More often than not when I walk into a building I will see RJ-45 network outlets in the wild.
Without having done exact calculations I was able to hook up my laptop to this outlet, and have full access to the network.
This goes for supermarkets, public administration buildings, and even military installations.
What’s particularly surprising is the significant increase in RJ-45 outlets in the entry area of buildings.
It’s like a trend!
And a dangerous one
Here’s the catch: if a good guy like me can hook up to your network, perform a detailed scan of connected devices, computers etc., and to not be stopped by anyone, this is bad news!
Well, actually it’s good news or the bad guy because he’s going to have an easy time getting entry into the network, and stealing all of your corporate secrets.
The funny thing is the reaction you get from employees of the company to questions along the lines of why nobody stop me from looking up my computer to the network through a publicly accessible outlet. A lot of times, conventional employees are not aware of the risk; point taken.
So, let’s look for the culprits who signed off on such a risky business.
A lot of times he will be directed to the building engineers, who told contractors to put a socket where it is.
The cool thing about this is the argument that you get and defense for their stupid decision.
It’s become quite trendy to have video billboards to display all the cool stuff that you do; obviously, a lot of the manufactures of these billboards/large screen TVs don’t alter Wi-Fi on their solutions. Conducting a little bit of research of no more than 10 minutes clearly outlines that there are tons of available products with Wi-Fi it’s only that they’re a little bit more expensive.
You then go on to interview the person in charge of IT security about why the outlet is hooked up, and there is no MAC address filtering? And, you get the next stupid answer, if at all. A lot of times they will direct you back to the building manager, and so The infinite journey of idiocy begins.
But let’s get back on topic. Having a detailed documentation of your network from the beginning is going to save you a lot of work down the line, when someone comes for her certification purposes, and asks you for such a document.
I have assisted in creating such documents very hastily because some external organization/consultant firm/security corporation required access to a thorough network documentation.
Another pretty cool thing you can achieve with a detailed network documentation is to find devices, which don’t belong in your network.
This again is pretty cool if you were under attack, and failed to point out the device that you were being attacked from, because it was introduced into the network by one of your employees or the attacker themselves.
I know, these are only two primitive examples but were the first ones that came to my mind just thinking about it. Give me 10 minutes more to think about it, and I’ll come up with 100 examples.