Security Basics mailing list archives
Re: wireless help
From: Asbjørn Eliassen <ahse () online no>
Date: Tue, 23 Sep 2003 12:55:57 +0200
Kamal Habayeb wrote:
Greetings, Does anyone know of a way or program that would let me know if an unauthorized computer has connected to my wireless network and been issued an ip address by DHCP? I am aware that I can check the DHCP log to find this out, but I want something that will warn me in real time that a computer has connected.
Ap utils includes an ap-trapd that logs all traps from your access point. (http://ap-utils.polesye.net/) Perhaps that is what you are looking for. A little samle og my logs: apr 24 20:47:32 localhost ap-trapd[3840]: ap-trapd 1.3.1 started. apr 24 20:47:40 localhost ap-trapd[3841]: Agent:v1 192.168.123.11 (public@192.168.123.11:162) Reassociation 00:30:BD:62:85:B6. SysUptime 1:17:24.00 apr 24 20:48:58 localhost ap-trapd[3841]: Agent:v1 192.168.123.11 (public@192.168.123.11:162) Association 00:30:BD:62:85:B6. SysUptime 1:20:00.00 apr 24 20:50:02 localhost ap-trapd[3841]: Agent:v1 192.168.123.11 (public@192.168.123.11:162) Reassociation 00:30:BD:62:85:B6. SysUptime 1:22:06.00 apr 24 20:51:05 localhost ap-trapd[3841]: Agent:v1 192.168.123.11 (public@192.168.123.11:162) Reassociation 00:30:BD:62:85:B6. SysUptime 1:24:14.00 apr 24 20:52:08 localhost ap-trapd[3841]: Agent:v1 192.168.123.11 (public@192.168.123.11:162) Reassociation 00:30:BD:62:85:B6. SysUptime 1:26:20.00 apr 24 20:53:11 localhost ap-trapd[3841]: Agent:v1 192.168.123.11 (public@192.168.123.11:162) Reassociation 00:30:BD:62:85:B6. SysUptime 1:28:26.00 apr 24 20:54:14 localhost ap-trapd[3841]: Agent:v1 192.168.123.11 (public@192.168.123.11:162) Reassociation 00:30:BD:62:85:B6. SysUptime 1:30:32.00 apr 24 20:55:15 localhost ap-trapd[3841]: Agent:v1 192.168.123.11 (public@192.168.123.11:162) Disassociation 00:30:BD:62:85:B6. SysUptime 1:32:32.00 apr 24 20:58:48 localhost ap-trapd[3841]: Agent:v1 192.168.123.11 (public@192.168.123.11:162) ColdStart. SysUptime 0:00:00.00 apr 24 20:58:48 localhost ap-trapd[3841]: Agent:v1 192.168.123.11 (public@192.168.123.11:162) StartUp. SysUptime 0:00:00.00 apr 24 20:59:17 localhost ap-trapd[3841]: Agent:v1 192.168.123.11 (public@192.168.123.11:162) Association 00:30:BD:62:85:B6. SysUptime 0:00:28.00 apr 24 21:00:21 localhost ap-trapd[3841]: Agent:v1 192.168.123.11 (public@192.168.123.11:162) Reassociation 00:30:BD:62:85:B6. SysUptime 0:02:34.00 -- Asbjørn Eliassen Håreksgt 51 --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- wireless help Kamal Habayeb (Sep 22)
- RE: wireless help Faisal Masood (Sep 23)
- RE: wireless help Keith Duemling (Sep 23)
- Re: wireless help Gene Cronk (Sep 23)
- Re: wireless help Henning Bree (Sep 23)
- Re: wireless help InCisT (Sep 23)
- Re: wireless help J C Lawrence (Sep 23)
- Re: wireless help Asbjørn Eliassen (Sep 23)
- Re: wireless help Kamal Habayeb (Sep 23)
- RE: wireless help David (Sep 24)
- <Possible follow-ups>
- RE: wireless help Meidinger Chris (Sep 23)
- RE: wireless help Brian Austin (Sep 23)
- RE: wireless help Oscar Kooijman (Sep 24)
- RE: wireless help David J. Jackson (Sep 23)