.

Rouge Wireless Router

<<

Svenxix

Newbie
Newbie

Posts: 17

Joined: Thu Dec 31, 2009 10:58 pm

Post Wed Jan 04, 2012 7:11 pm

Rouge Wireless Router

I'm living in an apartment complex, and I think someone plugged one of the internal LAN ports into their internet jack. The point is that I'm getting assigned a 192.168.0.x address when I plug directly into the wall.

By taking my browser to 192.168.0.1 I can get to a D-Link admin page.

I was wondering what the security implications of that are.

Is there a way to get a valid IP address from my ISP without modifying the router? Is there a way to help others get the real IP addresses without modifying the rouge router?

Also, I can access the internet fine from my wireless router that is plugged into the wall. Is there a reason that my wireless router is getting a good IP address and I'm not?

Thanks
<<

hayabusa

User avatar

Hero Member
Hero Member

Posts: 1662

Joined: Mon Jan 29, 2007 2:59 pm

Post Wed Jan 04, 2012 8:45 pm

Re: Rouge Wireless Router

Sounds to me like the router is 'supposed' to be the gateway for your building / complex...  More or less, if you aren't paying for individual internet service, then that 192.168.0.x address is likely the NAT'd internal address, assigned via DHCP, from the gateway.  Unless they put a machine (one, as it can't do multiple) in the DMZ on the router, nobody will have a 'public' IP address.

Edit:  if anyone else sees that rogue router, then it sounds like the building isn't wired right, as each should have their own dedicated connection to the ISP.
Last edited by hayabusa on Wed Jan 04, 2012 8:46 pm, edited 1 time in total.
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'


OSCE, OSCP , GPEN, C|EH
<<

rattis

User avatar

Hero Member
Hero Member

Posts: 1172

Joined: Mon Jul 27, 2009 1:25 pm

Post Wed Jan 04, 2012 11:40 pm

Re: Rouge Wireless Router

When I was looking at apartments last year, a few I looked at provided internet and cable. they were a little tired of dealing with comcast and the like due to complaints. Units would have ether net jacks and coax outlets.

To me it sounds like that might be the case where you are. the best thing to do would be double check with management to see if that's the case.
OSWP, Sec+
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Thu Jan 05, 2012 8:14 am

Re: Rouge Wireless Router

Sounds like it's time to fire up a packet capture and see what's really going on ;)
The day you stop learning is the day you start becoming obsolete.
<<

Triban

User avatar

Hero Member
Hero Member

Posts: 620

Joined: Fri Feb 19, 2010 4:17 pm

Post Thu Jan 05, 2012 8:53 am

Re: Rouge Wireless Router

Going to agree with Chrisj on this as well.  Unless you are paying your cable or phone company directly, then you are most likely using shared internet through the building.  In which case I would treat the network as unknown and potentially hostile since you do not have control of what other tenants will do.  If you are paying for cable/dsl internet to the companies directly then ensure that you have your equipment setup correctly.  Don't plug into the ethernet wall jacks since those may have been left as an option if you didn't want to pay separately for internet.

You should definitely be using your own router to better protect your systems from the rest of the tenants.  Ensure your wireless network is properly secure as well.  Gotta love pulling up the Wi-Fi sniffing software in dense areas of population. 
Certs: GCWN
(@)Dewser
<<

rattis

User avatar

Hero Member
Hero Member

Posts: 1172

Joined: Mon Jul 27, 2009 1:25 pm

Post Thu Jan 05, 2012 2:45 pm

Re: Rouge Wireless Router

dynamik wrote:Sounds like it's time to fire up a packet capture and see what's really going on ;)


While I like that idea, that's a very dark shade of gray where the law might come in. Now, nothing stopping you from seeing what is COMING to your system. But Bob accidentally setting your interface to promiscuous may get you in legal trouble.
OSWP, Sec+
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Thu Jan 05, 2012 5:11 pm

Re: Rouge Wireless Router

chrisj wrote:While I like that idea, that's a very dark shade of gray where the law might come in. Now, nothing stopping you from seeing what is COMING to your system. But Bob accidentally setting your interface to promiscuous may get you in legal trouble.


You think it's illegal to passively observe traffic on a network port in an apartment you're renting. Can you cite any precedence for this? I can recall several research publishing information about what they've found on connections that used shared mediums at hotels, conferences, etc.

IANAL, but that doesn't sound like a very dark shade of gray. I think it's fair to review your connection prior to connecting any important systems to it. If you started capturing passwords, ARP poisoning, scanning other systems, etc., then you would probably be crossing the legal/ethical boundary.

I personally wouldn't have any ethical issues with determining whether I'm on a shared medium or some other horrible configuration; I think it would be foolish not to. Even in such a scenario, you wouldn't need to actually capture packets or dig into the actual data; it would be obvious just from observing header information in real-time.
The day you stop learning is the day you start becoming obsolete.
<<

WCNA

User avatar

Full Member
Full Member

Posts: 187

Joined: Wed Mar 02, 2011 8:05 am

Location: Florida

Post Thu Jan 05, 2012 10:21 pm

Re: Rouge Wireless Router

OK here's the deal. Residents plugging in a LAN port on their wireless router into the internet wall jack (supplied by the complex) used to be the bane of my existence in my former job. I used to hunt them down daily.

You first need to know what the correct address scheme is for the internet provided by the complex. Frequently they will use something different than the 192.168.x.x network most home wireless routers use. If your wireless router is working, it is probably due to it still holding on to a correct address. Log in to your router and look at the WAN address from your ISP.

You can usually statically assign yourself an address (after ping sweeping the space to make sure you don't use an address already in use) if you keep receiving an incorrect address from the rogue router.

If you really want to, you could check out my video on dhcdrop on securitytube.net. It will use up all the addresses from the rogue router, making it more likely for you and others to receive a correct DHCP address.

OR you could just inform your ISP and if they are worth a damn, they'll come out, track down the offender and disconnect them. Also, if they have left the password as default (as these kind of people usually do), you could log in to the D-link and turn off DHCP. I used to walk people through doing this over the phone to prevent a truck roll. Legal? It was for us because we were the ISP and they were breaking their TOS.
Last edited by WCNA on Thu Jan 05, 2012 10:25 pm, edited 1 time in total.
ISC2 Associate, WCNA, CWNA, OSCP, Network+
<<

rattis

User avatar

Hero Member
Hero Member

Posts: 1172

Joined: Mon Jul 27, 2009 1:25 pm

Post Fri Jan 06, 2012 12:14 am

Re: Rouge Wireless Router

@dynamik

I talk to my neighbors sometimes. they'll mention tech issues. either fishing to see if anyone else is having the same problem, or just looking to vent and maybe get  a solution. none of them as far as I know, know what I do.

However, I could easily see a neighbor getting their underwear in a knot, over even a simple comment about tech, and call the police because the leader of anonymous lives next store.

Guess I'm just getting too paranoid.

As for my comment, I like the idea. doesn't mean I wouldn't or haven't done it. However, I also don't want to have to deal with getting a lawyer that can argue the finer points of computer security if some cop decides I was 'wire tapping'.

Like I said, maybe I'm getting too paranoid.
OSWP, Sec+
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Sun Jan 08, 2012 9:35 am

Re: Rouge Wireless Router

Yea, I get the point you're making. It's not that it's actually illegal; it's that people don't understand and will freak out. You just want to avoid a hassle. It's the same reason I'd never go tell a neighbor that their wifi is insecure and that I could theoretically see everything they're doing. I totally agree.
The day you stop learning is the day you start becoming obsolete.

Return to Networking

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software