exozyme/exozyme
7
12
Fork 0
Code Issues 4 Pull requests Projects Releases 39 Wiki Activity

Use IPTables to block access to internal network resources #194

New issue
Closed
opened 2022-10-03 13:08:11 +00:00 by aryak · 3 comments
aryak commented 2022-10-03 13:08:11 +00:00
Copy link

Currently, a malicious user can access things in the internal network of @a.
Using a rule like this could prevent this.
iptables -A OUTPUT -d 192.168.1.0/24 -j REJECT --reject-with icmp-net-unreachable
With the limited testing i did, going to dsldevice.attlocal.net gave me the MAC address of the devices connected too..
I am not sure if this would mess with port forwarding tho..

Currently, a malicious user can access things in the internal network of @a. Using a rule like this could prevent this. `iptables -A OUTPUT -d 192.168.1.0/24 -j REJECT --reject-with icmp-net-unreachable` With the limited testing i did, going to dsldevice.attlocal.net gave me the MAC address of the devices connected too.. I am not sure if this would mess with port forwarding tho..
a commented 2022-10-03 14:22:53 +00:00
Owner
Copy link

I added the ufw rule ufw deny out to 192.168.1.254 port 80. I think this should be enough to prevent exposure of the MAC addresses, but let me know if more needs to be done.

I added the `ufw` rule `ufw deny out to 192.168.1.254 port 80`. I think this should be enough to prevent exposure of the MAC addresses, but let me know if more needs to be done.
👍 1
a closed this issue 2022-10-03 14:22:53 +00:00
a added the
bug
security
 labels 2022-10-03 14:22:58 +00:00
a added this to the (deleted) project 2022-10-03 14:23:00 +00:00
aryak commented 2022-10-03 14:24:35 +00:00
Author
Copy link

https is still open @a

https is still open @a
a commented 2022-10-03 17:15:15 +00:00
Owner
Copy link

https is still open @a

Fixed, thanks!

> https is still open @a Fixed, thanks!
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
v9.0
v8.8
v8.7
v8.6
v8.5
v8.4
v8.3
v8.2
v8.1
v8.0
v7.10
v7.9
v7.8
v7.7
v7.6
v7.5
v7.4
v7.3
v7.2
v7.1
v7.0
v6.1
v6.0
v5.1
v5.0
v4.2
v4.1
v4.0
v3.0
v2.5
v2.4
v2.3
v2.2
v2.1
v2.0
v1.3
v1.2
v1.1
v1.0
v0.3-beta
Labels
Clear labels   
bug

Something is not working

  
duplicate

This issue or pull request already exists

  
enhancement

New feature

  
help wanted

Need some help

  
invalid

Something is wrong

  
question

More information is needed

  
security

Security vulnerability

  
wontfix

This won't be fixed

No labels
bug
duplicate
enhancement
help wanted
invalid
question
security
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: exozyme/exozyme#194
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?