IDS mailing list archives
Re: Wired detection of rogue access points
From: Hari Sekhon <hpsekhon () googlemail com>
Date: Wed, 21 Mar 2007 15:40:48 +0000
that's actually quite clever. I might look it up.... -h Hari Sekhon Tim Holman wrote:
Not at all - if you use the LAN based component of the Airtight unit to send packets to all the MAC addresses visible on that wired network, then any bridging devices (eg Wireless APs) should transmit these packets into the air, and the wireless component of Airtight would pick these up and identify the presence of a wireless device connected to your LAN. You're right in that you couldn't work the other way round - sorry for not being clearer!Rgds, Tim----- Original Message ----- From: "Hari Sekhon" <hpsekhon () googlemail com>To: <tim_holman () hotmail com> Cc: <focus-ids () securityfocus com> Sent: Wednesday, March 21, 2007 12:36 PM Subject: Re: Wired detection of rogue access pointsthat can't be very effective, if I attached a rogue access point, the first thing I would do is to wpa protect it so nobody else can use it and arouse suspicions...it would also block this test. Hari Sekhon tim_holman () hotmail com wrote:www.Airtightnetworks.net offer commercial products that can do what you need. It sits on your network and works by sending small packets back to itself through any air based devices it can pick up (if these are connected to your network then the packets will loop back), thus both valid and invalid access points can be identified.Rgds Tim Sent from my BlackBerry® wireless device -----Original Message----- From: johnnywkm () gmail com Date: 19 Mar 2007 10:20:43 To:focus-ids () securityfocus com Subject: Wired detection of rogue access points Hello there,Can anyone point me to a wired LAN scanner/sniffer that detects wireless access points connected to the LAN?Thanks, JW------------------------------------------------------------------------Test Your IDS Is your IDS deployed correctly?Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly?Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more.
------------------------------------------------------------------------
Current thread:
- Re: Wired detection of rogue access points, (continued)
- Re: Wired detection of rogue access points Michał Melewski (Mar 19)
- RE: Wired detection of rogue access points Adam Graham (Mar 20)
- Re: Wired detection of rogue access points Vladimir Vuksan (Mar 19)
- Re: Wired detection of rogue access points Adam Crosby (Mar 20)
- Re: Wired detection of rogue access points Johnny Wong (Mar 20)
- Re: Wired detection of rogue access points Benjamin Hofstetter (Mar 21)
- Re: Wired detection of rogue access points tim_holman (Mar 20)
- Re: Wired detection of rogue access points Tõnu Samuel (Mar 20)
- Message not available
- Re: Wired detection of rogue access points Hari Sekhon (Mar 21)
- Re: Wired detection of rogue access points Tim Holman (Mar 21)
- Re: Wired detection of rogue access points Hari Sekhon (Mar 21)
- Re: Wired detection of rogue access points Eric Hacker (Mar 22)
- Re: Wired detection of rogue access points tim_holman (Mar 26)
- RE: Wired detection of rogue access points Bourque Daniel (Mar 26)
- RE: Wired detection of rogue access points Gabbard, Gregory (Mar 26)
- RE: Wired detection of rogue access points Adam Graham (Mar 26)
- Re: Wired detection of rogue access points tim_holman (Mar 27)
- Message not available
- Re: Wired detection of rogue access points Adam Crosby (Mar 27)
- Re: Wired detection of rogue access points Hari Sekhon (Mar 21)
- Re: Wired detection of rogue access points Michał Melewski (Mar 19)
- Re: Wired detection of rogue access points Hari Sekhon (Mar 22)