Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Tool to find rouge wireless access points?

From: Marcus Adams <marcus.adams () virtuesecurity com>
Date: Thu, 17 May 2012 19:15:30 -0400
Hi Jon,

Wired detection of rogue APs has two possible downsides. The first is
that you are simply relying on the MAC address in use to be authentic.
This can be easily modified by most home routers. The second is that
even when you do detect a rogue AP via MAC address, you may not know
where the device actually exists (depends on your network).

Doing an actual wireless war walk is the only sure way to root out any
rogue access points. The best way to do this is with something like
airodump. I also recommend using an external wifi card to get the best
signal reading possible. If you play around with it enough, you will
see its pretty easy to consistently get within a few feet of any
access point. You should just ensure you are scanning a/b/g/n bands
and also watch for APs with non-broadcasting ESSIDs.

In addition to doing war walks, you may also want to evaluate a WIDS
that can monitor, triangulate, and alert in real time if rogue access
points crop up.

Good Luck!
Marcus


On Mon, May 14, 2012 at 11:28 AM, Jon D <rekcahpmip () gmail com> wrote:


Does anyone know of a tool to find rouge wireless access points?
I know of a lot of the various wireless scanners, but with those, it's
impossible to know if it's an AP on your network, or another companies
network. Especially in office buildings where there are other
companies above, below, and beside you.

It seems like the only way to do it is to scan on the wired network
for APs of any make/model, but I'm not aware of a tool that does it.



Thanks,
Jon

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, 
how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, 
purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for 
set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital 
certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------





--
Marcus Adams
Senior Security Consultant | CISSP | CE|H
Virtue Security - http://www.virtuesecurity.com
Marcus.Adams () virtuesecurity com

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: