From: odinanne (odinanne@comcast.net)
Date: Tue Jan 04 2005 - 01:27:32 EST
If it is a large company, might it be possible to find a user with a
laptop that has wireless enabled that also has a wired connection to the
network. You might be able to bridge into the wired network. I would
start listening in the executive suites as they often feel the rules
don't apply to them and also like to have the the better toys their
peers in other organizations. This organization sounds more secure
than this, but one is often surprised.
shiri yacov wrote:
>Greetings to all PenTesters,
>
>I am scheduled to perform a pentest in a big company, in the near future.
>
>However, a little intelligence gathering has revealed that the company
>
>has enforced secure MAC on her switches (any port transmitting on other than its known MAC address is immediatltly blocked until helpdesk releases it.
>
>since my starting point is a "hot" port in the wall, and since I would not
>
>give up on the first stage, I am looking for a way to get connected to
>
>the net (using my allocated port) without activating any alarm when
>
>connecting to the net, and furthermore, without being blocked.
>
>
>
>My idea so far includes spoffing my MAC address, however, I still dont know to which MAC address should I switch my MAC to ? how do I know
>
>which MAC address is the legal one on a specific port ?
>
>
>
>Bruteforce is not an option - the port is frozen after 3 unsuccessful subsequent unauthorized MACs.
>
>
>
>Did anyone ever came accross a similar configuration ? Do you have an
>
>idea as to how can I bypass this.
>
>
>
>Regards,
>
>Shiri, Security Consultant
>
>
>
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:12 EDT