Abuse with a FingBox

RichardJansma
RichardJansma Member Posts: 21
10 Comments 5 Likes Founder Name Dropper
✭✭✭
edited August 11, 2019 in Fingbox #1

I was thinking what if Some person has a fingbox and plugs iT in someone elses internet... for example work..

and that one blocks the internet of a collegue that he or She doesnt like...

well how can we find the problem then and what to do againgst it.

it keeps going until its plugged out of the network...


IT can even be used for sabotage... like an onther company can do this to stop the production of an onther company. (Man inside attack)

Yours Sincerely,



Richard Jansma

Hypnotist, Master Magnetist, Dataist & believer of future technology!

Comments

  • Pooh
    Pooh Member, Beta Tester Posts: 674
    500 Likes 500 Comments 25 Answers 100 Agrees
    ✭✭✭✭✭

    There are plenty of ways one can mess with a corporate network, Fingbox is only one such way. Heck it can be done for less money using a Raspberry Pi.


    However a well designed topology with the appropriate devices can be used to isolate these devices off network quickly.

    People say nothing is impossible, but I do nothing every day.
    VioletChepil
  • RichardJansma
    RichardJansma Member Posts: 21
    10 Comments 5 Likes Founder Name Dropper
    ✭✭✭

    Yes i understand @Pooh but i also mean what options there are to go againgst iT and what Good options are.

    and raspberry pi is also one that can be used but how to detect or prevent iT.

    Yours Sincerely,



    Richard Jansma

    Hypnotist, Master Magnetist, Dataist & believer of future technology!

  • VioletChepil
    VioletChepil London, UKMember Posts: 2,471
    100 Answers 500 Likes 1000 Comments 100 Agrees
    ✭✭✭✭✭✭
    Yes Fingbox in corporate environment should be controlled by the network admin for sure to ensure it is used properly. This version of Fingbox is definitely marketing towards the home sector and we've thought about variations for the corporate environment. Typically though, as I understand in most corporate environments employees don't have access to the main router/access point. 

    Community Manager at Fing

  • RichardJansma
    RichardJansma Member Posts: 21
    10 Comments 5 Likes Founder Name Dropper
    ✭✭✭

    @VioletChepil but what if there are workstations with lan cable... someone can unplug and plug in fing... and then they can Well annoy or sabotage the work.

    but are there ways to detect it? Or prevent it?

    Yours Sincerely,



    Richard Jansma

    Hypnotist, Master Magnetist, Dataist & believer of future technology!

  • VioletChepil
    VioletChepil London, UKMember Posts: 2,471
    100 Answers 500 Likes 1000 Comments 100 Agrees
    ✭✭✭✭✭✭
    I guess by already having one on the network you'd detect new devices that join it @RichardJansma! Or by doing the daily Fing scan too. 

    Community Manager at Fing

    RichardJansma
  • RichardJansma
    RichardJansma Member Posts: 21
    10 Comments 5 Likes Founder Name Dropper
    ✭✭✭
    edited August 12, 2019 #7

    @VioletChepil thats indeed a Good idea.

    but someone can still abuse iT...

    look sometimes its hard to find a source and iT can take Some time to find iT sometimes (this happend sometime)


    but are there options to Well prevent the ARP protocol Fing uses or to detect iT fast

    Yours Sincerely,



    Richard Jansma

    Hypnotist, Master Magnetist, Dataist & believer of future technology!

  • JSchlackman
    JSchlackman Member Posts: 5
    First Anniversary First Comment Photogenic
    but are there ways to detect it? Or prevent it?
    There are a number of specialist software packages that will help detect when ARP spoofing is happening. This post has links to some of them.

    One method of prevention is to secure your wired LAN ports so that someone cannot simply plug in and immediately be connected to the corporate network. All of our switches are configured to require devices to authenticate using 802.1X before they are assigned to the corporate VLAN. Anything that fails to authenticate is placed in a guest VLAN where it can do limited harm.
    Hronos
  • Hronos
    Hronos Member, Beta Tester Posts: 289
    100 Likes 100 Comments Second Anniversary 25 Awesomes
    ✭✭✭✭
    What @JSchlackman says is the way to go on a corporate network, secure all access to your network, even with DHCP active, a Non authorized device shouldn't be able to get an IP (or connection at all).
    Keep looking up!
  • RichCreedy
    RichCreedy Member, Beta Tester Posts: 38
    25 Likes 10 Comments First Anniversary Name Dropper
    ✭✭✭
    if the network is setup properly, you should be able to alleviate the problem by only allowing devices that are authorised whether this is by only allowing certain mac addresses ( could be spoofed by someone who knows what they are doing) or some other method, radius server authentication, etc
  • daved2424
    daved2424 Member, Beta Tester Posts: 15
    10 Comments 5 Likes Name Dropper First Anniversary
    ✭✭
    This is really a corporate IT question being posed on a forum for a domestic product.

    If your question is simply out of curiosity, there are probably better places that can provide the information you seek. See JSchlackman's post above. 

    If, however, you have concerns about the corporate network that you administer by a device such as a Fingbox then you are likely unqualified for the position you hold.