[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] Zonet ZSR1104WE Router problem

To: <full-disclosure@xxxxxxxxxxxxxxxx>
Subject: [Full-Disclosure] Zonet ZSR1104WE Router problem
From: "J Wachtel" <jwachtel@xxxxxxxxxxxxx>
Date: Thu, 29 Apr 2004 09:39:50 -0400

Zonet ZSR1104WE

 

Router does not report inbound connections with their WAN ip address.
All inbound connections are posted as the routers LAN address.

 

This issue is a simple one.  The ZSR1104WE router with the listed
firmware / hardware will not report an inbound TCP/IP connections WAN
address.  We host a service that uses port 443 @ 192.168.1.2 that is
forwarded through the routers NAT firewall.  Lets say an inbound
connection from 24.156.189.3 establishes a socket connection to the
service on port 443.  Our services IP logging tool and Windows XPPro SP1
netstat command line utility will not report the WAN address of this
connection.  Instead the LAN IP address of the router will be reported
as the inbound connections address.  It is analogous to NAT in reverse.
All inbound connections are masked as the router's LAN IP address.  Our
service and some other tools discriminate security rights depending on
whether the connection is from the WAN or LAN, this behavior makes that
impossible.  The connection will behave normally.  However I speculate
that it is using the MAC address to get the routing correct.  I have
contacted their support to inform them of this error and their response
is to not fix it as it does not break the connection. 

 

 

-Jason Wachtel

 

Zonet ZSR1104WE

Hardware Version   Rev. A 

Boot Code Version   1.0 

Runtime Code Version   2.41

Prev by Date: [Full-Disclosure] Heads up: Possible lsass worm in the wild
Next by Date: [Full-Disclosure] agobot and 1025
Previous by thread: [Full-Disclosure] Heads up: Possible lsass worm in the wild
Next by thread: [Full-Disclosure] agobot and 1025
Index(es):
- Date
- Thread