From: arif.jatmoko@sea.ccamatil.com
Date: Tue Nov 13 2007 - 06:34:25 EST
Hi Paul,
How do you see the MAC-Address vs IP address ? Are you using separate your
wlan using vlan ?
There are many possiblities related with, depend on your wi-fi & wlan
setup. If your wlan rely on mac-address restriction, the attacker perhaps
try to spoof your legitimate mac-addr. Typically they will brute-forcing
your SSID, ... so on. Try to put Layer 2 analysis tool like
ethereal/tethereal at your wlan.
But if your see the mac-addr from switch layer 3 where AP configured as
different vlan, then it could be problem on how you see the mac-addr ):-
Cheers,
Arif Jatmoko
|-----------------------------+-------------------------------------------|
|Paul Greene | |
|<techlists@comcast.net> | |
|Sent by: | To|
|listbounce@securityfocus.com | pen-test@securityfocus.com |
| | cc|
|11/13/2007 03:01 PM | |
| | Subject|
| | What does a network having |
| | all identical MAC addresses |
| | mean? |
| | |
| | |
| | |
| | |
| | |
| | |
|-----------------------------+-------------------------------------------|
I was in a free wi-fi hotspot the other day and just for kicks ran an
NMAP scan to see how many people were logged on.
I noticed something peculiar though. Every IP address had identical MAC
addresses. Is this some security thing the hotspot had going on? Or is
it some kind of devious thing going on by one of the other customers in
the hotspot?
PG
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
_______________________________________________________________________________
Visit us at www.coca-colabottling.co.id
CAUTION:
This message may contain privileged and confidential information intended only for the use of the addressee named above. If you are not the intended recipient of this message, you are hereby notified that any use, dissemination,distribution, or reproduction of this message is prohibited. If you have received this message in error, please notify Coca-Cola Bottling Indonesia immediately. Any views expressed in this message are those of the individual sender and may not necessarily reflect the views of Coca-Cola Bottling Indonesia.
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:12 EDT