logged
Sky FTTC 69/17 @ 3dB SNR - HG612
AAISP FTTC 67/16 @ 3dB SNR - HG612
Routed by pfSense on VMware ESX 6.0
~600M Huawei cabinet
 

anything