RE: Lan access via wifi

["Todd Towles" <toddtowles () brookshires com>]

 That is a good point. Putting your WAPs into a restricted VLAN is a
best practice method.

So if that is the case, the VLAN ends at a router...which means if you
gain access to that router you can jump VLANS. If this turns out to be
case, look up Layer 2 - VLAN attack on Google.

> -----Original Message-----
> From: Lohan Spies [ MTN - Agip ] [mailto:LohanS () mtnnigeria net] 
> Sent: Tuesday, June 07, 2005 11:00 AM
> To: 'Sherwyn Williams'; pen-test () securityfocus com
> Subject: RE: Lan access via wifi
>
> This is just a guess, maybe you are connected to a VLAN that 
> is only allowed to surf the net and not access the internal network!
>
> -----Original Message-----
> From: Sherwyn Williams [mailto:sherwill22 () tmail com]
> Sent: Tuesday, June 07, 2005 4:49 AM
> To: Peter Van Epp; pen-test () securityfocus com
> Subject: Re: Lan access via wifi
>
>
> No redirect straight internet access, I did a nbtscan from 
> the local ip the ap gave me but still, nothing. Maybe the 
> machines are lock down with windows firewall sp2 enabled.
>
> I guess, I have to keep thinking of something, or just end it 
> by saying do not use default router settings. But that is not 
> scary enough.
>
>
>
> On Mon, 6 Jun 2005 20:29, Peter Van Epp wrote:
> > On Mon, Jun 06, 2005 at 02:05:52PM -0400, Sherwyn Williams wrote:
> > >  The thing is that is did that already, I stated that in my first 
> > > post. I
> > >  did a nmap and noticed that all the internal host are 
> filtered by some
> > >  firewall. I have access to the wireless router and I open up the
> > >  internal host by pointing them to the dmz side of the 
> router. I did a
> > >  nessus scan and also and got no usefull info. So
> > >  Is why my next step was to try a unc shared access by 
> doing \\.\x:\ 
> > > but
> > >  that did not gave me any useful info.
> > >
> > >  That is why I email the list.
> >     Have you tried opening a web browser and going out to the net 
> > somewhere
> > to see if you get redirected to a login page instead of where you 
> > expect? If
> > there is one of the wireless authentication devices on the lan 
> > (Vernier, Blue
> > Socket etc.) this is what you would see before you log in.
> >
> > Peter Van Epp / Operations and Technical Support
> > Simon Fraser University, Burnaby, B.C. Canada
> Sherwyn Williams
> Technical Consultant
> (917) 650-5139
> Sherwill22 () tmail com
> NOTE: This e-mail message is subject to the MTN Nigeria disclaimer see
> http://www.mtnonline.com/contact/disclaimer.asp