Re: Wireless Audit Reports

[Matthew Webster <awakenings () mindspring com>]

David,

     Thanks.  That is one method I am using.  That mitigates one risk, but if, for example, one were to attach an AP to 
a computer then connect to one of the hundreds of AP's available around them to connect to the internet to send data, 
we would never know.  Yes, this is highly unlikely, but it makes auditors happy to see such a report.

Matt

-----Original Message-----
> From: "David M. Zendzian" <dmz () dmzs com>
> Sent: Mar 30, 2006 2:53 AM
> To: Matthew Webster <awakenings () mindspring com>
> Cc: pen-test () securityfocus com
> Subject: Re: Wireless Audit Reports
>
> Something you might find easier would be to do an inventory of MAC 
> addresses on your network (query all your switches if you have to) and 
> then determine the manufacturer of all devices. If you have any APs in 
> there, if they aren't running off some machine (hostap/madwifi/etc), 
> then you should be able to find them this way.
>
> dmz
>
> Matthew Webster wrote:
> > Hi,
> >
> >      I work in an environment that has a policy that does not permit 
> > wireless devices.  We still do an "audit" of the area to ensure that 
> > there are no wireless devices in our area.  I wish to prove that there 
> > are no devices.  Being in a city, there are literally hundreds of 
> > wireless networks present - perhaps up to 50 in any one given area of 
> > our building.  I have tracked the signals down and have determined 
> > that there are no rogue access points or peer networks hidden in our 
> > portion of the building.
> >
> >      Now a traditional wireless audit would be easy.  I could report 
> > the signal strengths of our devices, if the SSID's are correct, are 
> > non-broadcast, etc.  That would be an easy report to create after data 
> > collection.  In this case, I am trying to prove a negative.  I can 
> > list networks, signal strengths, etc. but I feel like I am fluffing 
> > the report with meaningless and time wasting statistics.  Does anyone 
> > have any experience in what they would report under these circumstances?
> >
> > Matt
> >
> > ------------------------------------------------------------------------------ 
> >
> > This List Sponsored by: Cenzic
> >
> > Concerned about Web Application Security? As attacks through web 
> > applications continue to rise, you need to proactively protect your 
> > applications from hackers. Cenzic has the most comprehensive solutions 
> > to meet your application security penetration testing and 
> > vulnerability management needs. You have an option to go with a 
> > managed service (Cenzic ClickToSecure) or an enterprise software 
> > (Cenzic Hailstorm). Download FREE whitepaper on how a managed service 
> > can help you: http://www.cenzic.com/forms/ec.php?pubid=10025
> > And, now for a limited time we can do a FREE audit for you to confirm 
> > your results from other product. Contact us at request () cenzic com
> > ------------------------------------------------------------------------------ 




------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
As attacks through web applications continue to rise, you need to proactively 
protect your applications from hackers. Cenzic has the most comprehensive 
solutions to meet your application security penetration testing and 
vulnerability management needs. You have an option to go with a managed 
service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). 
Download FREE whitepaper on how a managed service can help you: 
http://www.cenzic.com/forms/ec.php?pubid=10025
And, now for a limited time we can do a FREE audit for you to confirm your 
results from other product. Contact us at request () cenzic com
------------------------------------------------------------------------------