Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: Wired captive portal pen-test
From: Roman Medina-Heigl Hernandez <roman () rs-labs com>
Date: Thu, 17 Jul 2008 00:44:06 +0200

JosŽé M. Palazón Romero escribió:
Anyway, I still think they are probably not filtering at layer 2.

They are (I think). I had a look to some public computer at the hotel and I saw its IP. It was in the same subnet used by room's port. Nevertheless, when I launched a MAC scan with Cain from the room's RJ45, only the router responded. The public computer was, of course, always powered on. Definitely, a good hotspot will be using L2 filtering (so one customer cannot attack other customers or other hosts in the subnet).

--

Saludos,
-Roman

PGP Fingerprint:
09BB EFCD 21ED 4E79 25FB  29E1 E47F 8A7D EAD5 6742
[Key ID: 0xEAD56742. Available at KeyServ]

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]