IDS mailing list archives
RE: Any Intrusion Detection Appliances handle wired and wireless networks?
From: "Rob Shein" <shoten () starpower net>
Date: Wed, 3 Mar 2004 17:20:25 -0500
Alright. I can barely believe that someone just suggested using a bare operating system with a wireless card as an IDS...and that the moderator allowed it through. I'd suggest that the solution lies more in sensor placement; attacks that come across wireless networks will be the same as those coming from wired networks. There are a few exceptions, like some DoS attacks against Access Points, like those described my Schiffman in a talk at BlackHats '02 (http://www.blackhat.com/html/bh-usa-02/bh-usa-02-speakers.html#Mike%20D.%20 Schiffman), but those make themselves fairly obvious. Attacks against WEP using airsnort, for example, aren't really detectable, as they are passive. Everything else will be the same as a wired attack, so make sure your IDS sensors can see everything that comes over the Access Points and you should be in good shape.
-----Original Message----- From: mike.jablonski () abnamrousa com [mailto:mike.jablonski () abnamrousa com] Sent: Wednesday, March 03, 2004 2:38 PM To: Gary.Freeman () rci rogers com; focus-ids () lists securityfocus com Subject: RE: Any Intrusion Detection Appliances handle wired and wireless networks? OpenBSD!!!!!!!!!!!!!!! Throw in a wireless card. It's free. If you have some old hardware laying around (doesn't take much)..... Makes for the perfect system! -----Original Message----- From: Gary Freeman [mailto:Gary.Freeman () rci rogers com] Sent: Wednesday, March 03, 2004 1:03 PM To: focus-ids () lists securityfocus com Subject: Any Intrusion Detection Appliances handle wired and wireless networks? Hi there, Does anyone know of any combined solutions for and appliance that will passively monitor the wired network while monitoring for wireless activity as well? The reason I'm asking is that I have one budget and if I can combine both technologies in one box (snort and airsnort-based) I could get approval. I need the wireless monitoring in our data-centers along with the IDS so that if any rogues connect to the network they will be picked up and send an alert back to the SEC-admins. Cheers, Gary Freeman Network Security Specialist -------------------------------------------------------------- ------------- Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN, wireless security Protect your network against hackers, viruses, spam and other risks with Astaro Security Linux, the comprehensive security solution that combines six applications in one software solution for ease of use and lower total cost of ownership. Download your free trial at http://www.securityfocus.com/sponsor/Astaro_focus-ids_040301 -------------------------------------------------------------- ------------- -------------------------------------------------------------- ------------- Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN, wireless security Protect your network against hackers, viruses, spam and other risks with Astaro Security Linux, the comprehensive security solution that combines six applications in one software solution for ease of use and lower total cost of ownership. Download your free trial at http://www.securityfocus.com/sponsor/Astaro_focus-ids_040301 -------------------------------------------------------------- -------------
--------------------------------------------------------------------------- Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN, wireless security Protect your network against hackers, viruses, spam and other risks with Astaro Security Linux, the comprehensive security solution that combines six applications in one software solution for ease of use and lower total cost of ownership. Download your free trial at http://www.securityfocus.com/sponsor/Astaro_focus-ids_040301 ---------------------------------------------------------------------------
Current thread:
- RE: Any Intrusion Detection Appliances handle wired and wireless networks? mike . jablonski (Mar 03)
- RE: Any Intrusion Detection Appliances handle wired and wireless networks? Rob Shein (Mar 03)
- RE: Any Intrusion Detection Appliances handle wired and wireless networks? Patrick Nolan (Mar 03)
- <Possible follow-ups>
- Re: Any Intrusion Detection Appliances handle wired and wireless networks? Bourque Daniel (Mar 04)