Stolen SM modules

OK, today I filtered the MAC’s both at the firewall and gateway. Let’s hope for the best :slight_smile: .

msmith wrote:
Maybe you should continue this thread offline in some manner. If these people are smart enough to steal the SM, re-configure it and get into your network, perhaps they are also aware of this forum and are watching everything you are posting?


I had already spent some time thinking on that. Here is my reasoning against making that choice.

Anyone smart enough to steal one and change the password without having the original password has already been reading the manual or asking questions on this forum because you can't reset a password without the default plug. That means that the thief already knows as much about the hardware as the manual provides, or has that information available in the form of the manual.

Given that situation, it is better to discuss this information openly so that we all realize the limitations of the hardware we have purchased and so that we all understand how to exploit the features that hardware provides. If we presume that we are working in an environment where "security by obscurity" can't exist, we will be more likely to come up with a plan which can not be defeated no matter how well informed the thief is actually.

In that manner we can develop a process whereby we might defend ourselves against such theft. Clearly there is nothing in the existing system which protects us once someone physically takes possesion of a configured system. Knowing how to locate that system and/or deny that system access without a BAM unit is desirable.

-m-

hum well you might try this just to annoy him anyway log in to all your sm’s or look at your list of authorized users then determine which ip he is on the also take that mac address down.
then call your backbone provider because he will have one of your public ip’s then have them to block that ip altogether or just to confuce him have them to just block port 80 or something on that mac or ip.
of course if you really have the time change your system to use authenication for username and password with somthing like radious. see you dont have to use bam there are other alternatives for authenication.of course if someone who was using bam or some authenication system they might be nice enough to authenicate your users for you for a little while remotely.

hum 1 more thought if your using private ip stuff just change your ip structure to a different private table. that would hold him off for a little bit until he logs into his neighbors unit and see’s what it is cause he could still be in cahoots with another subscriber.of course you could change all your passwords then he would have to reset his neighbors unit to gain access then the new ip table would not be seen cause it would be erased.

uh one more idea take another sm and put it on the same ip he is on that will conflict his connection i think then if he changes his ip change yours to match keep him in conflict all the time lol…

and if the truth ws known a motorola tech could get in i bet i never seen a programmer not leave a backdoor for there code.

kenny meadows
Info-Ed Inc.

if all else fails you could change the color codes on your SM’s and AP’s and then Disable SM Display of AP Eval Data on the configuration page of the AP

Put a packet sniffer like Ethereal on your network, and capture a record of all their traffic. They will almost certainly be sending email, IM’s, etc in clear text, so you could quite easily get identifiable information about the user.