IDS mailing list archives
RE: Wired detection of rogue access points
From: "Adam Graham" <agraham () datastreamcowboys net>
Date: Fri, 30 Mar 2007 10:24:24 -0500
"Meh, this is simply not true. My home AP might is plenty secure from my SOHO technology noob neighbors with MAC filtering - few, if any, of them even know what an "AP" is much less "MAC spoofing"." Gotcha there... my closest neighbors (my parents) are a mile a way.. and I just don't see my dad hacking my AP.. lol Having said that filtering technologies such as MAC filtering are far too difficult to manage given the relatively small security return provided and as such should be avoided given the fact that other superior authentication and access control mechanisms exist. In my solution MAC filtering has be simplified and easy to manage. I set up using cron/bash script to download the new approved and banned MAC lists on a regular interval. As well as check the local server for OS updates, AV updates. The Master MAC list is a MySQL database, with other information as well... we track all information of the machine from day it was ordered til it dies. All work done to it and current and past configurations... ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
Current thread:
- Re: Wired detection of rogue access points, (continued)
- Re: Wired detection of rogue access points Hari Sekhon (Mar 22)
- RE: Wired detection of rogue access points Waters, Chris (Mar 22)
- Re: Wired detection of rogue access points Hari Sekhon (Mar 22)
- Re: Wired detection of rogue access points krymson (Mar 26)
- Re: Wired detection of rogue access points Chad Mano (Mar 26)
- Re: Wired detection of rogue access points Eric Hacker (Mar 26)
- Re: Wired detection of rogue access points Chad Mano (Mar 26)
- Re: Wired detection of rogue access points jay.tomas (Mar 27)
- Re: Wired detection of rogue access points Adam Powers (Mar 29)
- Re: Wired detection of rogue access points tim_holman (Mar 29)
- RE: Wired detection of rogue access points Adam Graham (Mar 29)
- Re: Wired detection of rogue access points Eric Hacker (Mar 30)
- RE: Wired detection of rogue access points Adam Graham (Mar 30)