Results 1 to 7 of 7

Thread: Preventing possible network attacks with static IP and DNS?

  1. #1
    Just burned his ISO
    Join Date
    Jun 2010
    Posts
    5

    Question Preventing possible network attacks with static IP and DNS?

    Hi everyone, I was thinking if your network is set to use static DNS and IPs, is it still possible for an attacker that has been able to crack your wifi network encryption, actually be able to "use" your network without knowing the correct IP configuration? Or can he just scan a range of IPs to find out? Thanks

  2. #2
    Member
    Join Date
    May 2011
    Location
    Israel
    Posts
    74

    Default Re: Preventing possible network attacks with static IP and DNS?

    In order to protect your network use WPA2 with strong random password (more than 20 characters and digits will be sufficient).
    Static ip address will not give you any protection.
    Scientia ac Labore

  3. #3
    Just burned his ISO
    Join Date
    Jun 2010
    Posts
    5

    Default Re: Preventing possible network attacks with static IP and DNS?

    Thanks for the reply, How exactly the attackers can grab network's IP and DNS configuration? I googled this and just found out that it may slow down an attacker but wont stop him. what are the ways to find the network's configuration?

  4. #4
    Just burned his ISO
    Join Date
    Jun 2010
    Posts
    5

    Default Re: Preventing possible network attacks with static IP and DNS?

    thanks for the reply. but i was wondering exactly how they can obtain my network configuration, can anyone name some tools or methods?

  5. #5
    Senior Member
    Join Date
    May 2010
    Posts
    198

    Default Re: Preventing possible network attacks with static IP and DNS?

    It can't hurt but I wouldn't count on it.

    A majority of those that would break into your router would NOT know how to get past mac filtering and static IPs without a script of some sort. So that will provide a small amount of security but nothing more than this.

    As stated above - Use with WPA AES encryption, a LONG password with special characters and change it often. I consider that secure for now.
    "Never do anything against conscience -- even if the state demands it."
    -- Albert Einstein

  6. #6
    Just burned his ISO
    Join Date
    Jun 2011
    Posts
    3

    Default Re: Preventing possible network attacks with static IP and DNS?

    Quote Originally Posted by Scamentology View Post
    It can't hurt but I wouldn't count on it.

    A majority of those that would break into your router would NOT know how to get past mac filtering and static IPs without a script of some sort. So that will provide a small amount of security but nothing more than this.

    As stated above - Use with WPA AES encryption, a LONG password with special characters and change it often. I consider that secure for now.
    If you want better protection you are best to get one fo these....
    1. Cisco 2621 ($45.00+ bucks) set to pick up your ISP IP and then set ACLS
    2. PIX 500x series firewalls ($500+ bucks)
    3. Unix IPCHAINS router (low end hardware)

    The attack isn't going to come from War Drivers but more from the front end of your ISP and a weak patched OS. If you really want to secure your Wireless then is WPA2-Radius. All depends on how serious you are about protecting your wireless router.


    This is what I have, Cable model into Eth0 of my 2821 ACLS inbound and outbound on eth0 then my internal network routes the IP over to eth1 with ACLs inbound and outbound going to a Catalyst 48 port switch, I Vlan ports 1-5 for Wireless and I super subnet the other ports up in to other VLANs and then apply ACLs on the switch.

    Now this protects me from intruders from the internet but I am also using a UNIX Radius server with a world of Warcraft Key token (hey it was 9 bucks for the RSA key) I synced the key to the Radius server I use a freeware radius client for my laptop and the WOW RSA key. If anyone needs access to wireless at my house when they are visiting I turn on a secondary wireless router using standard WPA2-personal which is in a secured VLAN.

    Why do I all this paranoia na I did it because I could and the gear was free.

    Hope this gives you some Idea's.

  7. #7
    Member
    Join Date
    May 2011
    Location
    Israel
    Posts
    74

    Default Re: Preventing possible network attacks with static IP and DNS?

    Attacker after breaking your protection can freely sniff your data and spoof valid already connected client he also can with another card send deauth flood to your client and in the same time with another card try to connect to your AP with valid mac address to bypass mac filtering and moreover when the attacker is already associated he can launch attack against the router web page.
    Scientia ac Labore

Similar Threads

  1. Preventing MITM
    By mendax in forum Beginners Forum
    Replies: 3
    Last Post: 04-15-2011, 04:57 PM
  2. Preventing Deauth attacks
    By deadonironsights in forum Beginners Forum
    Replies: 19
    Last Post: 12-13-2010, 01:26 AM
  3. Backtrack to Windows Network Attacks?
    By ThePistonDoctor in forum Beginners Forum
    Replies: 2
    Last Post: 12-01-2010, 04:27 PM
  4. Preventing ARP and DHCP Spoofing on Cisco Switches
    By TTA89 in forum OLD General IT Discussion
    Replies: 5
    Last Post: 10-25-2008, 04:40 AM
  5. Signal level preventing detection of networks?
    By Tiber in forum OLD Newbie Area
    Replies: 4
    Last Post: 09-02-2007, 03:13 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •