guest wifi penetration testing

leblanc
leblanc used Ask the Experts™
on
I have a wireless guest network and I'd like to test to make sure that it cannot get into my 10.10.0.0/16 internal network. Excluding ping sweep utility, what other tools can I use to do some sort of penetration testing? Thanks
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Distinguished Expert 2018

Commented:
You could use fairly simplistic tools, like Angry IP Scanner or Softperfect Network Scanner. Try to scan the internal network. Check for any successful connections.

How are the networks separated at this point anyway?
Lee W, MVPTechnology and Business Process Advisor
Most Valuable Expert 2013

Commented:
The safest thing to do is use a separate access point on a separate physical LAN.  If your data is not that important, then split it off the same access point/physical LAN.
I agree with Lee W.  But, if you don't have another public IP address available then you might do this similar approach:
1) Provide an internet gateway for general purposes.
    If it has VLAN capability then you may wish to provide two VLANs - one for the Guest network and one for the private network.  
2) Provide individual firewalls for each network working upstream to the internet gateway.
3) Block traffic on the upstream side of the private firewall from all but the internet gateway.
I'm sure that there are other ideas in this regard.
The only real difference is that you'd be treating private addresses (in the upstream LAN) as if they were public.
Software Engineer
Distinguished Expert 2018
Commented:
nmap  identify systems, open ports etc.

If you want you can try metasploit to try to break into found services.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial