----------------------------------------------------------------------- Router-Finder - 2000-2008 Volker Tanger ----------------------------------------------------------------------- The RouterFinder script scans a network for hosts and checks, whether they act as routers. It can be used to identify rogue access points and DSL routers in your company's LAN. Be careful: some systems do routing even if they are only connected to the LAN - you simply get one more hop (instead of me-gateway-internet you get me-it-samegateway-sameinternet). Some "identified" roters notoriously are false positives, see e.g. http://www.securityfocus.com/archive/101/330993/2003-07-28/2003-08-03/0 All configuration is done in the shell (BASH) script. You will especially need to set your LAN address in NETWORK="192.168.0.0/16" The scripot only runs on Linux (tested), probably on BSD and other unixes. It won't run on Windows - maybe with CygWin, but I'd doubt that. The script needs the NMAP utility to work. Probed hosts are listed in HOSTLIST='routercandidates.log' Found routers are listed in ROUTERLIST='routerlist.log' All routers are subjected to a detailed "NMAP -A" scan to help finding and identifying the illegally installed/run routers. The NMAP scans of the routers are stored in the directory ROUTERDIR=`date +'routers_%Y-%m-%d'` e.g. 'routers_2008-05-25' when the script was run on 25th may 2008. Be careful: some (especially embedded and Win* systems) don't like to be scanned and crash. Remember: usually a number of the "identified" routers are in-LAN routers and still use the standard gateway/firewall. --------------------------------------------------------------- Router-Finder - 2000-2008 Volker Tanger All rights reserved. Distributable under "Modified BSD" license --------------------------------------------------------------- Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditionsare met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. The name of the author may not be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE AUTHOR `AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE ---------------------------------------------------------------