From: Volker Tanger (volker.tanger@discon.de)
Date: Mon Oct 20 2003 - 12:07:18 EDT
Greetings!
On Sun, 19 Oct 2003 13:40:03 -0400 "Jeffrey" <jeffreyd@the-dominion.net>
wrote:
> Just wondering if anyone is aware of a mini 802.11b access point that
> can be plugged inline with a network device such a printer. I am
> conducting a pen test and would like to use this device in my social
> engineering attack.
Why a "mini" version? The usual SOHO versions come with a 4port switch.
Just choose one with an "uplink" port - and without external antennaes,
if possible. For your attack choose an office where the network printer
server is tucked away under a table - antennaes are simply too
suspicious.
Walk into the office with your repair-kit toolbox, announce you'll have
to rewire the printer server ("please don't print in the next 5
minutes") due to network problems - and to install an additional
hub/switch.
Unplug the printer server appliance from the net and plug in the uplink
port. Connect the printer server to one of the other ports. Check that
printing works again ("Okay, all fixed - should work again. Can you
print a test page, please?").
Was that the attack vector your customer askey you to perform on his
network, or did I miss anything?
Bye
Volker Tanger
ITK-Security
---------------------------------------------------------------------------
FREE Whitepaper: Better Management for Network Security
Looking for a better way to manage your IP security?
Learn how Solsoft can help you:
- Ensure robust IP security through policy-based management
- Make firewall, VPN, and NAT rules interoperable across heterogeneous
networks
- Quickly respond to network events from a central console
Download our FREE whitepaper at:
http://www.securityfocus.com/sponsor/Solsoft_pen-test_031015
----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:41 EDT