Firewall Wizards mailing list archives
Re: Wireless
From: "R. DuFresne" <dufresne () sysinfo com>
Date: Fri, 9 Aug 2002 18:26:51 -0400 (EDT)
On Fri, 9 Aug 2002, Jeff Newton wrote:
ejb3 () cornell edu wrote:Find rogue networks the same way their users do, with netstumbler or something similar. Anything that's got an SSID other than the official one, or that's offering up addresses beyond the approved wireless range gets hunted down.Netstumbler is great at finding "mis-configured" WAPs, or those with SSID broadcast enabled. If the user has disabled the broadcast, nothing short of a wireless sniffer is going to see it.
Even with SSID broadcast disabled, those management packets will contain
the SSID's when folks are communicating with the AP or through it. Not
much trouble to sniff this leakage out for sure.
Thanks,
Ron DuFresne
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com
http://sysinfo.com
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
-- Johnny Hart
testing, only testing, and damn good at it too!
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Wireless Paul Robertson (Aug 09)
- Re: Wireless R. DuFresne (Aug 09)
- Re: Wireless B. Scott Harroff (Aug 09)
- <Possible follow-ups>
- RE: Wireless Scott, Richard (Aug 09)
- RE: Wireless ejb3 (Aug 09)
- Re: Wireless Jeff Newton (Aug 09)
- Re: Wireless R. DuFresne (Aug 09)
- Re: Wireless Jeff Newton (Aug 09)
- RE: Wireless ejb3 (Aug 09)
- Re: Wireless John McDermott (Aug 09)
- Re: Wireless Paul Robertson (Aug 09)
- Re: Wireless Dave Piscitello (Aug 19)
- Re: Wireless ejb3 (Aug 09)
- Re: Wireless R. DuFresne (Aug 09)
- RE: Wireless Paul Robertson (Aug 09)