Posted: Tue Nov 22, 2016 19:04 Post subject: DHCP list avalible from web
Hey folks,
I did a security on my Workstation today, and on of the things it gave me back was the companies router address in the form of a DNS style address I didnt know what it was so i went to it and it brought me to the ip address for the company router.
The problem I have with this, is that From the main page, I can see a complete list of everyone one of the DHCP Clients currently connected, along with the internal IP and mac address of each pc.
this seems like a huge security concern to me... but is it a valid concern? How do I hide the DHCP list?
again.. this was WITHOUT logging into the router. Just on the public IP of the router. (info page of the router i beleive)
You can't hide the list, per se, but you can obscure the MAC addresses. Navigate to Administration > Management & check 'Info Site MAC Masking'. This will change all but the last 2 octets to 'xx:...' & still allow you to view active clients at a glance. _________________ NetGear XR500 - FW Version: DD-WRT v3.0-r55819 std (04/17/24)
Linux 6.1.86 #130 SMP Wed Apr 17 05:48:30 +07 2024 armv7l
Updated from: DD-WRT v3.0-55779 std (04/12/24) via GUI (FF), NO reset
Gateway: SmartDNS, DDNS (FreeDNS), IPv4 DHCP, Static leases, SFE Disabled, QoS Disabled
AP: 2.4GHz NG-Mixed 40MHz, 5GHz AC/N-Mixed 80MHz, WPA2 w/ AES, MAC filtering, Isolated Guest VAP on wlan1, Vanilla FW
Services: USB Storage, NAS, Samba
Storage: Samsung Portable SSD T7 Shield USB 3.2 2TB, /jffs, /opt, /data (ext4)
Never occurred to me, as I've never enabled remote admin... which I do see as a potential security risk. Still, obscuring MAC addresses is definitely s step in the right direction if you do so. And using https.
Any other opinions from the gallery? _________________ NetGear XR500 - FW Version: DD-WRT v3.0-r55819 std (04/17/24)
Linux 6.1.86 #130 SMP Wed Apr 17 05:48:30 +07 2024 armv7l
Updated from: DD-WRT v3.0-55779 std (04/12/24) via GUI (FF), NO reset
Gateway: SmartDNS, DDNS (FreeDNS), IPv4 DHCP, Static leases, SFE Disabled, QoS Disabled
AP: 2.4GHz NG-Mixed 40MHz, 5GHz AC/N-Mixed 80MHz, WPA2 w/ AES, MAC filtering, Isolated Guest VAP on wlan1, Vanilla FW
Services: USB Storage, NAS, Samba
Storage: Samsung Portable SSD T7 Shield USB 3.2 2TB, /jffs, /opt, /data (ext4)
Just to reiterate... this is not a security concern? correct?
MAC addresses are only valid when on the same subnet. So unless you change to a different subnet the MAC address does not make a difference.
The one thing that you should know/remember is that wireless devices will broadcast their MAC address (this is how they know how to communicate to each other). The first 6 hex numbers (little x's below) are the manufacturer id and the last 6 (capital Y's below) are the unique device id assigned from manufacturer.
xx:xx:xx:YY:YY:YY
Since a MAC address is intended to be unique, there is more privacy concerns than security. For example, if you posted online the full MAC address, and then someone at a coffee shop saw the same MAC address, they could indirectly identify you.
But I agree with d00zah.
Just trying to educate you, so you can make the right choice for you.