Full Disclosure mailing list archives

Rogue Network Link Detection

From: H D Moore <fdlist () digitaloffense net>
Date: Mon, 5 Dec 2005 23:42:19 -0600

I found an old document and some crappy perl code on my system, figured 
someone might find it interesting:

"Unauthorized network links are one of the biggest problems facing large 
enterprise networks. Users intent on bypassing corporate proxies will 
often use cable modems, wireless networks, or even full-fledged T1s to 
access the internet. These network links can have a drastic affect on 
organizational security; any perimeter access controls are completely 
bypassed, making it nearly impossible for the administrators to 
effectively concentrate their monitoring and intrusion prevention 
efforts. This document attempts to describe different approaches and 
techniques that can be used to detect these rogue network links."

http://metasploit.com/research/misc/rogue_network/

-HD
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Rogue Network Link Detection H D Moore (Dec 05)
- Re: Rogue Network Link Detection DanB-FD (Dec 06)
- RE: Rogue Network Link Detection Randall M (Dec 06)