Layer 2 Security And Penetration Testing
From: shiri yacov (shiri_yacov_at_hotmail.com)
Date: 01/03/05
- Previous message: Balwant Rathore: "Information Systems Security Assessment Framework (ISSAF) Draft0.1"
- Next in thread: Billy Dodson: "FW: Layer 2 Security And Penetration Testing"
- Maybe reply: Billy Dodson: "FW: Layer 2 Security And Penetration Testing"
- Reply: Enno Rey: "Re: Layer 2 Security And Penetration Testing"
- Reply: Jason Carr: "Re: Layer 2 Security And Penetration Testing"
- Maybe reply: Toni Heinonen: "RE: Layer 2 Security And Penetration Testing"
- Maybe reply: Michael Scheidell: "RE: Layer 2 Security And Penetration Testing"
- Reply: odinanne: "Re: Layer 2 Security And Penetration Testing"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 3 Jan 2005 22:02:33 -0000 To: pen-test@securityfocus.com('binary' encoding is not supported, stored as-is)
Greetings to all PenTesters,
I am scheduled to perform a pentest in a big company, in the near future.
However, a little intelligence gathering has revealed that the company
has enforced secure MAC on her switches (any port transmitting on other than its known MAC address is immediatltly blocked until helpdesk releases it.
since my starting point is a "hot" port in the wall, and since I would not
give up on the first stage, I am looking for a way to get connected to
the net (using my allocated port) without activating any alarm when
connecting to the net, and furthermore, without being blocked.
My idea so far includes spoffing my MAC address, however, I still dont know to which MAC address should I switch my MAC to ? how do I know
which MAC address is the legal one on a specific port ?
Bruteforce is not an option - the port is frozen after 3 unsuccessful subsequent unauthorized MACs.
Did anyone ever came accross a similar configuration ? Do you have an
idea as to how can I bypass this.
Regards,
Shiri, Security Consultant
- Previous message: Balwant Rathore: "Information Systems Security Assessment Framework (ISSAF) Draft0.1"
- Next in thread: Billy Dodson: "FW: Layer 2 Security And Penetration Testing"
- Maybe reply: Billy Dodson: "FW: Layer 2 Security And Penetration Testing"
- Reply: Enno Rey: "Re: Layer 2 Security And Penetration Testing"
- Reply: Jason Carr: "Re: Layer 2 Security And Penetration Testing"
- Maybe reply: Toni Heinonen: "RE: Layer 2 Security And Penetration Testing"
- Maybe reply: Michael Scheidell: "RE: Layer 2 Security And Penetration Testing"
- Reply: odinanne: "Re: Layer 2 Security And Penetration Testing"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
