Focus on IDS
PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort? Apr 23 2009 07:50PM
Taras P. Ivashchenko (taras securityaudit ru) (2 replies)
RE: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort? Apr 23 2009 10:04PM
Chris Waters (cwaters paglo com) (1 replies)
Hi,

It is also possible to meet the PCI 11.1 requirement by scanning the *wired* network looking for wireless access points. This is much easier to do and more practical that walk-around wireless audits using a laptop based tool. There is an open source project called RogueScanner (http://paglo.com/opensource/roguescanner)---which I am one of the authors of---that is specifically designed for wired side discovery of APs.

Regards,

Chris.

> -----Original Message-----

> From: listbounce (at) securityfocus (dot) com [email concealed]

> [mailto:listbounce (at) securityfocus (dot) com [email concealed]] On Behalf Of Taras P. Ivashchenko

> Sent: Thursday, April 23, 2009 12:51 PM

> To: focus-ids (at) securityfocus (dot) com [email concealed]

> Subject: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..".

> Kismet+Snort?

>

> Hello, list!

>

> There is requirement in PCI DSS v.1.2:

>

> "...11.1 Test for the presence of wireless access points by using a

> wireless analyzer at least quarterly or deploying a wireless IDS/IPS to

> identify all wireless devices in use..."

>

> I made some research for open source wireless IDSs and results are not

> good.

> I found some articles about using together Kismet and Snort but it

> looks like not best soliution.

> Air Snort project is dead.

> What wireless IDS/IPS (especially opensource/free) do you use?

>

>

> --

> ТаÑ?ас Ð?ваÑ?енко (Taras Ivashchenko), OSCP www.securityaudit.ru

> ----

> "Software is like sex: it's better when it's free." - Linus Torvalds

[ reply ]
Re: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort? Apr 24 2009 06:43PM
Leon Ward (leon rm-rf co uk)
RE: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort? Apr 23 2009 09:20PM
Gary Everekyan (Gary Everekyan consumerinfo com) (4 replies)
Re: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort? Apr 24 2009 07:40PM
Jason (securitux gmail com)
RE: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort? Apr 24 2009 07:27PM
Emm Maxim (maxus infosec ru) (1 replies)
RE: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort? Apr 24 2009 08:57PM
Gary Everekyan (Gary Everekyan consumerinfo com)
RE: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort? Apr 24 2009 06:35PM
Thiago Musa (klawiq gmail com)
Re: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort? Apr 24 2009 06:04PM
Jeremy Bennett (jeremyfb mac com) (2 replies)
Re: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort? Apr 24 2009 08:22PM
nelson pangeia com br (Nelson Murilo)
RE: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort? Apr 24 2009 06:48PM
Gary Everekyan (Gary Everekyan consumerinfo com) (1 replies)
Re: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort? Apr 24 2009 07:00PM
Jeremy Bennett (jeremyfb mac com) (2 replies)
Re: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort? Apr 25 2009 08:01AM
Joel Snyder (Joel Snyder Opus1 COM) (1 replies)
Re: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort? Apr 26 2009 07:41AM
Jeremy Bennett (jeremyfb mac com) (1 replies)
Re: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort? Apr 27 2009 09:05AM
Joel Snyder (Joel Snyder Opus1 COM) (1 replies)
Re: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort? Apr 27 2009 03:28PM
Jeremy Bennett (jeremyfb mac com)
RE: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort? Apr 25 2009 05:04AM
Emm Maxim (maxus infosec ru)


 

Privacy Statement
Copyright 2010, SecurityFocus