Re: Tool to find rouge wireless access points?

[Jon D <rekcahpmip () gmail com>]

Sorry Felipe. Basically the core question is 'how to find rouge access points'.
For example, if an end user plugs in a linksys wireless router under
their desk, how do you detect it?

Expanding on the question, is that usually from what I've seen, just
scanning with nmap or something might not pick it up if the AP is
configured not to respond to pings, and doesn't have ports open, etc.
And without knowing the encryption password, sniffing wireless traffic
seems out of the question too. Simply scanning with something like
kismet will only tell you that there's an AP in the area, but you
don't know if it's an AP plugged into your network, or if it's another
companies AP.
The link that was posted about sniffing the encrypted wireless traffic
for netbios requests that aren't encrypted seems interesting.
Something I'll try.


Thanks,
Jon


On Mon, May 14, 2012 at 3:58 PM, Felipe Martins
<martins.felipe.security () gmail com> wrote:
> Yes, i'm on the same way. I didn't  fully understand what the question
> was. Can you be more specific Jon.
>
> Best Regards
>
> Felipe Martins
> CEH, RHCE, RHCI, LPI, ITIL, NCLA, DCTS
> Security Specialist and Projects

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------