Layer 2 Security And Penetration Testing

From: shiri yacov (shiri_yacov_at_hotmail.com)
Date: 01/03/05

  • Next message: Billy Dodson: "FW: Layer 2 Security And Penetration Testing" 
    Date: 3 Jan 2005 22:02:33 -0000
To: pen-test@securityfocus.com
    ('binary' encoding is not supported, stored as-is)

    Greetings to all PenTesters,
    I am scheduled to perform a pentest in a big company, in the near future.
    However, a little intelligence gathering has revealed that the company
    has enforced secure MAC on her switches (any port transmitting on other than its known MAC address is immediatltly blocked until helpdesk releases it.
    since my starting point is a "hot" port in the wall, and since I would not
    give up on the first stage, I am looking for a way to get connected to
    the net (using my allocated port) without activating any alarm when
    connecting to the net, and furthermore, without being blocked.

    My idea so far includes spoffing my MAC address, however, I still dont know to which MAC address should I switch my MAC to ? how do I know
    which MAC address is the legal one on a specific port ?

    Bruteforce is not an option - the port is frozen after 3 unsuccessful subsequent unauthorized MACs.

    Did anyone ever came accross a similar configuration ? Do you have an
    idea as to how can I bypass this.

    Regards,
    Shiri, Security Consultant

  • Next message: Billy Dodson: "FW: Layer 2 Security And Penetration Testing"

    Relevant Pages

    • Re: Anyone Here Use Timbuktu? ...... Need Help
      ... try to connect a Mac to a PC. ... connecting as necessary to keep XP Pro up to date. ... the long 16 digit Timbuktu "activation key". ... Port name: Timbuktu: TCP Port 407 ...
      (comp.sys.mac.apps)
    • Re: Wireless Network in Public Places Options
      ... and implement a static bridging table. ... >> allows traffic to one other ethernet port, ... source MAC addresses. ... Packets with no destination addresses such as broadcasts and DHCP ...
      (microsoft.public.win2000.networking)
    • Re: Scan for "outsider" Pcs on network
      ... can use is the MAC address. ... switch ports by MAC address does not secure one's Ethernet network. ... switch port set up to only accept their mac address. ... OpenBSD Box (SOB) set up as a bridge.He drops it inline with the ...
      (Focus-IDS)
    • Re: Its War!
      ... they know which port is doing what. ... Once they have that MAC address, ... security seriously, they have tied your MAC address to you. ... log into the router for Internet, the mere fact that you can get ...
      (microsoft.public.windowsxp.general)
    • Re: Anybody in Australia willing to sub-hire me? (was: How best to implement HashCons in user
      ... Mac DIN-8 serial ports have only 3 handshake lines - they support ... set in the control panel serial port applet. ... You mean do hardware set on the Mac end of the cable, the modem ... and inside the modem via DCHayes command? ...
      (comp.lang.lisp)
    • Quantcast