December 8th, 2004, 04:39 AM
The Importance of Labelling Network Drops
I was playing around with my shiny new network today, running Ettercap attacks and Nessus scans.
Apparently the switchport I plugged my NetWare server into, which also functions as my router, was meant for the IP phones the school uses, and therefore was not VLANed like I thought it was.
I was broadcasting my Nessus scans to an entire computer lab with like 100 students in it, thinking I was restricted to a VLAN local only to the lab I was working in. The only reason the Ettercap attacks didn't attack an innocent student was because I randomly picked a computer in the forensics lab. But that's not all. The border router for that subnet also runs a transparent Squid proxy which I was unaware of until today. Apparently it hasn't been updated since the 2.4.24 kernel, and Nessus wasn't running in safe mode.
I crashed the squid box, bringing down Internet access to the entire computing commons, a room with nearly 100 machines. All because an ethernet drop wasn't labelled properly.
Let's just say IT wasn't too happy about it.
(Kinda makes me feel good though. Brought down an entire subnet without even realizing it.)
Government is like fire - a handy servant, but a dangerous master - George Washington
Government is not reason, it is not eloquence - it is force. - George Washington.
Join the UnError
January 6th, 2005, 05:29 AM
wow, if you could just bring down an entire network without even meaning to do it imagine what could have been accomplished if the wrong person was prodding around on your network...