SecurityFocus

Tool for Identifying Rogue Linksys Routers Aug 25 2005 06:48PM
Martin Mkrtchian (dotsecure gmail com) (5 replies)

Re: Tool for Identifying Rogue Linksys Routers Aug 27 2005 12:13AM
Tony Rall (trall almaden ibm com)

Re: Tool for Identifying Rogue Linksys Routers Aug 26 2005 07:29PM
Dave Hull (ireadit gmail com)

Re: Tool for Identifying Rogue Linksys Routers Aug 26 2005 02:32PM
Graham Wilson (graham mknod org)

Re: Tool for Identifying Rogue Linksys Routers Aug 26 2005 01:31PM
Mike Frantzen (frantzen nfr com)

Re: Tool for Identifying Rogue Linksys Routers Aug 25 2005 09:14PM
Joshua Wright (jwright hasborg com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Martin,

Martin Mkrtchian wrote:
> Is there a scanning tool out there that can determine if there are
> unauthorized Linksys (type) routers in a specific VLAN?

You can use the Nessus plugin 11026 (find_ap.nasl) to scan your network
for open HTTP, SNMP and FTP servers. Using Nmap fingerprinting and
banner grabbing, this plugin does a decent job at finding rogue AP's
that don't mind being found (e.g. they haven't been specifically
configured to hide from administrators).

Alternatively, wireless-side analysis is the way to go to locate rogue
AP's! Kismet (www.kismetwireless.net), or a commercial tool will be
helpful there.

- -Josh
- --
- -Joshua Wright
jwright (at) hasborg (dot) com [email concealed]

2005-2006 pgpkey: http://802.11ninja.net/pgpkey.htm
fingerprint: F00E 7A42 8375 0C55 964F E5A4 4D2F 22F6 3658 A4BF

Today I stumbled across the world's largest hotspot. The SSID is "linksys".
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDDjTNTS8i9jZYpL8RAqbCAKCD7fGJk/tCRrPg8BfQ2p+tbC0zRgCg4ZLX
u8D2UrPqEa2Q17fDiu8x0oM=
=0/CO
-----END PGP SIGNATURE-----

[ reply ]