Penetration Testing mailing list archives
RE: Lan access via wifi
From: Erin Carroll <amoeba () amoebazone com>
Date: Mon, 6 Jun 2005 13:47:21 -0400
Just a couple of thoughts: Meidinger Chris <chris.meidinger () badenit de> wrote ..
And the question after that: Knowing how to do this is pretty basic for a pentester.
True, but we all had to start somewhere :) For some of these questions an excellent place to get some pointers and a general overview would be the Security Basics list archive which is also on Security Focus. If you need assistance on a particular tool (such as Nessus) there are many times mailing lists dedicated for that purpose. As for the initial questions Sherwyn, I can't really tell from your email if you have active access to the wifi router or are doing the pen-test from the outside and are connecting via dhcp to see these internal clients. When you state that you put the machine on the dmz for scans are you speaking of your testing box or the unknown machines connected to the internal address space? The reason I ask for the clarification is that, depending on how you are scanning and whether or not there is a *,LAN LAN,* ACL on the router, it seems odd that you are getting no open ports whatsoever. At the very least you should usually get port 546 (DHCP-client) for these mystery boxes. If you can ping them successfully, a port is open and responding. That you get no results during your scans indicates an error in your methodology. -Erin Carroll
Cheers, Chris-----Original Message----- From: Sherwyn Williams [mailto:sherwill22 () tmail com] Sent: Monday, June 06, 2005 12:47 PM To: pen-test () securityfocus com Subject: Lan access via wifi Senerio: Doing a pentest, the client has a wifi router that is not encrypted and is gaving out dhcp address to any wifi client with a compatible card. Now my question is once I received a ip address, and I pinged a few internal clients , how would be a good way for me to gain access to these internal network. I tried //ipaddress/ because there is no machine name in the dhcp routing table. Could not connect that way, I even tried to open up certain ports via putting the machine on the router dmz and did a scan with the secuirty features disable, but still there is no open ports. Thanks in advance. Sherwyn Williams Technical Consultant (917) 650-5139 Sherwill22 () tmail com
Current thread:
- RE: Lan access via wifi Meidinger Chris (Jun 06)
- <Possible follow-ups>
- RE: Lan access via wifi Erin Carroll (Jun 06)
- RE: Lan access via wifi John Forristel (SunGard-Chico) (Jun 06)
- RE: Lan access via wifi Todd Towles (Jun 07)
- RE: Lan access via wifi Lohan Spies [ MTN - Agip ] (Jun 07)
- RE: Lan access via wifi Todd Towles (Jun 07)