Penetration Testing mailing list archives
Re: Wired captive portal pen-test
From: Roman Medina-Heigl Hernandez <roman () rs-labs com>
Date: Thu, 17 Jul 2008 00:44:06 +0200
José M. Palazón Romero escribió:
Anyway, I still think they are probably not filtering at layer 2.
They are (I think). I had a look to some public computer at the hotel and I saw its IP. It was in the same subnet used by room's port. Nevertheless, when I launched a MAC scan with Cain from the room's RJ45, only the router responded. The public computer was, of course, always powered on. Definitely, a good hotspot will be using L2 filtering (so one customer cannot attack other customers or other hosts in the subnet).
-- Saludos, -Roman PGP Fingerprint: 09BB EFCD 21ED 4E79 25FB 29E1 E47F 8A7D EAD5 6742 [Key ID: 0xEAD56742. Available at KeyServ] ------------------------------------------------------------------------ This list is sponsored by: CenzicTop 5 Common Mistakes in Securing Web Applications
Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
Current thread:
- Wired captive portal pen-test Roman Medina-Heigl Hernandez (Jul 14)
- Re: Wired captive portal pen-test Mike Hale (Jul 14)
- Re: Wired captive portal pen-test Terry Cutler (Jul 14)
- RE: Wired captive portal pen-test Sergio Castro (Jul 14)
- Re: Wired captive portal pen-test Roman Medina-Heigl Hernandez (Jul 14)
- RE: Wired captive portal pen-test Sergio Castro (Jul 14)
- Re: Wired captive portal pen-test José M. Palazón Romero (Jul 16)
- Re: Wired captive portal pen-test Roman Medina-Heigl Hernandez (Jul 16)
- RE: Wired captive portal pen-test Sergio Castro (Jul 16)
- Re: Wired captive portal pen-test Roman Medina-Heigl Hernandez (Jul 14)
- Re: Wired captive portal pen-test José M. Palazón Romero (Jul 15)
- Re: Wired captive portal pen-test Mario Spinthiras (Jul 16)
- Re: Wired captive portal pen-test Roman Medina-Heigl Hernandez (Jul 16)
- Re: Wired captive portal pen-test Mike Hale (Jul 14)
- Re: Wired captive portal pen-test Roman Medina-Heigl Hernandez (Jul 16)
- Re: Wired captive portal pen-test Mario Spinthiras (Jul 17)