Thomas, I've taken a look at the signature that you used to sign your message,
and it says that one of the people it's registered to is
thomas@180solutions.com. Now, if I'm not mistaken, this is a spyware company.
If this is so, and you know developers that are writing adware/spyware
programs, please do me a favor and burn their house down.
Thanks
Paul
Formerly of Greyhats Security
----- Original Message -----
From: "Thomas Guyot-Sionnest" <Thomas@zango.com>
To: "Martin Mkrtchian" <dotsecure@gmail.com>; "Bugtraq"
<bugtraq@securityfocus.com>; "Full-Disclosure (E-mail)"
<full-disclosure@lists.netsys.com>
Sent: Thursday, August 25, 2005 5:52 PM
Subject: RE: Tool for Identifying Rogue Linksys Routers
The right way to fix that is to implement switch-level recurity. Limit the
number of mac and IP address on each ports. No workstation should ever have
more that one MAC and IP address...
If you don't have the budget for that kind of switch, I'd first try to
identify open ports and try to recognize services on a linksys router. Nmap
and telnet will be your best friends.
Thomas Guyot-Sionnest,
Administrateur de systèmes
Tél: (514) 842-7054
Fax: (514) 221-3395
Courriel: thomas@zango.com
-----Original Message-----
From: Martin Mkrtchian [mailto:dotsecure@gmail.com]
Sent: Thursday, August 25, 2005 14:49
To: Bugtraq; Full-Disclosure (E-mail)
Subject: Tool for Identifying Rogue Linksys Routers
Dear Group Members
We are migrating from Lucent QIP to MetaIP for DHCP services
and so far we have had two issues when MetaIP has been
implemented for VLAN that has an unauthorized Linksys router
giving out IP addresses.
Is there a scanning tool out there that can determine if
there are unauthorized Linksys (type) routers in a specific VLAN?
Your input is appreciated
Thank You
Martin M
http://dotsecure.blogspot.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
