Detect rouge DHPC server

From Ever changing code
Revision as of 14:08, 25 July 2013 by Pio2pio (talk | contribs)
Jump to navigation Jump to search


  • Billion router scanned with NMAP when DHCP was ON:
Starting Nmap 6.00 ( http://nmap.org ) at 2013-07-25 12:24 BST
Nmap scan report for home.gateway.home.gateway (192.168.1.254)
Host is up (0.00042s latency).
PORT   STATE         SERVICE
67/udp open|filtered dhcps
68/udp closed        dhcpc
MAC Address: 00:04:ED:B1:7F:AC (Billion Electric Co.)
  • Then DHCP server disabled with command
> lan config --dhcpserver disable
  • The router has been rescanned
Nmap done: 1 IP address (1 host up) scanned in 1.40 seconds
$ sudo nmap -sU 192.168.1.254 -p 67-68

Starting Nmap 6.00 ( http://nmap.org ) at 2013-07-25 12:25 BST
Nmap scan report for home.gateway.home.gateway (192.168.1.254)
Host is up (0.00036s latency).
PORT   STATE         SERVICE
67/udp open|filtered dhcps
68/udp closed        dhcpc
MAC Address: 00:04:ED:B1:7F:AC (Billion Electric Co.)

Nmap done: 1 IP address (1 host up) scanned in 1.43 seconds
$ sudo nmap -sU 192.168.1.254 -p 67-68

Starting Nmap 6.00 ( http://nmap.org ) at 2013-07-25 12:25 BST
Nmap scan report for home.gateway.home.gateway (192.168.1.254)
Host is up (0.00040s latency).
PORT   STATE         SERVICE
67/udp open|filtered dhcps
68/udp closed        dhcpc
MAC Address: 00:04:ED:B1:7F:AC (Billion Electric Co.)
  • Billion router busybox interface
> lan       

Usage: lan config [--ipaddr <primary|secondary> <IP address> <subnet mask>]
                  [--dhcpserver <enable|disable>]
       lan delete --ipaddr <primary|secondary>
       lan show [<primary|secondary>]
       lan --help
> lan config --dhcpserver enable
Retrieved from ‘http://wiki.ciscolinux.co.uk/index.php?title=Detect_rouge_DHPC_server&oldid=58