Security Basics mailing list archives
Re: Tool to find rouge wireless access points?
From: Obluda Nemá Jméno Obluda Nemá Jméno Obluda Nemá Jméno <jmeno.obluda () gmail com>
Date: Sun, 20 May 2012 16:16:35 +0100
A May 18, 2012, às 8:09 PM, Vic Vandal escreveu:
Jon, If you have Cisco APs strategically deployed around your building the Cisco Wireless Access Controller can use its DB of authorized access points to detect rogue APs and triangulate their location. That triangulation ensures that you're not picking up APs or other wireless devices that are outside of your building.
There's always the chance that an attacker can spoof either the bssid or any other info that identifies de AP on the network.
You can also buy wireless jammers that DoS unknown APs on the network.
Wireless jamming isn't legally allowed in some countries, here you have some examples http://en.wikipedia.org/wiki/Mobile_phone_jammer#Legalities
-Vic ----- Original Message ----- From: "Marcus Adams" <marcus.adams () virtuesecurity com> To: "Jon D" <rekcahpmip () gmail com> Cc: security-basics () securityfocus com Sent: Thursday, May 17, 2012 7:15:30 PM Subject: Re: Tool to find rouge wireless access points? Hi Jon, Wired detection of rogue APs has two possible downsides. The first is that you are simply relying on the MAC address in use to be authentic. This can be easily modified by most home routers. The second is that even when you do detect a rogue AP via MAC address, you may not know where the device actually exists (depends on your network).
Remember that an AP can be posed by any laptop.
Doing an actual wireless war walk is the only sure way to root out any rogue access points. The best way to do this is with something like airodump. I also recommend using an external wifi card to get the best signal reading possible. If you play around with it enough, you will see its pretty easy to consistently get within a few feet of any access point. You should just ensure you are scanning a/b/g/n bands and also watch for APs with non-broadcasting ESSIDs. In addition to doing war walks, you may also want to evaluate a WIDS that can monitor, triangulate, and alert in real time if rogue access points crop up. Good Luck! Marcus On Mon, May 14, 2012 at 11:28 AM, Jon D <rekcahpmip () gmail com> wrote:Does anyone know of a tool to find rouge wireless access points? I know of a lot of the various wireless scanners, but with those, it's impossible to know if it's an AP on your network, or another companies network. Especially in office buildings where there are other companies above, below, and beside you. It seems like the only way to do it is to scan on the wired network for APs of any make/model, but I'm not aware of a tool that does it.
I'll develop on my previous reply at the end of this reply, and remember this IS case specific. I'll only talk about WPA/WPA2 Enterprise infrastructures.
Thanks, Jon ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 -------------------------------------------------------------------------- Marcus Adams Senior Security Consultant | CISSP | CE|H Virtue Security - http://www.virtuesecurity.com Marcus.Adams () virtuesecurity com ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------ ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Consider this scenario, the network as a RADIUS server used to authenticate users, the company that owns the network provides a certificate for each user to install and have each supplicant (client) compare it with the one provided by the RADIUS server. Given that not every client ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Re: Tool to find rouge wireless access points?, (continued)
- Re: Tool to find rouge wireless access points? xgermx (May 14)
- RE: Tool to find rouge wireless access points? Mikhail A. Utin (May 15)
- RE: Tool to find rouge wireless access points? Dan Lynch (May 16)
- Re: Tool to find rouge wireless access points? xgermx (May 14)
- Re: Tool to find rouge wireless access points? Rajiv D (May 15)
- Re: Tool to find rouge wireless access points? Vincent Ngundi (May 15)
- Re: Tool to find rouge wireless access points? Patrick Laverty (May 15)
- Re: Tool to find rouge wireless access points? Brandon Edmunds (May 15)
- RE: Tool to find rouge wireless access points? Erik Muttersbach (May 16)
- Re: Tool to find rouge wireless access points? Marcus Adams (May 18)
- Re: Tool to find rouge wireless access points? Vic Vandal (May 18)
- Re: Tool to find rouge wireless access points? Obluda Nemá Jméno Obluda Nemá Jméno Obluda Nemá Jméno (May 21)
- Re: Tool to find rouge wireless access points? Obluda Nemá Jméno Obluda Nemá Jméno Obluda Nemá Jméno (May 21)
- Re: Tool to find rouge wireless access points? Vic Vandal (May 18)
- RE: Tool to find rouge wireless access points? Vincent Yeo (May 16)
- RE: Tool to find rouge wireless access points? David Gillett (May 16)
- Re: Tool to find rouge wireless access points? Vic Vandal (May 21)