From: peter.schaub@thomson.com
Date: Tue Jan 08 2008 - 14:05:31 EST
Check for the default 'operator' username / pass account being
unchanged. I have been told this is very commonly overlooked at hotels.
This may provide you read only access to the NSE, which may in turn
provide you more details about the devices connected, and the network as
a whole etc...
View the source code on the login page (if one is used for end user
authentication) and see where the login requests are being posted and if
they are using a secure https post.
-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On Behalf Of whitehat
Sent: Friday, January 04, 2008 05:51
To: pen-test
Subject: Need Check list for Testing HSIA...
Hi...
I'm looking to test the High Speed Internet Access(HSIA) for a hotel.
I'd like to know the better way to approach it.
For your information the Access Gateway that is being used is
Nomadix!!!!!
So can anyone provide me the check list to perform the necessary steps
to go further.
Thanks & regards,
Whitehat
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:19 EDT