Security Basics mailing list archives
Re: Wireless LAN detection
From: Steve Jeffers <steve.jeffers () avnet com>
Date: 19 Dec 2002 19:04:19 -0000
In-Reply-To: <3DF4CEFF.2010704 () attbi com> Some high end detection products are available from www.airdefense.net Also some other sources such as aptools.sourceforge.net
Received: (qmail 27867 invoked from network); 10 Dec 2002 00:32:50 -0000 Received: from outgoing2.securityfocus.com (HELO
outgoing.securityfocus.com) (205.206.231.26)
by mail.securityfocus.com with SMTP; 10 Dec 2002 00:32:50 -0000 Received: from lists.securityfocus.com (lists.securityfocus.com
[205.206.231.19])
by outgoing.securityfocus.com (Postfix) with QMQP id AE87D8F2B8; Mon, 9 Dec 2002 16:18:13 -0700 (MST) Mailing-List: contact security-basics-help () securityfocus com; run by ezmlm Precedence: bulk List-Id: <security-basics.list-id.securityfocus.com> List-Post: <mailto:security-basics () securityfocus com> List-Help: <mailto:security-basics-help () securityfocus com> List-Unsubscribe: <mailto:security-basics-unsubscribe () securityfocus com> List-Subscribe: <mailto:security-basics-subscribe () securityfocus com> Delivered-To: mailing list security-basics () securityfocus com Delivered-To: moderator for security-basics () securityfocus com Received: (qmail 842 invoked from network); 9 Dec 2002 16:49:15 -0000 Message-ID: <3DF4CEFF.2010704 () attbi com> Date: Mon, 09 Dec 2002 09:12:31 -0800 From: Gene <gyoo () attbi com> User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.1)
Gecko/20021003
X-Accept-Language: en-us, en MIME-Version: 1.0 To: "Boschmann, Armin" <aboschmann () hydro mb ca> Cc: "'security-basics () lists securityfocus com'" <security-
basics () lists securityfocus com>
Subject: Re: Wireless LAN detection References: <9BC8CAC649FCD211ABE90008C70895701162EBCA () mail02 hydro mb ca> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-OriginalArrivalTime: 09 Dec 2002 17:12:01.0054 (UTC) FILETIME=
[167E03E0:01C29FA6]
you could look at software like netreg to identify unknow hosts that connects to your network and start your audit policy from that point... gene Boschmann, Armin wrote:We have a policy of no-wireless at our sites. I want to audit this
policy,
similar to war-dialing, or more correctly war-driving. My thinking is to find illegal wireless equipment in realtime. My
concern
is insiders (temporary employees, contractors, 'bad' employees)
plugging in
a wireless access point, then accessing our network from the street,
then
disconnecting. So I am envisioning a computer with a wireless receiver
that
will look for TCP/IP traffic, and tell me if it detects communications
to
any of our computers. I can see several problems, such as distinguishing between our
192.168.x.x
addresses and those on WLANs of our neighbors. Also I would have to
harden
the wireless detection computer, and ideally not connect it to our
network
at all yet have some means of notifying me (pager, cell modem). Does anyone know of a product that does this? Or if you think my
approach
is suspect, suggest another one? Armin Boschmann aboschmann () hydro mb ca Manitoba Hydro-- Gene Yoo, gyoo () attbi com
Current thread:
- RE: Wireless LAN detection, (continued)
- RE: Wireless LAN detection Mahoney, Paul (Dec 09)
- RE: Wireless LAN detection Alban Kuster (Dec 09)
- RE: Wireless LAN detection Jimmy Sansi (Dec 09)
- RE: Wireless LAN detection Michael J. Sconzo (Dec 09)
- Re: Wireless LAN detection Gene (Dec 09)
- RE: Wireless LAN detection Robinson, Sonja (Dec 09)
- RE: Wireless LAN detection Ron Yorgason (Dec 10)
- Re: Wireless LAN detection Talisker (Dec 11)
- NetScreen XP and NetMeeting Sarbjit Singh Gill (Dec 11)
- RE: NetScreen XP and NetMeeting Rick Darsey (Dec 12)
- Re: Wireless LAN detection Talisker (Dec 11)
- RE: Wireless LAN detection Mahoney, Paul (Dec 09)
- Re: Wireless LAN detection Steve Jeffers (Dec 20)