NetStumbler.org Forums - View Single Post

08-10-2001

Disclaimer- This information is for educational purposes only. Ideally any and all of this information would be utilized only on equipment and networks you own or otherwise have permission to use. Any variation of the suggested use has potential for serious jail time, court time, and all around no fun time.

If they are using DCHP and you are automatically getting an IP address they should also be providing gateway information and everything else. If the network is setup correctly and they provide a correct gateway you should be bouncing out to the Internet. Lots of ifs there if you noticed.

First step would be to add a sniffer/network monitor to your toolset and start monitoring the network traffic that you should see on that card.

Observe what looks like local traffic and anything that is obviously traffic going to the Internet.
Document findings.
Start inspecting various hosts to see operating systems and revisions.
Discover which are workstations and which are servers.

Basically continue as if you were performing an audit on a system that you have network access to but no other information.

Mainly it depends on what you are trying to accomplish. Check email from anywhere? See how your network is broadcasting internal trade secrets? You can continue the mindset per your own experience/desires....

John K.

08-10-2001	#4 (permalink)
Posts: n/a	Disclaimer- This information is for educational purposes only. Ideally any and all of this information would be utilized only on equipment and networks you own or otherwise have permission to use. Any variation of the suggested use has potential for serious jail time, court time, and all around no fun time. If they are using DCHP and you are automatically getting an IP address they should also be providing gateway information and everything else. If the network is setup correctly and they provide a correct gateway you should be bouncing out to the Internet. Lots of ifs there if you noticed. First step would be to add a sniffer/network monitor to your toolset and start monitoring the network traffic that you should see on that card. Observe what looks like local traffic and anything that is obviously traffic going to the Internet. Document findings. Start inspecting various hosts to see operating systems and revisions. Discover which are workstations and which are servers. Basically continue as if you were performing an audit on a system that you have network access to but no other information. Mainly it depends on what you are trying to accomplish. Check email from anywhere? See how your network is broadcasting internal trade secrets? You can continue the mindset per your own experience/desires.... John K.