Re: Layer 2 Security And Penetration Testing

From: odinanne (odinanne_at_comcast.net)
Date: 01/04/05

  • Next message: DWreck: "Re: Port Scanning" 
    Date: Mon, 03 Jan 2005 23:27:32 -0700
To: pen-test@securityfocus.com

    If it is a large company, might it be possible to find a user with a
    laptop that has wireless enabled that also has a wired connection to the
    network. You might be able to bridge into the wired network. I would
    start listening in the executive suites as they often feel the rules
    don't apply to them and also like to have the the better toys their
    peers in other organizations. This organization sounds more secure
    than this, but one is often surprised.

    shiri yacov wrote:

    >Greetings to all PenTesters,
    >
    >I am scheduled to perform a pentest in a big company, in the near future.
    >
    >However, a little intelligence gathering has revealed that the company
    >
    >has enforced secure MAC on her switches (any port transmitting on other than its known MAC address is immediatltly blocked until helpdesk releases it.
    >
    >since my starting point is a "hot" port in the wall, and since I would not
    >
    >give up on the first stage, I am looking for a way to get connected to
    >
    >the net (using my allocated port) without activating any alarm when
    >
    >connecting to the net, and furthermore, without being blocked.
    >
    >
    >
    >My idea so far includes spoffing my MAC address, however, I still dont know to which MAC address should I switch my MAC to ? how do I know
    >
    >which MAC address is the legal one on a specific port ?
    >
    >
    >
    >Bruteforce is not an option - the port is frozen after 3 unsuccessful subsequent unauthorized MACs.
    >
    >
    >
    >Did anyone ever came accross a similar configuration ? Do you have an
    >
    >idea as to how can I bypass this.
    >
    >
    >
    >Regards,
    >
    >Shiri, Security Consultant
    >
    >
    >

  • Next message: DWreck: "Re: Port Scanning"

    Relevant Pages

    • Port # used while using Shared Networking
      ... When using Shared Networking what is the Port # used When my Guest OS ... Is it still Port 80 as it is when I use IE ... On the Mac side there is nothing else connected to the Net except my ... connection settigs for dial-up & connect to the Net.. ...
      (microsoft.public.mac.virtualpc)
    • Re: How Do I Keep Private Computers Off of Our Network?
      ... I recommend enabling port security on on all the switches; ... port to the system's MAC address and then disabling the unused ports. ... If you really need to lock it down then Network Access Control through ... are using their business computer's wired connection to connect ...
      (microsoft.public.windows.server.active_directory)
    • Re: Mac hogging the internet on our network.
      ... U.S Robotics USR9003 2 port ADSL router ... The connection seems to be significantly ... Do you get slowdown when the Mac is up and connected but logged out? ... If you plug the Mac straight into the ADLS router, ...
      (uk.comp.sys.mac)
    • FW: Layer 2 Security And Penetration Testing
      ... Is this cisco TACACS that they are using to protect the ports? ... they doing MAC filtering per port? ... that was assigned to the port your plugged into in order to spoof. ... Are they not going to give you a connection that works? ...
      (Pen-Test)
    • Re: Warning to the newcomer: CHILD MOLESTATION JOKES
      ... I don't know what kind of work you do where you have to use a Windows ... operating systems for a time (Mac, Amiga, Solaris, Linux) but all were ... nine-pin port on a MAC? ... pin serial port. ...
      (rec.skiing.alpine)