[blog.rayfoo] » defense in depth http://blog.rayfoo.info Infosec, DFIR, tech geekery, thoughts and whatnot Wed, 25 Jan 2012 00:36:47 +0000 en hourly 1 Changing internal network IP address range http://blog.rayfoo.info/2009/10/changing-internal-network-ip-address-range http://blog.rayfoo.info/2009/10/changing-internal-network-ip-address-range#comments Tue, 13 Oct 2009 18:20:59 +0000 ray http://blog.rayfoo.info/?p=258 Finally gotten my lazy busy ass down to implementing some of those stuff that I've always wanted to (like they say: eat your own dog food).

For tonight it was the changing and limiting of the DHCP address range served by my router to be a non-standard one (i.e. not in the 192.168.1.0/24 range), as one of the defences against CSRF attacks against the router.

The change turned out to not to be as smooth as I thought it would be, even though I had very few devices in the network as compared to an office one. Would keep this in mind as I think about/recommend this to others.

Additional reading on the topic of CSRFing home routers, for those who're interested:
GNUCITIZEN: BT HOME FLUB: PWNIN THE BT HOME HUB
GNUCITIZEN: ROUTER HACKING CHALLENGE

]]> http://blog.rayfoo.info/2009/10/changing-internal-network-ip-address-range/feed 0