|
|
Security Basics
Re: Tool to find rouge wireless access points? May 14 2012 07:58PM Felipe Martins (martins felipe security gmail com) (1 replies) Re: Tool to find rouge wireless access points? May 15 2012 07:27PM Jon D (rekcahpmip gmail com) (2 replies) RE: Tool to find rouge wireless access points? May 15 2012 08:11PM Estell Kauffman (Estell Kauffman chickasaw net) |
|
Privacy Statement |
Just to clarify, you keep talking about APs of a different color:
http://dictionary.reference.com/browse/rouge?s=t
http://dictionary.reference.com/browse/rogue?s=t
The Net Disco tool isn't too difficult to set up if you know your way around Linux
http://www.netdisco.org/
It'll SNMP walk your entire network and tell you what's connected, and where. If the rogue AP has SNMP enabled, it'll find it and tell you the make/model and which switch port it's hanging off.
-Mike
-----Original Message-----
From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]] On Behalf Of Jon D
Sent: Tuesday, May 15, 2012 1:28 PM
To: security-basics (at) securityfocus (dot) com [email concealed]
Subject: Re: Tool to find rouge wireless access points?
Sorry Felipe. Basically the core question is 'how to find rouge access points'.
For example, if an end user plugs in a linksys wireless router under
their desk, how do you detect it?
Expanding on the question, is that usually from what I've seen, just
scanning with nmap or something might not pick it up if the AP is
configured not to respond to pings, and doesn't have ports open, etc.
And without knowing the encryption password, sniffing wireless traffic
seems out of the question too. Simply scanning with something like
kismet will only tell you that there's an AP in the area, but you
don't know if it's an AP plugged into your network, or if it's another
companies AP.
The link that was posted about sniffing the encrypted wireless traffic
for netbios requests that aren't encrypted seems interesting.
Something I'll try.
Thanks,
Jon
------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
------------------------------------------------------------------------
[ reply ]