RE: Identify rogue adsl modems routers in the network

["Shenk, Jerry A" <jshenk () decommunications com>]

Another option would be to scan for devices with multiple interfaces.

If you get lucky, an SNMP scan would turn up the device.

You could also scan for MAC addresses and research any that don't make
sense.  If you're using all Compaq/HP and you see some MACs that don't
fit within that pattern, check them out manually.  But, the modem/router
could be connected to one of them.  This method would really only work
for finding rouge devices that are directly attached to the network.

I have the old version of LanGuard that I would use for this...version
2.0.0.4544.  It will scan a network and find all kinds of stuff.  One of
the things in particular that it finds is multiple NICs.  It also does
the SNMP queries and it identifies MAC addresses.  I haven't looked at
the most recent LanGuard but the next version after GFI bought them was
so lame that I just never got back to it.  I have heard good things
about the new stuff so I'm probably being too harsh;)

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of t35tman
Sent: Monday, May 26, 2008 12:25 PM
To: pen-test () securityfocus com
Subject: Identify rogue adsl modems routers in the network

Hi all,

Had a weired requirement recently.
I was wondering if there is any way to detect an adsl modem/router
connected to a phone line.

The scenario being able to trace the adsl modem/router internally from
within the corporate network or externally from the ISP network.

The only option I see is to check with the ISP ... any suggestions ?

Thanks and Regards



------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes
in Securing Web Applications
Find out now! Get Webinar Recording and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------


**DISCLAIMER
This e-mail message and any files transmitted with it are intended for the use of the individual or entity to which 
they are addressed and may contain information that is privileged, proprietary and confidential. If you are not the 
intended recipient, you may not use, copy or disclose to anyone the message or any information contained in the 
message. If you have received this communication in error, please notify the sender and delete this e-mail message. The 
contents do not represent the opinion of D&E except to the extent that it relates to their official business.

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes
in Securing Web Applications
Find out now! Get Webinar Recording and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------