- Posts: 3
- Thank you received: 0
LAN Access from internet
20 years 9 months ago #3024
by manuel
There's no limit for a thinking mind
LAN Access from internet was created by manuel
Hello!, I want to know if it is possible to access a LAN that uses the 192.168.x.x addresses from internet? If yes, how can I protect it?
There's no limit for a thinking mind
20 years 9 months ago #3026
by Neon
Replied by Neon on topic Re: LAN Access from internet
Hi manuel
Seeing as how you are using the 192.168.0.0 network (Private Class C) you are pretty safe as these addresses are not routed along the Internet. The only way that you would be in danger is if someone has port forwarding or DMZs setup on the router.
But to be simple as possible you should be pretty safe.
If you are still not sure you can always goto Steve Gibsons ShieldsUP site which will test your security.
Best thing to do is grab a free firewall product from www.zonelabs.com and you will be secure.
Also note that you still can catch reverse Trojans which connect to an external server which can pass your routers firewall… So have antivirus installed.
Seeing as how you are using the 192.168.0.0 network (Private Class C) you are pretty safe as these addresses are not routed along the Internet. The only way that you would be in danger is if someone has port forwarding or DMZs setup on the router.
But to be simple as possible you should be pretty safe.
If you are still not sure you can always goto Steve Gibsons ShieldsUP site which will test your security.
Best thing to do is grab a free firewall product from www.zonelabs.com and you will be secure.
Also note that you still can catch reverse Trojans which connect to an external server which can pass your routers firewall… So have antivirus installed.
20 years 9 months ago #3032
by sahirh
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
Replied by sahirh on topic Re: LAN Access from internet
Well there are a couple of dirty TCP/IP tricks that could be used but most of them are too complicated and theoretical to be practical. For example in theory someone could use source routing to try and route through the NAT device and access the internal LAN.
There is also a technique known as NAT breaking which is a fairly new concept, frankly I don't think you need to worry about any of them. Your biggest threat comes from other avenues of attack, notably email borne threats and insecurities on the NAT device itself.
Consider, if you use a router for the NAT, and someone breaks into the router, then the internal network is exposed completely.
Nobody would really bother breaking the NAT, the NAT device is a much more likely target.
There is also a technique known as NAT breaking which is a fairly new concept, frankly I don't think you need to worry about any of them. Your biggest threat comes from other avenues of attack, notably email borne threats and insecurities on the NAT device itself.
Consider, if you use a router for the NAT, and someone breaks into the router, then the internal network is exposed completely.
Nobody would really bother breaking the NAT, the NAT device is a much more likely target.
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
Time to create page: 0.126 seconds