PaulDotCom mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Auditing WPA/WPA2 wifi networks

From: "C. L. Martinez" <carlopmart () gmail com>
Date: Sat, 9 Mar 2013 12:36:12 +0000
On Sat, Mar 9, 2013 at 3:48 AM, Doug Chesterman
<mobile.doug.chesterman () gmail com> wrote:

Are you talking about auditing the wireless portion of the network or monitoring it with a (W)IDS/IPS?

There are commercial WIDS/WIPS, Motorola makes Air Defence and there are others as well.

How you audit your wireless network will depend on the risks that wireless pose to your organization and how they are 
being managed.

The security of your APs is not the only risk, you may want to also think about the configuration of wireless devices 
and whether they can associate with an attacker's rogue AP.

Do you monitor for people in your org who connect their own consumer wireless router?

Doug




Two of these AP will be used by internal users to onnect their mobile
phones and tables. The other AP will be used by external people to
connect to some servers in our internal infrastructure. The real risk
is with this third AP: we want to monitor all connections in this AP,
and control in all AP, that WPA/WPA2 is not cracked, for example. To
reach this state, previously we want to delimit all risks: cracking
WPA/WPA2, checking firewall rules are ok, IDS monitors and trigger
correct alerts ....
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
Previous By Date Next
Previous By Thread Next

Current thread: