Security Basics mailing list archives
RE: Network scanning
From: "Paul Farag" <paul () farag ws>
Date: Thu, 7 Aug 2003 16:53:14 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Using MAC filtering to protect a wireless network only presents an obstacle, not absolute security as it would imply. It'll keep casual wardrivers and what not away but for someone determined to get in, it's just another hoop to jump through. Look into using a radius server for authentication... - -----Original Message----- From: Rory [mailto:nazgul () csn ul ie] Sent: Thursday, August 07, 2003 3:23 PM To: netsec novice Cc: security-basics () securityfocus com Subject: Re: Network scanning for the wireless stuff I would just do mac filtering, any host that is not in the list of mac address is not allowed to join the wireless network. Of course the network traffic can still be sniffed using any laptop but you can just encrypt the traffic over wireless as you suggested. The mac filtering is something easy to setup and makes sure you don't end up handing out access to the network to some dude out in in the parking lot. AS for the other stuff i'm not too sure as SNMP is not something I have used, running a snort box in the network checking for scanning activity is also a good precaution that way you are also guarding against any unhappy employee's looking to make your job harder. On Thu, 7 Aug 2003, netsec novice wrote:
Are there tools out there that would allow system administrators to be notified when a new workstation attaches to a network? I'm thinking
both
wireless and ethernet in this case. SNMP maybe? I am in a credit
union
environment and my concern is that someone would be able to steal an existing jack or a jack that is not physically protected but live and
be
able to capture traffic or do reconaissance. We don't have Wireless
access
at this point but may look to it in the future. My only thought in
that
case would be to encrypt all traffic since wireless security is a bit
scary
at this point. Any ideas? _________________________________________________________________ The new MSN 8: smart spam protection and 2 months FREE* http://join.msn.com/?page=features/junkmail
- ------------------------------------------------------------------------ - ---
- ------------------------------------------------------------------------ - ----
- ------------------------------------------------------------------------ - --- - ------------------------------------------------------------------------ - ---- -----BEGIN PGP SIGNATURE----- Version: PGP 8.0 iQA/AwUBPzLmaQQXodFMLSObEQJ7wgCg126aUfvnzPEpGmPHbTP0t8/1iWgAn2cp Li3HJwFuDxtM3Sv42doxWKnl =h3HJ -----END PGP SIGNATURE----- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Network scanning netsec novice (Aug 07)
- Re: Network scanning Rory (Aug 07)
- Re: Network scanning Sebastian Schneider (Aug 08)
- RE: Network scanning Paul Farag (Aug 08)
- Re: Network scanning James Fields (Aug 07)
- RE: Network scanning Simon (Aug 11)
- RE: Network scanning White-Tiger (Aug 12)
- Re: Network scanning himicos (Aug 13)
- <Possible follow-ups>
- Re: Network scanning Bradley Adams (Aug 07)
- Re: Network scanning Jeff MacDonald (Aug 07)
- RE: Network scanning Jason Armstrong (Aug 08)
- RE: Network scanning CHRIS GRABENSTEIN (Aug 08)
- Re: Network scanning Sebastian Schneider (Aug 08)
- Re: Network scanning White-Tiger (Aug 11)
- Re: Network scanning Sebastian Schneider (Aug 08)
(Thread continues...)
- Re: Network scanning Rory (Aug 07)