Security Basics mailing list archives
RE: Wireless LAN detection
From: "Robinson, Sonja" <SRobinson () HIPUSA com>
Date: Mon, 9 Dec 2002 09:29:07 -0500
NetStumbler and WEPCrack are two programs to use to sniff and crack your wireless network. You might pick up your neighbors wireless, that's a risk but better them then you. Hopefully they will have tuned down their broadcast range but probably not. Hopefully their SSID is not default and is hard to crack. Bastion host the wireless laptop. It essentially will be on a DMZ so make sure it is a secure build with no extraneous info stored on it and the O/S hardened to the max. Odds are it won't get hacked in the time that you war drive. And you should notice since you should have your own firewall s/w up on that box. Redefine "illegal". Unauthorized is the word you want to use. There are a number of paging alerts. AlarmPoint is one, but there are some free ones availabe if you search.
-----Original Message----- From: Boschmann, Armin [mailto:aboschmann () hydro mb ca] Sent: Friday, December 06, 2002 1:45 PM To: 'security-basics () lists securityfocus com' Subject: Wireless LAN detection We have a policy of no-wireless at our sites. I want to audit this policy, similar to war-dialing, or more correctly war-driving. My thinking is to find illegal wireless equipment in realtime. My concern is insiders (temporary employees, contractors, 'bad' employees) plugging in a wireless access point, then accessing our network from the street, then disconnecting. So I am envisioning a computer with a wireless receiver that will look for TCP/IP traffic, and tell me if it detects communications to any of our computers. I can see several problems, such as distinguishing between our 192.168.x.x addresses and those on WLANs of our neighbors. Also I would have to harden the wireless detection computer, and ideally not connect it to our network at all yet have some means of notifying me (pager, cell modem). Does anyone know of a product that does this? Or if you think my approach is suspect, suggest another one? Armin Boschmann aboschmann () hydro mb ca Manitoba Hydro
********************************************************************** This message is a PRIVILEGED AND CONFIDENTIAL communication, and is intended only for the individual(s) named herein or others specifically authorized to receive the communication. If you are not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the sender of the error immediately, do not read or use the communication in any manner, destroy all copies, and delete it from your system if the communication was sent via email. **********************************************************************
Current thread:
- Wireless LAN detection Boschmann, Armin (Dec 06)
- RE: Wireless LAN detection Optrics Engineering - Shaun Sturby, MCSE (Dec 09)
- RE: Wireless LAN detection Mahoney, Paul (Dec 09)
- RE: Wireless LAN detection Alban Kuster (Dec 09)
- RE: Wireless LAN detection Jimmy Sansi (Dec 09)
- RE: Wireless LAN detection Michael J. Sconzo (Dec 09)
- Re: Wireless LAN detection Gene (Dec 09)
- <Possible follow-ups>
- RE: Wireless LAN detection Robinson, Sonja (Dec 09)
- RE: Wireless LAN detection Ron Yorgason (Dec 10)
- Re: Wireless LAN detection Talisker (Dec 11)
- NetScreen XP and NetMeeting Sarbjit Singh Gill (Dec 11)
- RE: NetScreen XP and NetMeeting Rick Darsey (Dec 12)
- Re: Wireless LAN detection Talisker (Dec 11)
- Re: Wireless LAN detection Steve Jeffers (Dec 20)