Network question (noobish)

[PoyBoy]

I have a DLink DI-524 router, with wireless-G enavled. With NMap or metasploit or even Cain and Abel, a wired computers dont show up when i'm on the wireless network. I'm really confused, as it is the same subnet (192.168.0.*)

Please help me!!!

sorry for the nooby question!

[cooper]

Please be more specific.

"wired computers don't show up"... Show up where? What have you tried to connect to them? Got any responses? etc...

[stingwray]

We need more information, like how you are connecting to the network and doing the scanning. It is know that at least Cain and Able has some problems with some Wifi cards so that might be causing you some headaches.

Also what are you trying to accomplish, are you trying out the ARP Cache poisioning attack or just scanning your computers for open ports?

[armadaender]

Can you ping the 'wired' computers?

[VaKo]

Aren't the wired and wireless parts of the network on seperate VLANs? So wirered and wireless traffic is sperated out further downstream.

[Sparda]

Wired and wireless networks should be kept seperate as far as posible. If your wireless network gets comprimised you don;t want your entire network comprimised.

[VaKo]

Not figured out the VLAN bit on my WRT54G, so I just use a MAC whitelist and a 63 char WPA-TKIP.

[PoyBoy]

sorry for the bad info (or lack thereof)

I'm on my ZyDas 1211 wifi usb card, and when I scan a computer that I know is there on a wired connection, nothing shows up.

Ive used C&A and NMap to scan.

What is the whitelist thingy?

I really don't need to worry about my LAN being compramised, as I'm way in the country.

Hope that helped!!

[VaKo]

Can you do start -> run -> cmd /k ping 192.168.0.x and get traffic back at least? (where x = the target machine)

You got firewalls on them? I know Outpost firewall will stop an ARP posioning so try turning all that stuff off.

If that doesn't work, wire it in and do a scan, I have a feeling that your router might keep wireless and wired traffic seperate, so you can't attack the wired LAN via wardriving. Have a look threw the wireless setup in the router gui for sercurity options. Your router does support VLAN.

The whitelist thing I mentioned is a way of sercuring your network. Since you know all the computers that you want on your network, you give your router a list of friendly MAC addresses. And if your names not on the list, your not coming in. Its not foolproof, but if someone cracks my WPA, its another hurdle at the very least.

[PoyBoy]

Did some googling, but didn't find much on the whitelist stuff in terms of setup. Is whitelist the official name? Also, do you need software on a computer, or does the router just need to support it.

[Shaun]

A MAC whitelist is just a way of only letting network cards (usually wireless) with certain MAC addresses connect to your network. It doesn't really provide much in the way of security since you can fake your MAC address, but it will deter unskilled people. It is a function of access points and routers, etc, not something you download.

(Also VaKo I think if they crack your WPA then MAC filtering isn't gonna do much).

[VaKo]

(Also VaKo I think if they crack your WPA then MAC filtering isn't gonna do much).

True, more of a n00b filter. I'm well aware that anyone putting enough effort could walk all over my setup.

[stingwray]

I have a totally unencrypted wireless network that is totally secure.

You connect to it, and you will get an subnet of 255.255.255.255 which basically means that you will only be able to talk to the access point and yourself (not much security in this but it makes things simpler). Then before you can get onto my network you have to pass through a massive firewall which only allows VPN connections through, and so you connect to my VPN server on my network from then you are effectively on my network.

I've had people trying to hack it before, its quite funny to watch what they try and do before they move off. I think they just assume that there isn't any internet or network here.