Security Basics mailing list archives

Re: About War Driving ..

From: Paul daSilva <pdasilva () polr org>
Date: Mon, 04 Dec 2006 10:54:51 -0500

Gaurav,

First, I recommend that you implement more security on your WLAN. Allcomments previously provided on this topic are valid options.Personally, the most logical option is an upgrade to WPA/WPA2, whichwill make it more difficult to crack (though not impossible). But thatassumes all wireless end-points on your network are WPA capable.

Second, try Googling "Wireless Positioning" - there are various productsavailable that will cater to this need. However, I only recommend thisroute if you have the budget to spend, and if you are chasing anintruder for legal reasons. Otherwise, it's more or less impractical -you are better served by securing your network and perhaps taking a fewcalculated walks around the building (looking for suspicious laptopusers in cars, closets, etc).

You may have a rogue access point enabled within proximity to yourwireless network. In which case, I recommend you perform a test "wardrive" of the immediate area, eliminating known/good access points andinvestigating the remainder.

Lastly, if your organization has the money to spend, I highly recommendsome form of Wireless Intrusion Detection and/or Prevention (WIDS/WIPS),which will alert you when it finds rogue users and access points, alongwith any other breach attempts. You may even find "WirelessPositioning" and "WIDS or WIPS" in the same software product.


Some products that caught my eye:

http://www.navizon.com/
http://www.skyhookwireless.com/
http://www.ekahau.com/


Cheers,

Paul daSilva



gaurav saha wrote:

Hi ,I was wondering if it is possible to locate and catch
a guy who is connecting to our wep wireless network
and downloading stuff from torrents and using up our
bandwidth ..I checked up with arp scan and found 2 unknown IPs192.168.1.246 and 247Is there anyway of locating the guy in a building of 7
floors and how to stop this ..I have tried changing
the Wep keys so . he is cracking the wep key.
Any Suggestion People ?
---gaurav
____________________________________________________________________________________
Do you Yahoo!?
Everyone is raving about the all-new Yahoo! Mail beta.
http://new.mail.yahoo.com

Current thread:

Re: About War Driving .., (continued)
- Re: About War Driving .. Colin Copley (Dec 01)
- Re: About War Driving .. Larry Offley (Dec 01)
  - Re: About War Driving .. Gouki (Dec 04)
- Re: About War Driving .. bucklerk (Dec 01)
- Re: About War Driving .. Roman Shirokov (Dec 01)
  - Re: About War Driving .. Francois Yang (Dec 04)
- Re: Re: About War Driving .. s (Dec 04)
- Re: RE: About War Driving .. nratkevicius (Dec 04)
  - Re: RE: About War Driving .. Francois Yang (Dec 06)
  - RE: About War Driving .. David Gillett (Dec 06)
- Re: About War Driving .. Paul daSilva (Dec 04)
- Re: Re: About War Driving .. giles (Dec 04)
- RE: About War Driving .. Dan Bogda (Dec 04)
- Re: Re: About War Driving .. anone (Dec 04)
- RE: Re[2]: About War Driving .. Paul Stone (Dec 07)
  - RE: Re[2]: About War Driving .. David Gillett (Dec 08)
  - RE: Re[2]: About War Driving .. Murda Mcloud (Dec 08)
- Re: About War Driving .. krymson (Dec 08)
  - Re: About War Driving .. Eric Furman (Dec 12)
    - Re: About War Driving .. Francois Yang (Dec 12)
    - RE: About War Driving .. David Gillett (Dec 12)

(Thread continues...)