Sounds like your friend was right.
I give UP !!!!
hello all, yes i give up in this problem that i've never seen something like it before. it's been 13 days and i still reading and searching for a solution with no success ! that's why am asking your professional opinion.
here is my scenario :
a friend has set up a :
USR 9106 wireless router with WEP eanbled-mac filtering "my friend who setup this claims that he can protect the Wlan inspite of using such a weak encryption algorithm".
1 Compaq v6000 laptops running winXP sp2 (communicating with the router to make the packets flow around)
1 pc that has dual boot (windows xp sp2 - BT3 beta) "this pc supposed to test the security between the previous two machines"
the router and laptop has some settings "configurations and securty" that make the laptop able to connect to the router and reach an internet connection.
now , using the pc to test how much it takes to get in the network :
it was a piece of cake cracking the WEP pass ,bypassing the mac filtiring feature, and set up a fixed IP (192.168.1.55) after determining that DHCP is disabled by the router .
now after connecting i discovered that the router ip range has been modified "so must the laptop ip"
yeah it's pretty easy to bypass that too , i fired up wireshark and waited while it's listening ,here comes the problem ! i can't detect the IP of the router nor the IP of the test laptop !!! tcpdump didn't go any further too !
the connection status shows some packets in the sent field ,,with 0 packets in the recieved field.
any Ideas ?
thank you in advance and sorry for being long
Sounds like your friend was right.
A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.
Perhaps you are better off relaxing the security on your AP and then trying to get around one security feature at a time. I.e. Enable DHCP and ICMP and then disable any firewalls you might have up.
Remember each security function takes a different skill to bypass and ninja's dont learn all their moves at once.
Yet you had to post to let us know?I give UP !!!!
If you're not part of the same address range how do you expect to see any traffic? Do some homework on ARP.now after connecting i discovered that the router ip range has been modified "so must the laptop ip"
yeah it's pretty easy to bypass that too , i fired up wireshark and waited while it's listening ,here comes the problem ! i can't detect the IP of the router nor the IP of the test laptop !!! tcpdump didn't go any further too !
the connection status shows some packets in the sent field ,,with 0 packets in the recieved field.
I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.
I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.
damn !Originally Posted by streaker69
Sounds like your friend was right.
thanx for yr post ,, well i've cracked the same router many times before with variety security options, but the worst thing is when u donut know "who is your enemy" coz i really donut know what the heck is going on now ,,sure thing will try the configurations he sat one by one ,,but for now i donut wanna ruin his conf .
thanx again
well ,it's not my first time getting into a similar situation , besides sniffers like wireshark will get the traffic "or at least it will tell u the addresses that r trying to transmit packets" that is being redirected into the network even if u were not in the same ip-range-mask
You're right I shouldn't have assumed it was a switched network. If you were all behind a hub you'd see everyone's traffic.
I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.
I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.
never mind
now back to my problem ..what do u think about it ?
You know if they are using IP filtering also?
I also think its possible they are using a different netmask than the typical 255.255.255.0
mmmmmmMMMMMmmmmmmmmm, donuts.damn !
thanx for yr post ,, well i've cracked the same router many times before with variety security options, but the worst thing is when u donut know "who is your enemy" coz i really donut know what the heck is going on now ,,sure thing will try the configurations he sat one by one ,,but for now i donut wanna ruin his conf .
thanx again
well ,it's not my first time getting into a similar situation , besides sniffers like wireshark will get the traffic "or at least it will tell u the addresses that r trying to transmit packets" that is being redirected into the network even if u were not in the same ip-range-mask
A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.
thank you for reply ,, wireshark will still be able to sniff and detect the IPs that has a packets transmits even if another netmask is used
Posting Permissions
