jaslilili Posted November 29, 2007 Posted November 29, 2007 Hey everyone :-P I am wondering what is some of the common tools your guys use to do network audit, and recently I been asked to recover all of the router password that had been lost on a client site, there about 3 to 4 linksys wireless switch and a 3COM switches. any recommendation on what I maybe able to use or go about other then resetting them physically? Quote
Sparda Posted November 30, 2007 Posted November 30, 2007 An essential part of a network audit would involve scanning the network for devices that should not be there and computers running services they should not. Quote
jaslilili Posted November 30, 2007 Author Posted November 30, 2007 Thanks for the reply mate, I did some scanning using Cain and Nessus, which is fantastic. But is that what do most people do? And the common standard and tools. And also if there are any ways of obtaining the login info on these devices I mention earlier. If not, I guess i will just to have reset them and re-config them again. :-? Quote
digip Posted November 30, 2007 Posted November 30, 2007 Unless someone has a practice of using the same passwords or password naming scheme on devices, you will have to do hard resets on the devices. As far as using things like Cain, I do not think it is what most corporate clients would want someone using on their system. Cain is usefull for certain things, but 99% of the people using it are looking to ARP attack a users session, or MITM attacks. That won't help recover router passwords unless someone is logging into the device and it is not encrypted or SSL/SSH into the device. Quote
Sparda Posted November 30, 2007 Posted November 30, 2007 nmap would be the ipso factor for discovering unauthorized devices/services. Quote
jaslilili Posted November 30, 2007 Author Posted November 30, 2007 thanks buddy, I am now confirm no choice but hardware rest. Good point about Cain, I only started looking in the tool, so though it might be useful to do network scan and provide network and workstation info. But i have ended up going to each machine and ran "System Info", thank god there wasn't too many machines. Although what i should have disable windows firewall via group policy and run some sort of remote network audit tool. Quote
metatron Posted November 30, 2007 Posted November 30, 2007 You could try using snmpwalk or Hydra if you have no luck with that. Network fuzzers always come in useful also other fuzzers.Other tools I use are nmap, wicrawl (yes I'm lazy most of the time), karma, tcpdump, tcp-replay, packeth, ettercap, wireshark, GCC, vi, dnswalk, and many, many more. I can't be bothered to list any more. Quote
SomeoneE1se Posted November 30, 2007 Posted November 30, 2007 wicrawl ftw too bad my tablet was stolen grrrr.... but meh Quote
jaslilili Posted December 3, 2007 Author Posted December 3, 2007 cheers guys, I will definitely look into those ones, nothing is easy is it. :D Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.