[asterisk-users] is there a way

Eric Fort eric.fort at gmail.com
Fri Oct 10 21:33:45 CDT 2008


nmap for scanning and identification.  cross platform and even a nice gui
for windows.

Eric

On Fri, Oct 10, 2008 at 3:20 PM, Steve Totaro <
stotaro at totarotechnologies.com> wrote:

>
>
> On Fri, Oct 10, 2008 at 5:55 PM, Brent Davidson <
> brent at texascountrytitle.com> wrote:
>
>> Babcock, Michael Alex wrote:
>> > hey;
>> > i'm at best western and am curious is there a way i could find out if
>> > our best western, with out asking, is using asterisk?
>> > oh and petsmart i think is using asterisk they have alason voice for
>> > there main voicem enu.
>> > mike
>> >
>> >
>> > thanks for reading
>> > Systems administrator and owner of http://gwhosting.net
>> > msn: messaging at audioficks.net
>> > twitter: http://twitter.com/creepyblindy
>> >
>> What does your sip.conf look like?The only way I could see this
>> happening would be if the IP's or Identities were somehow getting
>> crossed up.  Do your phones have static IP's or are they using DHCP?
>>
>> -Brent
>>
>>
> I assume that he just has analog in his room and a basic "hotel phone"  If
> they are SIP you stand a chance of figuring out without using social
> engineering, also if they have not separated the room net access from the
> PBX on the LAN.
>
> I have dualboot and use a very powerful free program put out by 3com called
> "3com network supervisor", the name has changed I think, but you can either
> search google or 3com and find the newest software.  I am sure there is a
> Linux tool that does the same, just never bothered to find it since it is
> easy enough and free to dualboot and use the 3com software.
>
> It will go out and ping all the addresses you specify or would be included
> in your DHCP assigned subnet.  It then tries to resolve hostnames, OS,
> services, and the like and give you a nice graphical map.
>
> A very good reason not to plug a laptop with open services and fileshares
> or whatever into a hotel network jack, or wifi.  You will be shocked what
> you can find ~8-9PM in a large and full business type hotel.
>
> So once you map the IPs, look for something unusual or usual switches,
> routers, and hotel servers usually occupy the lower end of the IP pool.  I
> have had totally open access to the hotels cisco switches and APs because
> they were never setup with passwords or used defaults.
>
> If you find a box that is running Linux, try the web interface and see if
> it identifies itself, like most flawed boxen do.  So typing it's IP into a
> browser with http://IP or https://ip might tell you exactly what it is.
> Say it is a SwitchVox box https://ip/admin should tell you right way.
> Other devices that just pop up a login box will also tell you what the
> system is as I am sure you have seen with certain network devices, APs are a
> prime example.
>
> If you find that you may have identified an Asterisk box, try setting up a
> softphone and run wireshark while you register with your room number as the
> user and password.  Many times, you will get logged in, because of poor
> implementation.  If not but you get something back other than a timout, you
> can look at the SIP headers and try to determine from there.
>
> --
> Thanks,
> Steve Totaro
> +18887771888 (Toll Free)
> +12409381212 (Cell)
> +12024369784 (Skype)
>
> _______________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>   http://lists.digium.com/mailman/listinfo/asterisk-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20081010/adcc5fbd/attachment.htm 


More information about the asterisk-users mailing list