joeypesci Posted May 6, 2010 Posted May 6, 2010 So, you're pen-testing and get onto a WEP secured WIFI network. You logon to the router and find they appear to now register machines that are on the network, yours is one of those now registered on it. So if the user was to check the router later, they'd see the unauthorised device that had connected. BTHomeHub2 does this and so does the O2 router. Is there away to hide from this? Been testing on my old Linksys AP which I don't believe does it. Although does have a log feature that I can put in a log monitor but don't bother. Quote
Sparda Posted May 6, 2010 Posted May 6, 2010 There is no way to truly hide your self on a wireless network if you have to associate with it. You can do things like, change your mac address and not get an IP from DHCP, the the AP will still know you are there. Quote
joeypesci Posted May 6, 2010 Author Posted May 6, 2010 There is no way to truly hide your self on a wireless network if you have to associate with it. You can do things like, change your mac address and not get an IP from DHCP, the the AP will still know you are there. Thanks. Thought it might be the case. Quote
Infiltrator Posted May 6, 2010 Posted May 6, 2010 (edited) Thanks. Thought it might be the case. Or you could pose as one of the trusted devices, by changing your computer netbios name and mac address. Edited May 6, 2010 by Infiltrator Quote
joeypesci Posted May 6, 2010 Author Posted May 6, 2010 (edited) Or you could pose as one of the trusted devices, by changing your computer netbios name and mac address. Yeah was thinking that although you'd have to do it when they (the device you're spoofing) weren't on the network. Edited May 6, 2010 by joeypesci Quote
Infiltrator Posted May 8, 2010 Posted May 8, 2010 Yeah was thinking that although you'd have to do it when they (the device you're spoofing) weren't on the network. Yes in deed that's the only issue. Quote
Alias Posted May 8, 2010 Posted May 8, 2010 This might seem like a really stupid answer but why not just delete the logs? Quote
Infiltrator Posted May 8, 2010 Posted May 8, 2010 This might seem like a really stupid answer but why not just delete the logs? I think the wireless router would still register any device that has contacted it, even if the log files are deleted you can still find out who is/was connected to the AP. Quote
The Sorrow Posted May 10, 2010 Posted May 10, 2010 well, you cant be "invisible" but you can do your deeds, modify the logs and leave. nothing left but some packet logs saying there was a spike in syn ack and so on Quote
Random_N00b Posted May 15, 2010 Posted May 15, 2010 I've got one that goes along with this topic...kind of. I'm on a wireless network that will only let computers on the network if their wireless NIC's MAC address is in their system. And they register your name with the MAC address. They are obviously watching what data is being sent across the net. How do I keep them from seeing my data. I can't hide that I'm on the net, they know by my MAC address, but I'd like to make it so they can't see what I'm going to. The only idea I had was an SSL tunnel into a web server that I trusted. Any ideas? Quote
Sparda Posted May 15, 2010 Posted May 15, 2010 TOR, VPN, SSL proxy. Just to name a few options. Quote
Random_N00b Posted May 15, 2010 Posted May 15, 2010 TOR, VPN, SSL proxy. Just to name a few options. Wow, that was quick. Thank you for the advice. Quote
Infiltrator Posted May 16, 2010 Posted May 16, 2010 TOR, VPN, SSL proxy. Just to name a few options. Or he could use SSH, which should make things a bit more secure. Quote
Random_N00b Posted May 16, 2010 Posted May 16, 2010 Or he could use SSH, which should make things a bit more secure. I appreciate the help and advice. As the name implies, I am just another random noob here. Thank you for helping me out. Quote
barry99705 Posted May 20, 2010 Posted May 20, 2010 Disable logging? My access points don't do their own logging. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.