Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

personal laptop on corporate network


  • Please log in to reply
5 replies to this topic

#1 Testingnight

Testingnight

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:38 PM

Posted 09 June 2014 - 06:53 PM

if a user brings in his personal laptop and without authroization plugs it into the corporate network, what in theory could happen in terms of malware, etc. also what type of tools or procedures can be used to detect if that laptop may have done any damage if it was plugged in and used for a day?

BC AdBot (Login to Remove)

 


#2 Crazy Cat

Crazy Cat

  • Members
  • 808 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lunatic Asylum
  • Local time:08:38 AM

Posted 09 June 2014 - 07:17 PM

if a user brings in his personal laptop and without authroization plugs it into the corporate network, what in theory could happen in terms of malware, etc. also what type of tools or procedures can be used to detect if that laptop may have done any damage if it was plugged in and used for a day?


Using network analysis software, by the corporate I.T. department, will detect an unauthorised MAC address on the corporate network. Depending on the corporate network security protocols, your laptop will be disconnected from the network by your MAC address.
 

Two things are infinite: the universe and human stupidity; and I'm not sure about the universe. ― Albert Einstein ― Insanity is doing the same thing, over and over again, but expecting different results.

 

InternetDefenseLeague-footer-badge.png


#3 Testingnight

Testingnight
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:38 PM

Posted 09 June 2014 - 07:29 PM

so i assume you mean mac address filtering which i will look at. in terms of possible damage done, what tools are there to find anything that laptop may have "spread" during the time it was on network?

#4 Crazy Cat

Crazy Cat

  • Members
  • 808 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lunatic Asylum
  • Local time:08:38 AM

Posted 09 June 2014 - 07:40 PM

so i assume you mean mac address filtering which i will look at. in terms of possible damage done, what tools are there to find anything that laptop may have "spread" during the time it was on network?

Assuming the corporate network security protocols does NOT disconnect your laptop immediately, and allowed to remain connected, all data (packets), LAN connection IPs, etc, can me monitored with network analysis software.

Network analysis software example is Wireshark, http://en.wikipedia.org/wiki/Wireshark
 

Two things are infinite: the universe and human stupidity; and I'm not sure about the universe. ― Albert Einstein ― Insanity is doing the same thing, over and over again, but expecting different results.

 

InternetDefenseLeague-footer-badge.png


#5 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:38 PM

Posted 10 June 2014 - 01:53 AM

Can you provide more info regarding the corporate network? For example, is it AD?

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#6 Kilroy

Kilroy

  • BC Advisor
  • 3,486 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Launderdale, MN
  • Local time:02:38 PM

Posted 10 June 2014 - 10:09 AM

These days not as much would happen, as opposed to the XP SP2 days where the entire network could be infected by a worm in moments.  These days with the default firewall turned on, having a rogue machine on the network isn't as fatal as it used to be.  On the other hand if the machine was infected with some new zero day exploit the entire network could be compromised.

 

So, your range of what could happen goes from nothing to every computer and device is compromised.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users