Re: Tool for Identifying Rogue Linksys Routers
From: Mike Kershaw (dragorn_at_kismetwireless.net)
Date: 08/27/05
- Previous message: Mandriva Security Team: "MDKSA-2005:154 - Updated python packages fix integer overflow vulnerability"
- In reply to: Graham Wilson: "Re: Tool for Identifying Rogue Linksys Routers"
- Next in thread: Matt Mercer: "RE: Tool for Identifying Rogue Linksys Routers"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 26 Aug 2005 19:37:48 -0400 To: bugtraq@securityfocus.com
> > Is there a scanning tool out there that can determine if there are
> > unauthorized Linksys (type) routers in a specific VLAN?
>
> Try pinging all hosts using nmap:
>
> Then find MAC addresses that are from Linksys's space. I know macchanger
> [1] has a list of what addresses belong to which vendors.
Except, of course, that most Linksys units allow mac cloning through the
web interface.
This won't find anyone who is deliberately avoiding the scan, nor anyone
who messed with the config out of boredom.
-m
-- Mike Kershaw/Dragorn <dragorn@kismetwireless.net> GPG Fingerprint: 3546 89DF 3C9D ED80 3381 A661 D7B2 8822 738B BDB1 Bus Error at 008BE426 while reading byte from DEADBEEF in User data space
- application/pgp-signature attachment: stored
- Previous message: Mandriva Security Team: "MDKSA-2005:154 - Updated python packages fix integer overflow vulnerability"
- In reply to: Graham Wilson: "Re: Tool for Identifying Rogue Linksys Routers"
- Next in thread: Matt Mercer: "RE: Tool for Identifying Rogue Linksys Routers"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
