Full Disclosure mailing list archives

Re: Tool for Identifying Rogue Linksys Routers

From: "Paul" <pvnick () gmail com>
Date: Sat, 27 Aug 2005 13:21:01 -0400

Thomas, I've taken a look at the signature that you used to sign your message, and it says that one of the people it's 
registered to is thomas () 180solutions com. Now, if I'm not mistaken, this is a spyware company. If this is so, and 
you know developers that are writing adware/spyware programs, please do me a favor and burn their house down.

Thanks
Paul
Formerly of Greyhats Security

----- Original Message ----- 
From: "Thomas Guyot-Sionnest" <Thomas () zango com>
To: "Martin Mkrtchian" <dotsecure () gmail com>; "Bugtraq" <bugtraq () securityfocus com>; "Full-Disclosure (E-mail)" 
<full-disclosure () lists netsys com>
Sent: Thursday, August 25, 2005 5:52 PM
Subject: RE: Tool for Identifying Rogue Linksys Routers


The right way to fix that is to implement switch-level recurity. Limit the
number of mac and IP address on each ports. No workstation should ever have
more that one MAC and IP address...

If you don't have the budget for that kind of switch, I'd first try to
identify open ports and try to recognize services on a linksys router. Nmap
and telnet will be your best friends.

Thomas Guyot-Sionnest,
Administrateur de systèmes
Tél: (514) 842-7054
Fax: (514) 221-3395
Courriel: thomas () zango com

-----Original Message-----
From: Martin Mkrtchian [mailto:dotsecure () gmail com] 
Sent: Thursday, August 25, 2005 14:49
To: Bugtraq; Full-Disclosure (E-mail)
Subject: Tool for Identifying Rogue Linksys Routers

Dear Group Members

We are migrating from Lucent QIP to MetaIP for DHCP services 
and so far we have had two issues when MetaIP has been 
implemented for  VLAN that has an unauthorized Linksys router 
giving out IP addresses.

Is there a scanning tool out there that can determine if 
there are unauthorized Linksys (type) routers in a specific VLAN?

Your input is appreciated 

Thank You

Martin  M
http://dotsecure.blogspot.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Re: Tool for Identifying Rogue Linksys Routers Paul (Aug 27)
- <Possible follow-ups>
- Re: Tool for Identifying Rogue Linksys Routers Gregory Boyce (Aug 31)