Network Security: Detailed info on Re: Wired captive portal pen-test

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Pen-Test

[Top] [All Lists]

Re: Wired captive portal pen-test

from [Mario Spinthiras] Network Security

[Permanent Link]

Subject:	Re: Wired captive portal pen-test
Date:	Thu, 17 Jul 2008 10:08:29 +0300

I am not sure what kind of captive portal it was. I know for sure that
if the administrator limited the dns traffic or performed DPI
(cleverly) they could avoid NSTX bypasses. NSTX relies on dns queries
solely to be able to bypass CP. However by limiting the amount of DNS
queries per IP to a more "normal" threshold then NSTX would be
rendered useless.

As for DTP , yersinia seems to be able to handle DTP auditing just
fine. I have not found other tools capable of doing similar audits.


-- 
Warm Regards,
Mario A. Spinthiras
Blog: http://www.spinthiras.net
Mail: mspinthiras@gmail.com
Skype: smario125

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in 
Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------

[More messages with this same subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Wired captive portal pen-test, (continued) Re: Wired captive portal pen-test, "JosÂÃ M. PalazÃn Romero" Re: Wired captive portal pen-test, Roman Medina-Heigl Hernandez RE: Wired captive portal pen-test, Sergio Castro Re: Wired captive portal pen-test, "JosÂÃ M. PalazÃn Romero" Re: Wired captive portal pen-test, Mario Spinthiras Re: Wired captive portal pen-test, Roman Medina-Heigl Hernandez Re: Wired captive portal pen-test, Roman Medina-Heigl Hernandez Re: Wired captive portal pen-test, sherwyn . williams RE: Wired captive portal pen-test, Alex Eden Re: Wired captive portal pen-test, Cedric Blancher Re: Wired captive portal pen-test, Mario Spinthiras <=

Previous by Date:	Re: Wired captive portal pen-test, Cedric Blancher
Next by Date:	OSSTMM 3.0 LITE, Pete Herzog
Previous by Thread:	Re: Wired captive portal pen-test, Cedric Blancher
Next by Thread:	Malicious Mozilla/Firefox/Thunderbird/Etc Extension, Andrei Hanganu
Indexes:	[Date] [Thread] [Top] [All Lists]