Re: device connection hijacking

From: Chris Reining (
Date: 09/02/03

  • Next message: Joey Peloquin: "RE: Fabric OS"
    Date: Mon, 1 Sep 2003 21:53:25 -0500
    To: Bryan <>

    One route that you may want to go in exploiting this layer 1 issue is
    using an access point with either your own hacked in PoE (Power over
    Ethernet) or using one with a PoE module. Some manufacturers, like
    Symbol and Lucent, make APs with these addons otherwise you can attempt
    to do it yourself - however, you can cause serious damage to the AP and
    other equipment. There are howto's online for the DIY route. This would
    require power to be in another hidden location, as one of your
    possible requirements noted, and to properly get it to the AP.

    Another option would be an ipaq with wireless and USB ethernet running
    off battery.

    And another option would be a small laptop, even a cheap 486 with PCMCIA
    slots that you can throw ethernet and wireless in, running off battery.

    This is why MAC addresses should be tied to specific ports although an
    administrative nightmare in educational or large corporation settings.


    On Sat, Aug 30, 2003 at 08:15:56PM -0500, Bryan wrote:
    > Hello all.
    > I saw something today that got the wheels turning as a potential
    > vulnerability in network deployment. Let's say a client company has some
    > sort of proprietary device out in the open for anybody to use, and is
    > connected to the internal network through a regular 100BaseT connection.
    > But that cable is easily unplugged... and plugged into whatever you
    > want. Should one want to connect to the network through that connection,
    > wouldn't it be possible to attach a wired/wireless converter to the
    > line, and connect to the network via wireless adapter on your machine
    > from some distance away without anyone being any the wiser?
    > I did some googling for such a device, and found a few products, but
    > none that would suit the needs for this application. It should be small
    > enough to hide, needing only one rj45 port, and maybe a wireless
    > antenna. And it should also be battery powered as you most likely
    > wouldn't have a power outlet nearby, much less one that could be
    > stealthily utilized. Then just a little wireless sniffing should help
    > you out from there, right?
    > Any ideas? Thanks
    > Bryan
    > ---------------------------------------------------------------------------
    > FREE Trial!
    > New for security consultants and in-house pros: FOUNDSTONE PROFESSIONAL
    > and PROFESSIONAL TL software. Fast, reliable vulnerability assessment
    > technology powered by the award-winning FoundScan engine. Try it free for 21 days at:
    > ----------------------------------------------------------------------------


  • Next message: Joey Peloquin: "RE: Fabric OS"

    Relevant Pages

    • Hurricane Katrina Cuts Phone Service to Millions
      ... Large wireless carriers also reported problems with their networks. ... "A significant amount of the network is out in all of the areas ... With power still out in many parts of Louisiana and Mississippi, ... With hit-or-miss telephone service, many people turned to the Internet ...
    • Re: Network drops out
      ... >>>I have a US Robotics wireless router and using XP Pro with SP2. ... >>>the connection to the network. ... If I go and cut the power to the router and turn it back on, ...
    • Re: Multifunction HP C4380 printer scanner
      ... this printer did not have any major wireless issues. ... inadequate electrical power, often caused by a malfunctioning power ... computer's wireless connection has switched to a different network ... I would start power cycling the router and making sure ...
    • Re: Best way to handle high usage in a small area
      ... All users will be in one conference room approx ... Estimate 50 wireless users. ... side of the room to connect to network A and the other side to connect to ... up tethered to a power cable anyway - so you probably have organised power ...
    • Re: Marginally OT: Gb SOHO switch recommendations
      ... But, *here*, if the power fails, I really only want to make sure ... Nor the portion of the switch that would *talk* to them! ... PoE+ has higher capabilities. ... a win *only* if powered from the same network cable! ...