fsebugoutzone.org:9999

       Post 9zhSzDDaMsiDhJdDf6 by gh057@mastodon.social
 (DIR) More posts by gh057@mastodon.social
 (DIR) Post #9zhK0vUOM6njhiEdRg by gh057@mastodon.social
       2020-09-30T18:03:11Z
       
       0 likes, 0 repeats
       
       Home Network Pro Tip:Know what your home network&#39;s public IP address is showing.Whether you realize it or not, your home network has a public IP address. You can find out what this IP address is by using sites like whatismyip.com or whatismyipaddress.com. Typically this IP address points to the first device beyond your modem within your home network. Therefore, to see what the public sees, do the following:
       
 (DIR) Post #9zhK0vqN2ONknsWBhg by gh057@mastodon.social
       2020-09-30T18:04:22Z
       
       0 likes, 0 repeats
       
       1) Go to whatismyip.com or whatismyipaddress.com and note the IP address that is shown.2) In another browser tab, go to the IP address that you saw in step one (i.e. http://[IP_ADDRESS]). Why HTTP and not HTTPS? You want to know if connections can be made insecurely.3) NOTICE: What you see is what the public can see if your public IP address is visited.
       
 (DIR) Post #9zhK0w8RxAqNhwycsq by penny@cute.science
       2020-09-30T22:07:30.011661Z
       
       0 likes, 0 repeats
       
       @gh057 my network can&#39;t route to itself by my public IP, in fact a lot of consumer home networks can&#39;t
       
 (DIR) Post #9zhRmy2QsfljBm0oim by gh057@mastodon.social
       2020-09-30T23:08:13Z
       
       0 likes, 0 repeats
       
       @penny There are many that can, including mine. I&#39;ve been working on an internal presentation for my org today and it was super surprising how many were blatently open.
       
 (DIR) Post #9zhRmyGG3GpNseTrGq by penny@cute.science
       2020-09-30T23:34:38.006231Z
       
       0 likes, 0 repeats
       
       @gh057 No I mean, my ISP be won&#39;t route my public IP back to my network. Many people will need to check IP on their mobile networks etc.
       
 (DIR) Post #9zhRsR6OFXMWmDTGSG by penny@cute.science
       2020-09-30T23:35:37.621960Z
       
       0 likes, 0 repeats
       
       @gh057 @gh057 No I mean, my ISP be won&#39;t route my public IP from the inside of my network back to my network. I&#39;ve encountered this on basically every other ISP I&#39;ve had, including Time Warner Cable and Cox. Many people will need to check IP on their mobile networks etc.
       
 (DIR) Post #9zhSzDDaMsiDhJdDf6 by gh057@mastodon.social
       2020-09-30T23:39:40Z
       
       0 likes, 0 repeats
       
       @penny Ah yes, that much is true. NAT generally keeps that from happening. However, the public IP address that is assigned to your modem will resolve to _something_ unless you or the ISP block it. In my case, I block requests from well-known ports from outside of my network. This configuration was made inside of the firewall. The only different I&#39;ve seen with this is when it&#39;s a mobile ISP. Network security isn&#39;t my specialty so there may be nuances that I&#39;m not referencing correctly.
       
 (DIR) Post #9zhSzDckrIqSxNPJtQ by penny@cute.science
       2020-09-30T23:48:02.697770Z
       
       0 likes, 0 repeats
       
       @gh057 Cox and TWC in particular do seem to just drop them into a black hole, and they are very large
       
 (DIR) Post #9zhT6h0A23fs62v39k by penny@cute.science
       2020-09-30T23:49:24.431849Z
       
       0 likes, 0 repeats
       
       @gh057 oh yes I just mean your advice right now might be misleading, Cox or TWC users will just failed to connect even if you actually do have vulnerable services; leaving him feeling secure despite not actually testing. They&#39;ve got to find another network to test from.
       
 (DIR) Post #9zhT912GW8v6oH0lQe by penny@cute.science
       2020-09-30T23:49:49.608809Z
       
       0 likes, 0 repeats
       
       @gh057 oh yes I just mean your advice right now might be misleading, Cox or TWC users will just failed to connect even if you actually do have vulnerable services; leaving them feeling secure despite not actually testing. They&#39;ve got to find another network to test from.
       
 (DIR) Post #9zhUEWHBtOVr6TBHDU by gh057@mastodon.social
       2020-09-30T23:59:10Z
       
       1 likes, 0 repeats
       
       @penny That&#39;s a good catch. Please understand my goal was not to post something exaustive and given that I don&#39;t have access to Cox or TWC ISPs where I am, I appreciate you adding this information.Certainly there is room to write something more exhaustive regarding how to test for this and what to do if you feel that you&#39;re network is insecure.In general, even if your ISP exposes your network&#39;s public IP address, adhering to password best practices is key to minimizing a risk of attack.
       
 (DIR) Post #9zhUEe6Un2i9NcEqem by gh057@mastodon.social
       2020-10-01T00:00:41Z
       
       1 likes, 0 repeats
       
       @penny It&#39;s worth noting that the research that I have been doing this afternoon for my internal presenation was done with Shodan which scans for IoT devices that I certainly would not have previous access to.