Jump to content

Recommended Posts

Posted

So, you're pen-testing and get onto a WEP secured WIFI network. You logon to the router and find they appear to now register machines that are on the network, yours is one of those now registered on it. So if the user was to check the router later, they'd see the unauthorised device that had connected.

BTHomeHub2 does this and so does the O2 router.

Is there away to hide from this?

Been testing on my old Linksys AP which I don't believe does it. Although does have a log feature that I can put in a log monitor but don't bother.

Posted

There is no way to truly hide your self on a wireless network if you have to associate with it. You can do things like, change your mac address and not get an IP from DHCP, the the AP will still know you are there.

Posted
There is no way to truly hide your self on a wireless network if you have to associate with it. You can do things like, change your mac address and not get an IP from DHCP, the the AP will still know you are there.

Thanks. Thought it might be the case.

Posted (edited)
Thanks. Thought it might be the case.

Or you could pose as one of the trusted devices, by changing your computer netbios name and mac address.

Edited by Infiltrator
Posted (edited)
Or you could pose as one of the trusted devices, by changing your computer netbios name and mac address.

Yeah was thinking that although you'd have to do it when they (the device you're spoofing) weren't on the network.

Edited by joeypesci
Posted
Yeah was thinking that although you'd have to do it when they (the device you're spoofing) weren't on the network.

Yes in deed that's the only issue.

Posted

This might seem like a really stupid answer but why not just delete the logs?

Posted
This might seem like a really stupid answer but why not just delete the logs?

I think the wireless router would still register any device that has contacted it, even if the log files are deleted you can still find out who is/was connected to the AP.

Posted

Disable logging?

Posted

well, you cant be "invisible" but you can do your deeds, modify the logs and leave. nothing left but some packet logs saying there was a spike in syn ack and so on

Posted

I've got one that goes along with this topic...kind of. I'm on a wireless network that will only let computers on the network if their wireless NIC's MAC address is in their system. And they register your name with the MAC address. They are obviously watching what data is being sent across the net. How do I keep them from seeing my data. I can't hide that I'm on the net, they know by my MAC address, but I'd like to make it so they can't see what I'm going to. The only idea I had was an SSL tunnel into a web server that I trusted. Any ideas?

Posted
TOR, VPN, SSL proxy. Just to name a few options.

Or he could use SSH, which should make things a bit more secure.

Posted
Or he could use SSH, which should make things a bit more secure.

I appreciate the help and advice. As the name implies, I am just another random noob here. Thank you for helping me out.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...