Network Security: Detailed info on Re: Tool for Identifying Rogue Linksys Routers

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Vuln-Dev

[Top] [All Lists]

Re: Tool for Identifying Rogue Linksys Routers

from [Mike Frantzen] Network Security

[Permanent Link]

Subject:	Re: Tool for Identifying Rogue Linksys Routers
Date:	Fri, 26 Aug 2005 09:31:45 -0400

Is there a scanning tool out there that can determine if there are
unauthorized Linksys (type) routers in a specific VLAN?

 
All linksys MACs will have an address with one of these prefixes:
        00045A       The Linksys Group,
        000625       The Linksys Group, In
        000C41       The Linksys Group, In
        000F66       Cisco-Linksys
        001217       Cisco-Linksys, LLC
        001310       Cisco-Linksys, LLC
e.g.
        00:04:5A:xx:xx:xx


Plug a laptop into any worrisome network segments and look for a linksys
MAC address. If the linksys routers talk IPv6:
        ping6 -w ff02:1%fxp0    (or %eth0 or whatever your interface is)
Otherwise do a broadcast ping, a ping sweep, or whatever will tickle a
linksys router.

(friendly reminder: the host's MAC address will not be preserved if the
packet goes through a router)

.mike
frantzen@(nfr.com | cvs.openbsd.org | w4g.org)
PGP:  CC A4 E2 E8 0C F8 42 F0  BC 26 85 5B 6F 9E ED 28

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Tool for Identifying Rogue Linksys Routers, Martin Mkrtchian Re: Tool for Identifying Rogue Linksys Routers, Mike Frantzen <= Re: Tool for Identifying Rogue Linksys Routers, Joshua Wright Re: Tool for Identifying Rogue Linksys Routers, Graham Wilson Re: Tool for Identifying Rogue Linksys Routers, Volker Tanger Re: Tool for Identifying Rogue Linksys Routers, Mike Kershaw Re: Tool for Identifying Rogue Linksys Routers, Dave Hull [Full-disclosure] Re: Tool for Identifying Rogue Linksys Routers, Gregory Boyce Re: Tool for Identifying Rogue Linksys Routers, Tony Rall RE: Tool for Identifying Rogue Linksys Routers, Thomas Guyot-Sionnest RE: Tool for Identifying Rogue Linksys Routers, Matt Mercer Re: Tool for Identifying Rogue Linksys Routers, Paul Halliday

Previous by Date:	22nd Chaos Communication Congress 2005: Call for Papers, fukami
Next by Date:	RE: Tool for Identifying Rogue Linksys Routers, Thomas Guyot-Sionnest
Previous by Thread:	Tool for Identifying Rogue Linksys Routers, Martin Mkrtchian
Next by Thread:	Re: Tool for Identifying Rogue Linksys Routers, Joshua Wright
Indexes:	[Date] [Thread] [Top] [All Lists]