Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

fulldisclosure logo Full Disclosure mailing list archives

Rogue Network Link Detection
From: H D Moore <fdlist () digitaloffense net>
Date: Mon, 5 Dec 2005 23:42:19 -0600
I found an old document and some crappy perl code on my system, figured 
someone might find it interesting:

"Unauthorized network links are one of the biggest problems facing large 
enterprise networks. Users intent on bypassing corporate proxies will 
often use cable modems, wireless networks, or even full-fledged T1s to 
access the internet. These network links can have a drastic affect on 
organizational security; any perimeter access controls are completely 
bypassed, making it nearly impossible for the administrators to 
effectively concentrate their monitoring and intrusion prevention 
efforts. This document attempts to describe different approaches and 
techniques that can be used to detect these rogue network links."

http://metasploit.com/research/misc/rogue_network/

-HD
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]