Security Basics mailing list archives
RE: Tool to find rouge wireless access points?
From: "David Gillett" <gillettdavid () fhda edu>
Date: Wed, 16 May 2012 11:57:08 -0700
An AP typically has two interfaces -- the radio, and the Ethernet connection. A few of the largest "enterprise" manufacturers will configure them to use consecutive MAC addresses within the prefix allocated to the manufacturer. But a lot of consumer/SOHO gear uses a radio from one source and an Ethernet ASIC from another, and retains the MAC addresses supplied by those manufacturers. So the MAC address of the radio side (ESSID, BSSID?) doesn't reliably tell you what MAC address the device uses on your wired network. Unfortunately. Even if the user isn't spoofing one or the other..... David Gillett, CISSP CCNP -----Original Message----- From: Vincent Yeo [mailto:vincent () systex com sg] Sent: Tuesday, May 15, 2012 22:06 To: security-basics () securityfocus com Subject: RE: Tool to find rouge wireless access points? Hi Jon, If you are detecting any AP that is going to connect to your network, have you implement port security on your network? Or go by mac address filtering? Mac address should be able to determine which brand of network is connected to it. Correct me if I m wrong. I m still learning. :) Thanks, Vincent Yeo -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Brandon Edmunds Sent: Wednesday, May 16, 2012 4:23 AM To: security-basics () securityfocus com Subject: Re: Tool to find rouge wireless access points? repost for group: Nessus will do this. There is a plugin just for this. More rudimentary, is that you can use a wireless scanner to capture traffic. Use strings and a perl script to pull hostnames from the traffic and then compare those hostnames to your inventory (I told you it was rudimentary, but this will tell you either you have a your clients connecting to a rogue ap that they set up, or they are connecting to one circumventing your controls). David Hoelzer from SANS gives a tutorial for this: http://it-audit.sans.org/blog/2010/03/03/it-audit-3-easy-steps-to-finding-ro gue-wireless-clients Brandon " And in the end it's not the years in your life that count. It's the life in your years" - Abraham Lincoln On Mon, May 14, 2012 at 9:28 AM, Jon D <rekcahpmip () gmail com> wrote:
Does anyone know of a tool to find rouge wireless access points? I know of a lot of the various wireless scanners, but with those, it's impossible to know if it's an AP on your network, or another companies network. Especially in office buildings where there are other companies above, below, and beside you. It seems like the only way to do it is to scan on the wired network for APs of any make/model, but I'm not aware of a tool that does it. Thanks, Jon ---------------------------------------------------------------------- -- Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL
certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be4 42f727d1 ---------------------------------------------------------------------- --
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727 d1 ------------------------------------------------------------------------ ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727 d1 ------------------------------------------------------------------------ ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Re: Tool to find rouge wireless access points?, (continued)
- Re: Tool to find rouge wireless access points? Rajiv D (May 15)
- Re: Tool to find rouge wireless access points? Vincent Ngundi (May 15)
- Re: Tool to find rouge wireless access points? Patrick Laverty (May 15)
- Re: Tool to find rouge wireless access points? Brandon Edmunds (May 15)
- RE: Tool to find rouge wireless access points? Erik Muttersbach (May 16)
- Re: Tool to find rouge wireless access points? Marcus Adams (May 18)
- Re: Tool to find rouge wireless access points? Vic Vandal (May 18)
- Re: Tool to find rouge wireless access points? Obluda Nemá Jméno Obluda Nemá Jméno Obluda Nemá Jméno (May 21)
- Re: Tool to find rouge wireless access points? Obluda Nemá Jméno Obluda Nemá Jméno Obluda Nemá Jméno (May 21)
- Re: Tool to find rouge wireless access points? Vic Vandal (May 18)
- Re: Tool to find rouge wireless access points? Rajiv D (May 15)
- RE: Tool to find rouge wireless access points? Vincent Yeo (May 16)
- RE: Tool to find rouge wireless access points? David Gillett (May 16)
- Re: Tool to find rouge wireless access points? Vic Vandal (May 21)