BugTraq
Tool for Identifying Rogue Linksys Routers Aug 25 2005 06:48PM
Martin Mkrtchian (dotsecure gmail com) (5 replies)
Re: Tool for Identifying Rogue Linksys Routers Aug 27 2005 12:13AM
Tony Rall (trall almaden ibm com)
Re: Tool for Identifying Rogue Linksys Routers Aug 26 2005 07:29PM
Dave Hull (ireadit gmail com)
Re: Tool for Identifying Rogue Linksys Routers Aug 26 2005 02:32PM
Graham Wilson (graham mknod org)
On Thu, Aug 25, 2005 at 11:48:38AM -0700, Martin Mkrtchian wrote:
> We are migrating from Lucent QIP to MetaIP for DHCP services and so
> far we have had two issues when MetaIP has been implemented for VLAN
> that has an unauthorized Linksys router giving out IP addresses.
>
> Is there a scanning tool out there that can determine if there are
> unauthorized Linksys (type) routers in a specific VLAN?

Try pinging all hosts using nmap:

# nmap -sP 192.168.1.0/24

Then look at the arp cache:

# arp | grep ether

Then find MAC addresses that are from Linksys's space. I know macchanger
[1] has a list of what addresses belong to which vendors.

Hope this helps.

[1] http://www.alobbs.com/modules.php?op=modload&name=macc&file=index

--
gram

[ reply ]
Re: Tool for Identifying Rogue Linksys Routers Aug 26 2005 01:31PM
Mike Frantzen (frantzen nfr com)
Re: Tool for Identifying Rogue Linksys Routers Aug 25 2005 09:14PM
Joshua Wright (jwright hasborg com)


 

Privacy Statement
Copyright 2010, SecurityFocus