Monday, December 03, 2007

PADS: Sigs For Belkin ADSL Router

If you have Belkin ADSL Router running in your network, it's good to identify what services are running by it, there are actually 2 network services running in the Belkin ADSL router, the web and telnet.

After examining the network traffic, I decide to write the PADS signatures for it so that I can track the network assets passively. If I'm not mistaken, the Belkin ADSL router runs Micro Httpd which you can find here -

I have also examined the telnet traffic so that I can write the sig for it, I have written the rough signatures quickly, and it's great to have them working properly after some testing -

# Belkin ADSL Router
telnet,v/Belkin Router Telnet///,BCM96358 ADSL Router\r\nLogin:[ ]

www,v/Micro HTTP Server///,Server: micro_httpd\r\n

For the quick execution, just check out the screenshot below and you will see the host has been identified to run these two services.

I will add these two signatures to upcoming HeX 1.0.2, the recent that we delay the release of it is because more bugs been found and various stuffs to do.

Enjoy (;])

1 comment:

fenris said...

nice sig .. need to more "jalan-jalan cari makan" to get more sig rite ? :)