Penetration Testing mailing list archives
Re: OT: the detection of illegal gateways
From: BMF <badmotherfsckr () gmail com>
Date: Wed, 19 May 2010 12:21:56 -0700
On Mon, May 17, 2010 at 2:39 AM, J Hein <j.hein () ymail com> wrote:
Are there any good products for detecting illegally installed boxes with a routing capability? One of my fellow consultants suggested IP Sonar (by Lumeta) for this purpose which (as he claims) has been successfully used by BT in the past. From the product description I've got an impression that IP Sonar cleverly uses traceroute for detecting routers that illegally exchange information between internal networks and the internet (so called "network leaks").
People often have this problem with VPN clients. Often you want your VPN clients to set their default route to the VPN so that they do not become an unauthorized router or potential hop-point for someone to go from the Internet into your corproate network via the VPN client. The standard test is to ping the VPN client from a publicly routed IP and see which interface the ping reply comes back on. If it came back via the VPN connection they are fine. If it comes back from an external facing interface they have some other Internet connection and that is a problem. BMF ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- OT: the detection of illegal gateways J Hein (May 18)
- Message not available
- Re: OT: the detection of illegal gateways Zack Payton (May 19)
- Re: OT: the detection of illegal gateways Adam Mooz (May 19)
- RE: OT: the detection of illegal gateways John Lampe (May 21)
- Re: OT: the detection of illegal gateways Zack Payton (May 19)
- Message not available
- Re: OT: the detection of illegal gateways ulric (May 19)
- Re: OT: the detection of illegal gateways BMF (May 21)
- Re: OT: the detection of illegal gateways Kurt Buff (May 21)
- Re: OT: the detection of illegal gateways Lee (May 24)
- RE: OT: the detection of illegal gateways Demetris Papapetrou (May 25)
- RE: OT: the detection of illegal gateways Ward, Jon (May 26)