Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Tool for Identifying Rogue Linksys Routers

From: Joshua Wright <jwright () hasborg com>
Date: Thu, 25 Aug 2005 17:14:54 -0400
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Martin,

Martin Mkrtchian wrote:

Is there a scanning tool out there that can determine if there are
unauthorized Linksys (type) routers in a specific VLAN?


You can use the Nessus plugin 11026 (find_ap.nasl) to scan your network
for open HTTP, SNMP and FTP servers.  Using Nmap fingerprinting and
banner grabbing, this plugin does a decent job at finding rogue AP's
that don't mind being found (e.g. they haven't been specifically
configured to hide from administrators).

Alternatively, wireless-side analysis is the way to go to locate rogue
AP's!  Kismet (www.kismetwireless.net), or a commercial tool will be
helpful there.

- -Josh
- --
- -Joshua Wright
jwright () hasborg com

2005-2006 pgpkey: http://802.11ninja.net/pgpkey.htm
fingerprint: F00E 7A42 8375 0C55 964F E5A4 4D2F 22F6 3658 A4BF

Today I stumbled across the world's largest hotspot.  The SSID is "linksys".
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDDjTNTS8i9jZYpL8RAqbCAKCD7fGJk/tCRrPg8BfQ2p+tbC0zRgCg4ZLX
u8D2UrPqEa2Q17fDiu8x0oM=
=0/CO
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: