Yes you can hack a router firewall.
All you have to do to know this is to read the news.
Our government could really reply to this, they get hacked all the time.
Locks keep honest people honest.
Your run a decoding software to break codes and scan ports to see if one is open.
People use user names for codes and passwords or something that relates to them,bad mistake.
AOL is will known for being hackers delight for example.
oops, my bad. i thought you were referring to a regular non-NAT-type router.
i guess if i had thought about it for a minute, i could have figured that one out, as this is the computer security forum
IMO, any measure of security will have some sort of weakness. the job of the hacker is to find it (if its not already known), and then exploit it.
if the pinnacle of security is what you are looking for, you should look into setting up a "scope ID". i think this is only applies for client/server networks, however (please correct me if i am wrong).
------------------ "Those who fail to recognize the past are condemned to relive it"
Lets say someone infects you with a trojan....
Then lets say that the trojan is set to connect to the hackers machine....
Since your computer started the communication, your firewall will think that you meant for this connection to take place (since it started behind your firewall).
It allows the connection and poof, you are now vulnerable.
That's just one way (the easy way).
Lets say that you have a linux machine and you left port 23 open. Someone telnets to your machine and then (judging by your MAC address) figures out that you have a certain type of firewall. Then they connect to your firewall, crack the password (if you have one) YOU BETTER, and make a rule to open port 139 to your windows machine. Now they can surf all through your "protected" Windows harddrive (that you didn't bother to password protect) You did though but used a crappy password and they cracked that too.
That's the hard way. Of course, I personally haven't gotten to interface with the router through a telnet session, but I'm sure that it is possible if you know how.
The point is more the fact that an unprotected port can be exploited and used in a way that is bad for you.
I'm sure there are other ways. These are hypothetical.
I owe the government $3,400 in taxes......
So I sent them two hammers and a toilet seat.
[This message has been edited by FunK (edited 10-16-2000).]
Usually it's OK to /L a file and scan it before it is ran.
Thsi is how most people find out if they have a (potential) trojan or virus.
They cannot harm you unless they are executed. ALWAYS scan EVERYTHING and have updated anti-virus software.
the leading culprits for trojans and viri are those cute little .exe's that com in the email.
Those things get passed from computer to computer so fast. There are viri that attach themselves to files and allot of times these files get infected and passed along.
Some peopl don't have auto scan of email enabled and are too lazy to save the file to disk and then scan it.