RE: Lan access via wifi

From: Erin Carroll (amoeba@amoebazone.com)
Date: Mon Jun 06 2005 - 13:47:21 EDT

• Next message: Sherwyn Williams: "Re: Lan access via wifi"
• Previous message: Alfred Huger: "Administrivia"
• Maybe in reply to: Sherwyn Williams: "Lan access via wifi"
• Next in thread: Sherwyn Williams: "Re: Lan access via wifi"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Just a couple of thoughts:

Meidinger Chris <chris.meidinger@badenit.de> wrote ..
> And the question after that:
>
> Knowing how to do this is pretty basic for a pentester.

True, but we all had to start somewhere :)

For some of these questions an excellent place to get some pointers and a general overview would be the Security Basics list archive which is also on Security Focus. If you need assistance on a particular tool (such as Nessus) there are many times mailing lists dedicated for that purpose.

As for the initial questions Sherwyn, I can't really tell from your email if you have active access to the wifi router or are doing the pen-test from the outside and are connecting via dhcp to see these internal clients. When you state that you put the machine on the dmz for scans are you speaking of your testing box or the unknown machines connected to the internal address space?

The reason I ask for the clarification is that, depending on how you are scanning and whether or not there is a *,LAN LAN,* ACL on the router, it seems odd that you are getting no open ports whatsoever. At the very least you should usually get port 546 (DHCP-client) for these mystery boxes. If you can ping them successfully, a port is open and responding. That you get no results during your scans indicates an error in your methodology.

-Erin Carroll

> Cheers,
>
> Chris
>
> > -----Original Message-----
> > From: Sherwyn Williams [mailto:sherwill22@tmail.com]
> > Sent: Monday, June 06, 2005 12:47 PM
> > To: pen-test@securityfocus.com
> > Subject: Lan access via wifi
> >
> > Senerio:
> >
> > Doing a pentest, the client has a wifi router that is not
> > encrypted and
> > is gaving out dhcp address to any wifi client with a compatible card.
> > Now my question is once I received a ip address, and I pinged a few
> > internal clients , how would be a good way for me to gain access to
> > these internal network.
> >
> > I tried //ipaddress/ because there is no machine name in the dhcp
> > routing table. Could not connect that way, I even tried to open up
> > certain ports via putting the machine on the router dmz and
> > did a scan
> > with the secuirty features disable, but still there is no open ports.
> >
> > Thanks in advance.
> >
> >
> >
> > Sherwyn Williams
> > Technical Consultant
> > (917) 650-5139
> > Sherwill22@tmail.com
> >

• Next message: Sherwyn Williams: "Re: Lan access via wifi"
• Previous message: Alfred Huger: "Administrivia"
• Maybe in reply to: Sherwyn Williams: "Lan access via wifi"
• Next in thread: Sherwyn Williams: "Re: Lan access via wifi"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:22 EDT