rogue DHCP server on hotel wired LAN

[shep@…]

Hotel wired net was working fine for me before but this afternoon
(around 3:10pm) when I tried again a rogue DHCP server was giving me a
192.168.1.* address, with 192.168.1.1 as a default route.  No DNS and
no network connectivity through that seemd to work. (I could not ssh
home to an IP address.)

I'm in room 13-141.

The MAC address of 192.168.1.1 is:

$ arp -n -a
? (192.168.1.1) at cc:34:29:90:8b:49 [ether] on wlan0


and I was unable to connect to it with HTTP.

ssh to it however did reveal this banner:


$ ssh root@192.168.1.1
The authenticity of host '192.168.1.1 (192.168.1.1)' can't be established.
RSA key fingerprint is f4:ab:24:5c:73:e3:49:21:42:84:1a:c9:14:ec:53:e2.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.1' (RSA) to the list of known hosts.
DD-WRT v24-sp2 std (c) 2012 NewMedia-NET GmbH
Release: 03/15/12 (SVN revision: 18740)
root@192.168.1.1's password: 




			-Tim Shepard
			 shep@alum.mit.edu

[chelliot@…]

Sent message to 90attendees with information regarding two rogue devices and contacted the hotel network support staff. They are going to find the ports the two devices are connected to and shut them down. They will also supply the room numbers so that we or the hotel can contact the owners so they can fix the issue and then we can get their ports turned back on.

Chris.

[chelliot@…]

The ports to the rooms have been disabled and the residents contacted. These two rogues should be fixed. Let's hope there's not any others!

Chris.

[Rick Alfvin]

Milestone renamed