IDS mailing list archives
Re: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort?
From: Leon Ward <leon () rm-rf co uk>
Date: Fri, 24 Apr 2009 19:43:58 +0100
This is probably a question for your PCI DSS CSA. They afterall make the real rules.
Sent from a mobile device. Apologies for any typos but they happen. On 23 Apr 2009, at 23:04, Chris Waters <cwaters () paglo com> wrote:
Hi,It is also possible to meet the PCI 11.1 requirement by scanning the *wired* network looking for wireless access points. This is much easier to do and more practical that walk-around wireless audits using a laptop based tool. There is an open source project called RogueScanner (http://paglo.com/opensource/roguescanner)---which I am one of the authors of---that is specifically designed for wired side discovery of APs.Regards, Chris.-----Original Message----- From: listbounce () securityfocus com[mailto:listbounce () securityfocus com] On Behalf Of Taras P. IvashchenkoSent: Thursday, April 23, 2009 12:51 PM To: focus-ids () securityfocus com Subject: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort? Hello, list! There is requirement in PCI DSS v.1.2: "...11.1 Test for the presence of wireless access points by using awireless analyzer at least quarterly or deploying a wireless IDS/ IPS toidentify all wireless devices in use..."I made some research for open source wireless IDSs and results are notgood. I found some articles about using together Kismet and Snort but it looks like not best soliution. Air Snort project is dead. What wireless IDS/IPS (especially opensource/free) do you use? --Тарас Иващенко (Taras Ivashchenko), OSCP www.securityaudit.ru---- "Software is like sex: it's better when it's free." - Linus Torvalds
Current thread:
- Re: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort?, (continued)
- Re: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort? Jeremy Bennett (Apr 27)
- Re: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort? Joel Snyder (Apr 27)
- Re: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort? Jeremy Bennett (Apr 27)
- RE: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort? Emm Maxim (Apr 27)
- Re: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort? Nelson Murilo (Apr 24)
- RE: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort? Thiago Musa (Apr 24)
- Re: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort? Jason (Apr 24)
- RE: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort? Emm Maxim (Apr 24)
- RE: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort? Gary Everekyan (Apr 24)
- Re: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort? Leon Ward (Apr 24)