Jump to content

tech101us

Members
  • Posts

    3
  • Joined

  • Last visited

tech101us's Achievements

Newbie

Newbie (1/14)

  1. Happy to share that I solved this one. Turns out that this is actual our Shark Robo-Vacuum. It dawned on me when the vacuum wasn't doing anything for a couple of days after I blocked it's access to the internet. Apparently I neutered it (yes, pun intended 😀 ) when I disabled its access to the cloud. I'll have to report this one to the NMAP folks. It's running some sort of embedded linux that doesn't respond well to NMAP scans.
  2. Thanks @digininja Didn't consider looking at the http headers. Changing my WPA2 password is something I'm due for. I just didn't want to totally disconnect this unknown device without trying to learn a bit more about it. Unfortunately, seems like whatever it is, it hasn't come back. So for the time being, I'll just change to wifi password and continue to keep an eye on things. Appreciate the feedback and the HAK5 forums for the same.
  3. I've got a device popping up on my wireless that I'm having a hard time identifying. I scanned it with NMAP and it identified itself as a Fortigate Device (see details below). I also tried to hit it with Nessus, but unfortunately whenever I attempt to scan the device for any period of time, it drops off the network. I've blocked it from any outbound traffic in my firewall an logging packets (so far none seen). I also created a static DHCP address for the MAC address so when it does come online, it always gets the same IP address. Trying to determine whether I have a wireless interloper or this is a valid device on my network. The MAC address is an odd IEEE registered address. Appreciate any thoughts anyone has. It does have an open HTTP port with a very basic browser page that says something to the effect "this page does not exist" and a link to go "home" which returns you to the same page. sudo nmap -sS -O xxx.xxx.xxx.xxx Starting Nmap 7.80 ( https://nmap.org ) at 2021-02-08 09:05 CST Nmap scan report for xxx.xxx.xxx.xxx Host is up (0.021s latency). Not shown: 849 filtered ports, 150 closed ports PORT STATE SERVICE 80/tcp open http MAC Address: CC:C2:61:50:0E:7C (Unknown) Device type: firewall Running (JUST GUESSING): Fortinet embedded (87%) OS CPE: cpe:/h:fortinet:fortigate_100d Aggressive OS guesses: Fortinet FortiGate 100D firewall (87%) No exact OS matches for host (test conditions non-ideal). Network Distance: 1 hop
×
×
  • Create New...