lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Fri, 26 Aug 2005 09:32:31 -0500
From: Graham Wilson <graham@...od.org>
To: bugtraq@...urityfocus.com
Subject: Re: Tool for Identifying Rogue Linksys Routers


On Thu, Aug 25, 2005 at 11:48:38AM -0700, Martin Mkrtchian wrote:
> We are migrating from Lucent QIP to MetaIP for DHCP services and so
> far we have had two issues when MetaIP has been implemented for  VLAN
> that has an unauthorized Linksys router giving out IP addresses.
> 
> Is there a scanning tool out there that can determine if there are
> unauthorized Linksys (type) routers in a specific VLAN?

Try pinging all hosts using nmap:

 # nmap -sP 192.168.1.0/24

Then look at the arp cache:

 # arp | grep ether

Then find MAC addresses that are from Linksys's space. I know macchanger
[1] has a list of what addresses belong to which vendors.

Hope this helps.

[1] http://www.alobbs.com/modules.php?op=modload&name=macc&file=index

-- 
gram

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ