Or if you WANT to see what other machines / devices are doing, you can use ettercap to sniff the switched network ports...  many an option to be had.  Again, though my reason was simply to determine, for certain, which end is failing in your testing - the application, or the remote device / service.  I'm doubtful it has anything to do with anything on the other ports, but that's only based on my knowledge of hydra, and the unreachable errors you were getting...

Cheers!

i ran wireshark and pinged my router. Traffic seems normal. Did an nmap scan and that worked. But as soon as i tried hydra, same issue. Wiresharks out put says TCP GET HTTP 404 NOT FOUND src80 dst4392. that was the reply from the router. Also noticed a GET HTTP foo/bar/protected.html from BT4 to router..Other than that, the packets seem to be normal.. My network set up is host only and NAT for outside communication.. Shouldnt matter though..

hydra is set up for 8 tasks with a timeout of 30. using http-get as protocol with the password list of darkcode.lst and no proxy set up. however i just realized i have K9 installed on my machine...

thanx

disconnect the printer, you know, just to be sure 

Doh!!!  Sssshhhhhhh... I was going to see if he was going to check that for himself.  I was 'trying' to point him in the proper direction, without totally pointing to it.   

Yes... start there...   

good to see you havent given up yet! i think it is key you point your attack directly at the page you want it to start at. lets make it a little more visual. if your directing it at the index.html page, it might not work because of for example iframes and stuff its made from. try to get the actual page that contains the login without extra pages like headers and footers! (this subtle enough?)

if the site doesnt let you view the source there are a lot of workarounds for it. try saving the page and open it locally, or just perform the complete scan/hack in a controlled environment and mirror/wget the whole site good luck and let us know the output!

Ok so i ran wireshark as i did the wget 192.168.2.1 request and checked for any http gets and found this:

WWW-Authenticate: Basic realm="WRT54GL"\r\n

after that line came the following:

SRC=192.168.2.1   DST=10.0.2.15   HTTP   HTTP/1.0 401 Unauthorized  (text/html)

the html output of that is just a red display with black letters.

So my guess is that when i type 192.168.2.1 into a browser, it makes a TCP connection to the router and then the router dishes out a seperate web page with a different address then just 192.168.2.1 for security reasons and my task is to find out what page it really is requesting so that i can point hydra to it. If that notion is correct. then how do i accomplish this with out loggin into the router to see the sorce code. ive gotta make this realistic. haha\
thanx guys