Guest bosshogg Posted October 2, 2003 Report Posted October 2, 2003 troubling story over at The Register about an over-billing vunerability in the GPRS system...
Guest James Posted October 2, 2003 Report Posted October 2, 2003 i assume this would only be able to happen if you are actually on-line using the GPRS or have the GPRS connected?
Guest Monolithix [MVP] Posted October 2, 2003 Report Posted October 2, 2003 I think it picks up an ip address once you've connected to their site with it, then keeps the connection open (using what the system thinks is someone elses ip) to access data. This poses to interesting questions as to the config of the GPRS firewalls. Orange's seem to have one gateway to the outside world, and a dhcp server assigning clients reserved ip's (192.168.x.x) as they connect, they then proxy through the gateway for internet access. So does the hacker have to be on the carriers GPRS network to aquire the ip they're going to exploit? Otherwise they will just get the external gateways address. However, the article seems to imply its aquired by users going to a website, and the site then "hooking on". This means either the firewall is very badly configured and allows incomming connections (on any port), making it a non-useful firewall, or (and this seems to be the issue) once a connection is made, the firewall does not close the connection when the client logs off, keeping the port open and ip info available to be exploited... Fun fun fun...
Guest beersoft Posted October 2, 2003 Report Posted October 2, 2003 I was going to do my normal drunken posting thing - "something orange firewall something chocolate fireguard" but its my birthday today and im not doing drunken rants any more ;) off topic but i found out that removing the battery from my phone deletes all my cookies, according to stew@ODS, pah! thats a fault if ever i saw one :D later Owen "drunken idiot for sale, 1 carefull owner, free to good home"
Guest fraser Posted October 3, 2003 Report Posted October 3, 2003 Yeah Mono, I just don't get it myself. I can't see how anyone could profit from this, apart from maybe the telco themselves. The report I read sounded as if you could explout it to your own finacial gain. As they are NAT'ing us, the only thing I can think of is sending some unrequested traffic back through the NAT'ed port, which would cost you GPRS charges. Unless they have some wierd firewall set up...might be some good reason for them to do it the way the currently are. That'll have to change I guess. By the way, I started another topic on this about the same time. No replies, so could a mod nuke it & keep it all here?
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now