Community discussions

MikroTik App
 
User avatar
Alessio Garavano
Member
Member
Topic Author
Posts: 304
Joined: Sat May 29, 2004 12:49 am
Location: Corrientes, Argentina
Contact:

New Vulnerability for Hotspots Networks! Attention!!!

Sat Aug 26, 2006 12:08 pm

Hi people, i found 2 new methods to do hotspot vulnerable called NSTX and ICMPTX... here I share it so that they are opening the eyes.
Mikrotik guys, what can say about this? are knowing this? is Mikrotik Hotspot vulnerable to this? :?:

NSTX (IP-over-DNS) HOWTO
http://thomer.com/howtos/nstx.html

ICMPTX (IP-over-ICMP) HOWTO
http://thomer.com/icmptx/

http://packages.debian.org/unstable/net/nstx

Best Regards!
Alessio
Alessio Garavano
http://www.isparg.com.ar
 
User avatar
aitsecurity
Frequent Visitor
Frequent Visitor
Posts: 84
Joined: Thu Mar 16, 2006 12:28 am
Location: venezuela

Re: New Vulnerability for Hotspots Networks! Attention!!!

Sun Aug 27, 2006 6:37 am

Hi people, i found 2 new methods to do hotspot vulnerable called NSTX and ICMPTX... here I share it so that they are opening the eyes.
Mikrotik guys, what can say about this? are knowing this? is Mikrotik Hotspot vulnerable to this? :?:

NSTX (IP-over-DNS) HOWTO
http://thomer.com/howtos/nstx.html

ICMPTX (IP-over-ICMP) HOWTO
http://thomer.com/icmptx/

http://packages.debian.org/unstable/net/nstx

Best Regards!
Alessio



HI! Alessio

is very great info


but i the HOTspot in MK, you can´t ping one machine outside of MK server, and can´t ping the gateway from the CPE or end user.

and when try resolve the name http://www.ford.com , no give the IP, because the gateway is unreacheable.

i not sure 100%, i am thinking no problem with MK HOTspot.

the two method need go to proxy for jump, how jump or go to proxy, if MK no respond the ping and the the end user can´t ping the proxy host in internet, the same for dns .

????
 
User avatar
bjohns
Member Candidate
Member Candidate
Posts: 272
Joined: Sat May 29, 2004 4:11 am
Location: Sippy Downs, Australia
Contact:

Mon Aug 28, 2006 6:27 am

I can't see it being that common, however some default rules prevent any client like that from working imo.

Ie DNS redirect - this is enabled pretty much by default and redirects all DNS queries to the MT's DNS server. This effectively distroys any chance they have of using their own dodgy DNS server.

Also I don't see any overwhelming reason to allow a client full ICMP access out to the 'net in general. Sure ICMP between client <-> hotspot and hotspot <-> internet is critical but not client <-> internet. Unless I'm forgetting something.

Who is online

Users browsing this forum: catapulko, Guscht, MCFH, reman6110, rushlife, seriosha, Zacharias and 186 guests