IDS mailing list archives

Previous By Date Next
Previous By Thread Next

RE: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort?

From: Chris Waters <cwaters () paglo com>
Date: Thu, 23 Apr 2009 18:04:58 -0400
Hi,

It is also possible to meet the PCI 11.1 requirement by scanning the *wired* network looking for wireless access 
points. This is much easier to do and more practical that walk-around wireless audits using a laptop based tool. There 
is an open source project called RogueScanner (http://paglo.com/opensource/roguescanner)---which I am one of the 
authors of---that is specifically designed for wired side discovery of APs.

Regards,

Chris.


-----Original Message-----
From: listbounce () securityfocus com
[mailto:listbounce () securityfocus com] On Behalf Of Taras P. Ivashchenko
Sent: Thursday, April 23, 2009 12:51 PM
To: focus-ids () securityfocus com
Subject: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..".
Kismet+Snort?

Hello, list!

There is requirement in PCI DSS v.1.2:

"...11.1 Test for the presence of wireless access points by using a
wireless analyzer at least quarterly or deploying a wireless IDS/IPS to
identify all wireless devices in use..."

I made some research for open source wireless IDSs and results are not
good.
I found some articles about using together Kismet and Snort but it
looks like not best soliution.
Air Snort project is dead.
What wireless IDS/IPS (especially opensource/free) do you use?


--
Тарас Иващенко (Taras Ivashchenko), OSCP www.securityaudit.ru
----
"Software is like sex: it's better when it's free." - Linus Torvalds
Previous By Date Next
Previous By Thread Next

Current thread: