Difference between revisions of "Detect rouge DHPC server"
Jump to navigation
Jump to search
(Created page with " *Billion router scanned with NMAP when DHCP was ON: Starting Nmap 6.00 ( http://nmap.org ) at 2013-07-25 12:24 BST Nmap scan report for home.gateway.home.gateway (192.168.1...") |
|||
| Line 3: | Line 3: | ||
*Billion router scanned with NMAP when DHCP was ON: | *Billion router scanned with NMAP when DHCP was ON: | ||
Starting Nmap 6.00 ( http://nmap.org ) at 2013-07-25 12:24 BST | Starting Nmap 6.00 ( http://nmap.org ) at 2013-07-25 12:24 BST | ||
Nmap scan report for home.gateway.home.gateway (192.168.1.254) | Nmap scan report for home.gateway.home.gateway (192.168.1.254) | ||
Host is up (0.00042s latency). | Host is up (0.00042s latency). | ||
PORT STATE SERVICE | PORT STATE SERVICE | ||
67/udp open|filtered dhcps | 67/udp open|filtered dhcps | ||
68/udp closed dhcpc | 68/udp closed dhcpc | ||
MAC Address: 00:04:ED:B1:7F:AC (Billion Electric Co.) | MAC Address: 00:04:ED:B1:7F:AC (Billion Electric Co.) | ||
*Then DHCP server disabled with command | *Then DHCP server disabled with command | ||
| Line 16: | Line 16: | ||
*The router has been rescanned | *The router has been rescanned | ||
Nmap done: 1 IP address (1 host up) scanned in 1.40 seconds | Nmap done: 1 IP address (1 host up) scanned in 1.40 seconds | ||
$ sudo nmap -sU 192.168.1.254 -p 67-68 | $ sudo nmap -sU 192.168.1.254 -p 67-68 | ||
Starting Nmap 6.00 ( http://nmap.org ) at 2013-07-25 12:25 BST | Starting Nmap 6.00 ( http://nmap.org ) at 2013-07-25 12:25 BST | ||
Nmap scan report for home.gateway.home.gateway (192.168.1.254) | Nmap scan report for home.gateway.home.gateway (192.168.1.254) | ||
Host is up (0.00036s latency). | Host is up (0.00036s latency). | ||
PORT STATE SERVICE | PORT STATE SERVICE | ||
67/udp open|filtered dhcps | 67/udp open|filtered dhcps | ||
68/udp closed dhcpc | 68/udp closed dhcpc | ||
MAC Address: 00:04:ED:B1:7F:AC (Billion Electric Co.) | MAC Address: 00:04:ED:B1:7F:AC (Billion Electric Co.) | ||
Nmap done: 1 IP address (1 host up) scanned in 1.43 seconds | Nmap done: 1 IP address (1 host up) scanned in 1.43 seconds | ||
$ sudo nmap -sU 192.168.1.254 -p 67-68 | $ sudo nmap -sU 192.168.1.254 -p 67-68 | ||
Starting Nmap 6.00 ( http://nmap.org ) at 2013-07-25 12:25 BST | Starting Nmap 6.00 ( http://nmap.org ) at 2013-07-25 12:25 BST | ||
Nmap scan report for home.gateway.home.gateway (192.168.1.254) | Nmap scan report for home.gateway.home.gateway (192.168.1.254) | ||
Host is up (0.00040s latency). | Host is up (0.00040s latency). | ||
PORT STATE SERVICE | PORT STATE SERVICE | ||
67/udp open|filtered dhcps | 67/udp open|filtered dhcps | ||
68/udp closed dhcpc | 68/udp closed dhcpc | ||
MAC Address: 00:04:ED:B1:7F:AC (Billion Electric Co.) | MAC Address: 00:04:ED:B1:7F:AC (Billion Electric Co.) | ||
* Billion router busybox interface | * Billion router busybox interface | ||
Revision as of 14:08, 25 July 2013
- Billion router scanned with NMAP when DHCP was ON:
Starting Nmap 6.00 ( http://nmap.org ) at 2013-07-25 12:24 BST Nmap scan report for home.gateway.home.gateway (192.168.1.254) Host is up (0.00042s latency). PORT STATE SERVICE 67/udp open|filtered dhcps 68/udp closed dhcpc MAC Address: 00:04:ED:B1:7F:AC (Billion Electric Co.)
- Then DHCP server disabled with command
> lan config --dhcpserver disable
- The router has been rescanned
Nmap done: 1 IP address (1 host up) scanned in 1.40 seconds $ sudo nmap -sU 192.168.1.254 -p 67-68
Starting Nmap 6.00 ( http://nmap.org ) at 2013-07-25 12:25 BST Nmap scan report for home.gateway.home.gateway (192.168.1.254) Host is up (0.00036s latency). PORT STATE SERVICE 67/udp open|filtered dhcps 68/udp closed dhcpc MAC Address: 00:04:ED:B1:7F:AC (Billion Electric Co.)
Nmap done: 1 IP address (1 host up) scanned in 1.43 seconds $ sudo nmap -sU 192.168.1.254 -p 67-68
Starting Nmap 6.00 ( http://nmap.org ) at 2013-07-25 12:25 BST Nmap scan report for home.gateway.home.gateway (192.168.1.254) Host is up (0.00040s latency). PORT STATE SERVICE 67/udp open|filtered dhcps 68/udp closed dhcpc MAC Address: 00:04:ED:B1:7F:AC (Billion Electric Co.)
- Billion router busybox interface
> lan
Usage: lan config [--ipaddr <primary|secondary> <IP address> <subnet mask>]
[--dhcpserver <enable|disable>]
lan delete --ipaddr <primary|secondary>
lan show [<primary|secondary>]
lan --help
> lan config --dhcpserver enable