Security Basics mailing list archives
Re: Wake On LAN from the Internet
From: Jon Hart <warchild () spoofed org>
Date: Thu, 27 Oct 2005 14:02:51 -0400
On Wed, Oct 26, 2005 at 10:17:38PM -0400, Mark Owen wrote:
Only way I can think of is to setup a VPN in which you log in to that will then connect you to the destined computer. Easier move would be to ditch the password and rely strictly on the mac address. WOL depends on upd port 9 and the mac address to be available to wake. The mac address is a unique 6 hex byte code (12 alphanumeric characters a-f, 0-9). Good enough password for me if you block unnecessary ports. I'd open udp port 9 on your dlink and forward it to your computer. IP address would be the public IP assigned to your dlink.
Not to nitpick... but keep in mind that while there are 16^12 possible MAC addresses, in reality the brute force of one is much simpler than that. Vendors use MAC addresses that are in a very specific range. I don't have exact numbers, but if you assume that the target MAC is one of Dell, Intel or 3com, your brute force space suddenly gets quite a bit smaller. For example, if I assume you've got a dell, I only need to brute force MACs that start with: 0:6:5b 0:8:74 0:b0:d0 0:b:db 0:c0:4f 0:d:56 Still not an easy task at 16^6 combinations, but well within the range of being doable. Worthwhile? Maybe, maybe not. I've never really looked into WOL before but found this: http://www.depicus.com/wake-on-lan/woli.aspx -jon
-- Mark Owen
Current thread:
- Wake On LAN from the Internet Emmanuel Goldstein (Oct 26)
- Re: Wake On LAN from the Internet Mark Owen (Oct 27)
- Re: Wake On LAN from the Internet Jon Hart (Oct 27)
- RE: Wake On LAN from the Internet Chris Goodwin (Oct 27)
- Re: Wake On LAN from the Internet Austin Murkland (Oct 27)
- Re: Wake On LAN from the Internet crazy frog crazy frog (Oct 27)
- Re: Wake On LAN from the Internet Mark Owen (Oct 27)