RE: Tool for Identifying Rogue Linksys Routers

From: Thomas Guyot-Sionnest (Thomas_at_zango.com)
Date: 08/25/05

  • Next message: Godwin Stewart: "Re: unload event in ie/mozilla/opera" 
    Date: Thu, 25 Aug 2005 14:52:15 -0700
To: "Martin Mkrtchian" <dotsecure@gmail.com>, "Bugtraq" <bugtraq@securityfocus.com>, "Full-Disclosure (E-mail)" <full-disclosure@lists.netsys.com>

    The right way to fix that is to implement switch-level recurity. Limit the
    number of mac and IP address on each ports. No workstation should ever have
    more that one MAC and IP address...

    If you don't have the budget for that kind of switch, I'd first try to
    identify open ports and try to recognize services on a linksys router. Nmap
    and telnet will be your best friends.

    Thomas Guyot-Sionnest,
    Administrateur de systèmes
    Tél: (514) 842-7054
    Fax: (514) 221-3395
    Courriel: thomas@zango.com

    > -----Original Message-----
    > From: Martin Mkrtchian [mailto:dotsecure@gmail.com]
    > Sent: Thursday, August 25, 2005 14:49
    > To: Bugtraq; Full-Disclosure (E-mail)
    > Subject: Tool for Identifying Rogue Linksys Routers
    >
    > Dear Group Members
    >
    > We are migrating from Lucent QIP to MetaIP for DHCP services
    > and so far we have had two issues when MetaIP has been
    > implemented for VLAN that has an unauthorized Linksys router
    > giving out IP addresses.
    >
    > Is there a scanning tool out there that can determine if
    > there are unauthorized Linksys (type) routers in a specific VLAN?
    >
    > Your input is appreciated
    >
    > Thank You
    >
    > Martin M
    > http://dotsecure.blogspot.com
    >

  • Next message: Godwin Stewart: "Re: unload event in ie/mozilla/opera"

    Relevant Pages

    • Re: ?router problem-blocking ports 137-8
      ... >Maybe I should just write a rule to block incoming and outgoing TCP ... >and UDP packets over those ports. ... The Linksys router never tries to look up these names, ... Whether or not you have more than one computer on the LAN is irrelevant. ...
      (comp.security.firewalls)
    • Re: Anyone using Linksys WUSB54G with Check Point VPN-1
      ... > connect to our gateway server, I've tried forwarding numerous ports on ... > the wusb54g system and even putting the wireless system into a DMZ, ... > The ports I've tried forwarding on the linksys router are ...
      (microsoft.public.windowsxp.work_remotely)
    • Re: Linux vs LinkSys 4 port Cable router
      ... >> I also have all the ports closed on the Linksys router. ... >> outside attempts to access my FTP server? ... I have the Linksys BEFSR41 and no ports are forwarded. ...
      (comp.os.linux.security)
    • Re: Linux vs LinkSys 4 port Cable router
      ... >> I also have all the ports closed on the Linksys router. ... >> outside attempts to access my FTP server? ... I have the Linksys BEFSR41 and no ports are forwarded. ...
      (comp.security.firewalls)
    • Re: God I hate macs
      ... the Linksys router. ... Although I am being prompted for the passwod (a ... who knows with a Mac) the error presented is "the ... Did you enter the dollar sign character followed immediately by the 26-digit hexadecimal version of the key, as I suggested in this thread five days ago? ...
      (comp.sys.mac.advocacy)