Penetration Testing mailing list archives
RE: Identification of non Cisco AP's
From: "Todd Towles" <toddtowles () brookshires com>
Date: Thu, 28 Jul 2005 14:05:14 -0500
You don't like simple Nmap with the -sV on?
-----Original Message----- From: Jonathan Gauntt [mailto:jon0966 () yahoo com] Sent: Thursday, July 28, 2005 12:35 AM To: 'Ian Gorrie' Cc: security-management () securityfocus com; pen-test () securityfocus com Subject: RE: Identification of non Cisco AP's Thanks for the advice. If Superscan doesn't work out I will get a quote from Lumeta. Jonathan -----Original Message----- From: Ian Gorrie [mailto:iag () locked net] Sent: Wednesday, July 27, 2005 2:40 AM To: Jonathan Gauntt Cc: security-management () securityfocus com; pen-test () securityfocus com Subject: Re: Identification of non Cisco AP's On the wire detection is shoddy at best. Usually commercial scanners will only detect default configurations. that being said, most products that I've looked at (such as Lumeta IPSonar for instance) work by scanning for banners on webservers that are running on the APs. If you use a product that scans 80 and 443 for banners that match an APs, you might get somewhere. Not running an obvious banner, disabled, or not matching a signature? You'll be out of luck unless you are tricky and can somehow determine that it is a packet forwarding device. 802.11x on the network doesn't sound like such a bad idea now, does it? :) -i Jonathan Gauntt wrote:Hi, I have been tasked with the project of scanning and identifying all non Cisco wireless access points within the company's network. We have about 800 /22 and /24 subnets, and because of the IP addressing scheme in place, might just be easier for me to scan the whole class A range of IP's. I have access to Nessus and GFI Security Scanner. Since weover 8000IP's in place, does anyone have any advice on the best wayto identifythese non Cisco AP's such as Linksys and Netgear, etc. I wouldn't want to have a report produced that is two miles long unless absolutely necessary. Thanks, Jonathan
Current thread:
- RE: Identification of non Cisco AP's, (continued)
- RE: Identification of non Cisco AP's Jonathan Gauntt (Jul 28)
- Re: Identification of non Cisco AP's Chuck (Jul 27)
- RE: Identification of non Cisco AP's Jonathan Gauntt (Jul 28)
- Re: Identification of non Cisco AP's Ian Gorrie (Jul 27)
- Re: Identification of non Cisco AP's ben creitz (Jul 27)
- RE: Identification of non Cisco AP's Jonathan Gauntt (Jul 28)
- Re: Identification of non Cisco AP's hfortier (Jul 27)
- Re: Identification of non Cisco AP's Sherwood R. Probeck (Jul 28)
- RE: Identification of non Cisco AP's Jonathan Gauntt (Jul 29)
- Re: Re: Identification of non Cisco AP's mox11 (Jul 27)
- RE: Identification of non Cisco AP's Todd Towles (Jul 28)
- RE: Identification of non Cisco AP's Jonathan Gauntt (Jul 28)
- Re: Re: Re: Identification of non Cisco AP's seventil (Jul 28)