Security Basics mailing list archives

RE: wireless access point

From: "David Gillett" <gillettdavid () fhda edu>
Date: Fri, 6 Jun 2003 14:47:04 -0700

  It seems to me that the distinction between "detect and
report about a previously-unknown available access point"
and "detect ACTIVE USE of a previously-unknown available
access point" is that the latter is of far less use....

David Gillett

-----Original Message-----
From: Bo Mendenhall [mailto:Bo.Mendenhall () hsc utah edu]
Sent: June 6, 2003 13:25
To: security-basics () securityfocus com
Subject: RE: wireless access point

Please correct me if I'm wrong:

Marvin's Statement below is true because eventually someone
who has the SSID for an AP will hop on the AP, at which time
it broadcasts the SSID, so Netstumbler would potentially pick
it up the SSID at that point.

"Myers, Marvin" <MRMyers () anteon com> 06/06/03 12:34PM >>>

That is not entirely true. Netstumbler does in fact detect
AP's that do not broadcast their SSID, it just takes longer.
I have proven this on more than one occasion using
NetStumbler on XP with both Orinoco and Netgear cards.

-----Original Message-----
From: Christopher Harrington [mailto:charrington () syseng com]
Sent: Friday, June 06, 2003 1:23 PM
To: lod () acmesecurity org; security-basics () securityfocus com
Subject: RE: wireless access point

Netstumbler does not detect AP's that do not broadcast their
SSID. I know Kismet and Wellenreiter do, I cant speak for the others.

--Chris

-----Original Message-----
From: Luiz Otávio Duarte [mailto:lod () acmesecurity org]
Sent: Thursday, June 05, 2003 9:54 PM
To: security-basics () securityfocus com
Subject: RE: wireless access point

Hi,

Is there any way of detecting wireless access point that doesn't
broadcast
the SSID?


Yep, It's possible. I will tell you why:

   We have two probing modes for channels in a 802.11 network.

  - Activing probe - Is when the prober machine exchange some
probe frames
with the AP.

  - RFMON - Radio Frequency Monitor (Passive probe) - when
the probe machine
capture all data in the channel and try to find some SSID
(Service Set
Identification)

  You can find AP that does not broadcast the SSID using any
probe technique.

  You can use: Netstumbler, DStumbler, Kismet, Wellenreiter, THC-RUT,
WEPCrack, AirSnort, ....

That's All Folks!

--
##
# Luiz Otávio Duarte (lod at acmesecurity dot org)
# www.acmesecurity.org/~lod
##
# ACME! (Computer Security Research)
# www.acmesecurity.org
##
# Unesp - São José do Rio Preto - São Paulo - Brazil
##

--------------------------------------------------------------
-------------
--------------------------------------------------------------
--------------


--------------------------------------------------------------
-------------
--------------------------------------------------------------
--------------


--------------------------------------------------------------
-------------
--------------------------------------------------------------
--------------



--------------------------------------------------------------
-------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by
top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.

Find out why, and see how you can get plug-n-play secure
remote access in
about an hour, with no client, server changes, or ongoing maintenance.

Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
--------------------------------------------------------------
--------------



---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
     
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
          
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------

Current thread:

RE: wireless access point, (continued)
- - - RE: wireless access point Keith A. Pachulski, PPS, GCIH, GCFW (Jun 04)
    - RE: wireless access point David Gillett (Jun 04)
- Re: wireless access point Jon Baer (Jun 04)
- Re: wireless access point leifg (Jun 04)
- RE: wireless access point Luiz Otávio Duarte (Jun 06)
- RE: wireless access point Christopher Harrington (Jun 06)
- RE: wireless access point Myers, Marvin (Jun 06)
- RE: wireless access point Christopher Harrington (Jun 06)
- RE: wireless access point Myers, Marvin (Jun 06)
- RE: wireless access point Bo Mendenhall (Jun 06)
  - RE: wireless access point David Gillett (Jun 06)
- RE: wireless access point David J. Jackson (Jun 09)
- RE: wireless access point Myers, Marvin (Jun 09)
- RE: wireless access point Myers, Marvin (Jun 20)