Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: wireless help

From: Asbjørn Eliassen <ahse () online no>
Date: Tue, 23 Sep 2003 12:55:57 +0200
Kamal Habayeb wrote:

Greetings,

Does anyone know of a way or program that would let me know if an
unauthorized computer has connected to my wireless network and been
issued an ip address by DHCP? I am aware that I can check the DHCP log
to find this out, but I want something that will warn me in real time
that a computer has connected.



Ap utils includes an ap-trapd that logs all traps from your access
point. (http://ap-utils.polesye.net/)
Perhaps that is what you are looking for.

A little samle og my logs:
apr 24 20:47:32 localhost ap-trapd[3840]: ap-trapd 1.3.1 started.
apr 24 20:47:40 localhost ap-trapd[3841]: Agent:v1 192.168.123.11 (public@192.168.123.11:162) Reassociation 
00:30:BD:62:85:B6. SysUptime 1:17:24.00
apr 24 20:48:58 localhost ap-trapd[3841]: Agent:v1 192.168.123.11 (public@192.168.123.11:162) Association 
00:30:BD:62:85:B6. SysUptime 1:20:00.00
apr 24 20:50:02 localhost ap-trapd[3841]: Agent:v1 192.168.123.11 (public@192.168.123.11:162) Reassociation 
00:30:BD:62:85:B6. SysUptime 1:22:06.00
apr 24 20:51:05 localhost ap-trapd[3841]: Agent:v1 192.168.123.11 (public@192.168.123.11:162) Reassociation 
00:30:BD:62:85:B6. SysUptime 1:24:14.00
apr 24 20:52:08 localhost ap-trapd[3841]: Agent:v1 192.168.123.11 (public@192.168.123.11:162) Reassociation 
00:30:BD:62:85:B6. SysUptime 1:26:20.00
apr 24 20:53:11 localhost ap-trapd[3841]: Agent:v1 192.168.123.11 (public@192.168.123.11:162) Reassociation 
00:30:BD:62:85:B6. SysUptime 1:28:26.00
apr 24 20:54:14 localhost ap-trapd[3841]: Agent:v1 192.168.123.11 (public@192.168.123.11:162) Reassociation 
00:30:BD:62:85:B6. SysUptime 1:30:32.00
apr 24 20:55:15 localhost ap-trapd[3841]: Agent:v1 192.168.123.11 (public@192.168.123.11:162) Disassociation 
00:30:BD:62:85:B6. SysUptime 1:32:32.00
apr 24 20:58:48 localhost ap-trapd[3841]: Agent:v1 192.168.123.11 (public@192.168.123.11:162) ColdStart. SysUptime 
0:00:00.00
apr 24 20:58:48 localhost ap-trapd[3841]: Agent:v1 192.168.123.11 (public@192.168.123.11:162) StartUp. SysUptime 
0:00:00.00
apr 24 20:59:17 localhost ap-trapd[3841]: Agent:v1 192.168.123.11 (public@192.168.123.11:162) Association 
00:30:BD:62:85:B6. SysUptime 0:00:28.00
apr 24 21:00:21 localhost ap-trapd[3841]: Agent:v1 192.168.123.11 (public@192.168.123.11:162) Reassociation 
00:30:BD:62:85:B6. SysUptime 0:02:34.00


--
Asbjørn Eliassen
Håreksgt 51


---------------------------------------------------------------------------
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: