Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
RE: Tool for Identifying Rogue Linksys Routers
From: Thomas Guyot-Sionnest (Thomaszango.com)
Date: Thu Aug 25 2005 - 16:52:15 CDT
The right way to fix that is to implement switch-level recurity. Limit the
number of mac and IP address on each ports. No workstation should ever have
more that one MAC and IP address...
If you don't have the budget for that kind of switch, I'd first try to
identify open ports and try to recognize services on a linksys router. Nmap
and telnet will be your best friends.
Administrateur de systèmes
Tél: (514) 842-7054
Fax: (514) 221-3395
> -----Original Message-----
> From: Martin Mkrtchian [mailto:dotsecuregmail.com]
> Sent: Thursday, August 25, 2005 14:49
> To: Bugtraq; Full-Disclosure (E-mail)
> Subject: Tool for Identifying Rogue Linksys Routers
> Dear Group Members
> We are migrating from Lucent QIP to MetaIP for DHCP services
> and so far we have had two issues when MetaIP has been
> implemented for VLAN that has an unauthorized Linksys router
> giving out IP addresses.
> Is there a scanning tool out there that can determine if
> there are unauthorized Linksys (type) routers in a specific VLAN?
> Your input is appreciated
> Thank You
> Martin M
- application/x-pkcs7-signature attachment: smime.p7s