Penetration Testing mailing list archives
RE: Lan access via wifi
From: "Todd Towles" <toddtowles () brookshires com>
Date: Tue, 7 Jun 2005 13:10:11 -0500
That is a good point. Putting your WAPs into a restricted VLAN is a best practice method. So if that is the case, the VLAN ends at a router...which means if you gain access to that router you can jump VLANS. If this turns out to be case, look up Layer 2 - VLAN attack on Google.
-----Original Message----- From: Lohan Spies [ MTN - Agip ] [mailto:LohanS () mtnnigeria net] Sent: Tuesday, June 07, 2005 11:00 AM To: 'Sherwyn Williams'; pen-test () securityfocus com Subject: RE: Lan access via wifi This is just a guess, maybe you are connected to a VLAN that is only allowed to surf the net and not access the internal network! -----Original Message----- From: Sherwyn Williams [mailto:sherwill22 () tmail com] Sent: Tuesday, June 07, 2005 4:49 AM To: Peter Van Epp; pen-test () securityfocus com Subject: Re: Lan access via wifi No redirect straight internet access, I did a nbtscan from the local ip the ap gave me but still, nothing. Maybe the machines are lock down with windows firewall sp2 enabled. I guess, I have to keep thinking of something, or just end it by saying do not use default router settings. But that is not scary enough. On Mon, 6 Jun 2005 20:29, Peter Van Epp wrote:On Mon, Jun 06, 2005 at 02:05:52PM -0400, Sherwyn Williams wrote:The thing is that is did that already, I stated that in my first post. I did a nmap and noticed that all the internal host arefiltered by somefirewall. I have access to the wireless router and I open up the internal host by pointing them to the dmz side of therouter. I did anessus scan and also and got no usefull info. So Is why my next step was to try a unc shared access bydoing \\.\x:\but that did not gave me any useful info. That is why I email the list.Have you tried opening a web browser and going out to the net somewhere to see if you get redirected to a login page instead of where you expect? If there is one of the wireless authentication devices on the lan (Vernier, Blue Socket etc.) this is what you would see before you log in. Peter Van Epp / Operations and Technical Support Simon Fraser University, Burnaby, B.C. CanadaSherwyn Williams Technical Consultant (917) 650-5139 Sherwill22 () tmail com NOTE: This e-mail message is subject to the MTN Nigeria disclaimer see http://www.mtnonline.com/contact/disclaimer.asp
Current thread:
- RE: Lan access via wifi Meidinger Chris (Jun 06)
- <Possible follow-ups>
- RE: Lan access via wifi Erin Carroll (Jun 06)
- RE: Lan access via wifi John Forristel (SunGard-Chico) (Jun 06)
- RE: Lan access via wifi Todd Towles (Jun 07)
- RE: Lan access via wifi Lohan Spies [ MTN - Agip ] (Jun 07)
- RE: Lan access via wifi Todd Towles (Jun 07)