Respuesta: Identification of non Cisco AP's

• Previous message: Sherwyn Williams: "Etc/shadow file and john"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 27 Jul 2005 13:10:07 -0500
To: security-management@securityfocus.com, pen-test@securityfocus.com

Hi Jonathan

Linksys AP I've seen all use an initial TTL of 150, calculating the number of hops between you an the hosts scanned and then add the TTL of responses should do it. Or simply looking at responses of probes to port 80 TCP, with a TTL close to and < 150 should be enough and relatively fast.

Regards,

Omar Herrera

----- Mensaje original -----
De: Jonathan Gauntt
> Hi,
>
> I have been tasked with the project of scanning and identifying
> all non
> Cisco wireless access points within the company?s network.
>
> We have about 800 /22 and /24 subnets, and because of the IP
> addressingscheme in place, might just be easier for me to scan the
> whole class A range
> of IP?s.
>
> I have access to Nessus and GFI Security Scanner. Since we over
> 8000 IP?s
> in place, does anyone have any advice on the best way to identify
> these non
> Cisco AP?s such as Linksys and Netgear, etc.
>
> I wouldn?t want to have a report produced that is two miles long
> unlessabsolutely necessary.
>
> Thanks,
>
>
> Jonathan
>
>
>
>
>
>

• Previous message: Sherwyn Williams: "Etc/shadow file and john"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages RE: Identification of non Cisco APs ... > Thanks for the advice. ... > To: Jonathan Gauntt ... >> non Cisco wireless access points within the company's network. ... (Pen-Test) Identification of non Cisco APs ... I have been tasked with the project of scanning and identifying all non ... Cisco wireless access points within the company’s network. ... scheme in place, might just be easier for me to scan the whole class A range ... (Pen-Test)