nanog mailing list archives

Re: Detection of Rogue Access Points

From: Ryan McBride <mcbride () countersiege com>
Date: Wed, 17 Oct 2012 08:22:52 +0900

On Mon, Oct 15, 2012 at 04:31:34PM -0700, Joe Hamelin wrote:

I think it would be cheaper to have a script written that would grab the
ARP table of each site and then compare to what is known.  Kind of an ARP
tripwire.


Netdisco does this, and more (reports on ports which have more than 1
MAC address, devices from known wireless manufacturers, search MAC
address by manufacturer, etc).

http://www.netdisco.org/

Current thread:

Re: Detection of Rogue Access Points, (continued)
- - Re: Detection of Rogue Access Points Jimmy Hess (Oct 14)
    - Re: Detection of Rogue Access Points Suresh Ramasubramanian (Oct 14)
- Re: Detection of Rogue Access Points Karl Auer (Oct 14)
  - Re: Detection of Rogue Access Points Valdis . Kletnieks (Oct 15)
    - Re: Detection of Rogue Access Points Jonathan Rogers (Oct 15)
    - Re: Detection of Rogue Access Points Roy (Oct 15)
    - Re: Detection of Rogue Access Points Joe Hamelin (Oct 15)
    - Re: Detection of Rogue Access Points Sean Harlow (Oct 15)
    - Re: Detection of Rogue Access Points Joe Hamelin (Oct 15)
    - Re: Detection of Rogue Access Points Sean Harlow (Oct 15)
    - Re: Detection of Rogue Access Points Ryan McBride (Oct 16)
    - Re: Detection of Rogue Access Points George Herbert (Oct 15)
    - Re: Detection of Rogue Access Points Sean Harlow (Oct 15)
    - Re: Detection of Rogue Access Points David Cantrell (Oct 16)
  - Re: Detection of Rogue Access Points Jimmy Hess (Oct 16)
- Re: Detection of Rogue Access Points Roy (Oct 14)
- Re: Detection of Rogue Access Points Jon Sevier (Oct 14)
- Re: Detection of Rogue Access Points Peter Phaal (Oct 14)
- Re: Detection of Rogue Access Points Martin Hepworth (Oct 14)
- Re: Detection of Rogue Access Points John Kristoff (Oct 17)
- Re: Detection of Rogue Access Points Jason Antman (Oct 18)

(Thread continues...)