Jump to content

Finding An Ap's Identity


Thamdhz

Recommended Posts

Hi All,

I am trying to find out model information/os version of a particular nortel business ap I am connected too. When I probe with Cain & able it only seem to find the manf. and not much else information. Anyone know of an alternative program to find out detailed info on this particular ap? Thanks

Link to comment
Share on other sites

oh nice, thanks for the info. Haven't done it yet but I just noticed a linksys ap over here, when I go try to access the webgui I get a nortel business secure router page? A lil confused as to why this is..any ideas?

Edited by Thamdhz
Link to comment
Share on other sites

oh nice, thanks for the info. Haven't done it yet but I just noticed a linksys ap over here, when I go try to access the webgui I get a nortel business secure router page? A lil confused as to why this is..any ideas?

A few things could be happening there. 1 the SSID might be fake, and not a linksys, or two, their web gui for the Linksys router is on an alternate port, even https, which can be set in the routers settings, and instead, they forward port 80 to the Nortel service, if it isn't itself the Nortel anyway.

Link to comment
Share on other sites

True I tried connecting on port 443 and its the same login page.. I actually got physical access to the ap and unplugged the power..I lost connection so I know its deff the ap I am connecting too. Maybe the nortel is on a completely different port? And I'm NOT doing anything malicious or harmful just messing around , thats all. Thanks for the replies..

Edited by Thamdhz
Link to comment
Share on other sites

A few things could be happening there. 1 the SSID might be fake, and not a linksys, or two, their web gui for the Linksys router is on an alternate port, even https, which can be set in the routers settings, and instead, they forward port 80 to the Nortel service, if it isn't itself the Nortel anyway.

Most wireless devices like a printer for instance broadcasts its SSID. It could be that the device you are trying to connect to may be a printer or another device that is not an access point at all.

Link to comment
Share on other sites

Most wireless devices like a printer for instance broadcasts its SSID. It could be that the device you are trying to connect to may be a printer or another device that is not an access point at all.

I am connecting to a free public open Linksys ap and just curious as to why I am getting a nortel web login , originally was just trying to probe the network to see what model and os version I was connecting to but that will be another day. Thanks for the reply..

Link to comment
Share on other sites

I wonder if someone could be MITM'ing. If you have physical access, walk up and get the MAC address off of it. Then go back to your machine and connect and check the mac address of your gateway to make sure they match. If they don't, then you aren't directly on the "linksys" connection you speak of, even if your connection drops.

Or, they just have it setup to forward to that device. Its possible they also disabled wireless configuring of the AP and can only be done over a wired connection. Thats how I set mine up at home.

Link to comment
Share on other sites

Most wireless devices like a printer for instance broadcasts its SSID. It could be that the device you are trying to connect to may be a printer or another device that is not an access point at all.

Are you saying you've seen printers, which are clients, sending out beacons? That would be against the 802.11 standards I would have thought.

Link to comment
Share on other sites

Are you saying you've seen printers, which are clients, sending out beacons? That would be against the 802.11 standards I would have thought.

Yeah, I think you are right, as printers might send probes probably using uPnP or such, but probably not beacons. Wireless print servers might send beacons though, although I've not played with one personally so can't test that, but then again, I don't know what the device truly is, is it a wireless card for printers, or an actual AP/Router/Bridge, etc?

Link to comment
Share on other sites

Are you saying you've seen printers, which are clients, sending out beacons? That would be against the 802.11 standards I would have thought.

I was referring to the wireless connectivity in the printer. I own a Cannon printer, which has wireless connectivity capabilities built in to it.

So when enabled, it broadcasts its SSID just like a normal access point would. And then you can connect to it, from your computer.

Edited by Infiltrator
Link to comment
Share on other sites

So basically it is a printer with a built in access point, that makes sense now.

Sorry wasn't clear enough!

Link to comment
Share on other sites

Hey thanks for the replies.. I forgot to mention , yesterday when I was messing around I got the mac from my arp cache and checked it against this website >> http://www.coffer.com/mac_find/ (great webtool) , and got the vendor nortel networks.. So yea I am guessing that maybe the wireless config of the ap is disabled by wireless users..but when I get go to my gateways address I get the nortel's webgui and when I turn the linksys ap off I lose connection.. still wanna know how this network is configured.. going to try to get physical access to the network when I go back .. and btw I thought that wireless printers only broadcast as an ad-hoc netowrk? anyways Happy New Year!

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...