IDS mailing list archives
Re: Wired detection of rogue access points
From: Vladimir Vuksan <vlists () veus hr>
Date: Mon, 19 Mar 2007 17:46:30 -0400
johnnywkm () gmail com wrote:
Can anyone point me to a wired LAN scanner/sniffer that detects wireless access points connected to the LAN?
I don't believe you can identify an AP just by sniffing. The problem is that AP acts as a L2 switch so there is not necessarily a signature.
The only way I can think of doing something like that is polling your switches (through SNMP) for connected MAC addresses and running a wireless sniffer like Kismet and cross referencing mac addresses that Kismet sees vs. what you see on your wired switches. That has been on my to-do list and I have a project that does switch polling for MAC addresses I just haven't added the Kismet portion yet :-(.
Vladimir ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly?Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more.
------------------------------------------------------------------------
Current thread:
- Wired detection of rogue access points johnnywkm (Mar 19)
- Re: Wired detection of rogue access points Ron Gula (Mar 19)
- RE: Wired detection of rogue access points Waters, Chris (Mar 19)
- Re: Wired detection of rogue access points Michał Melewski (Mar 19)
- RE: Wired detection of rogue access points Adam Graham (Mar 20)
- Re: Wired detection of rogue access points Vladimir Vuksan (Mar 19)
- Re: Wired detection of rogue access points Adam Crosby (Mar 20)
- Re: Wired detection of rogue access points Johnny Wong (Mar 20)
- Re: Wired detection of rogue access points Benjamin Hofstetter (Mar 21)
- Re: Wired detection of rogue access points tim_holman (Mar 20)
- Re: Wired detection of rogue access points Tõnu Samuel (Mar 20)
- Message not available
- Re: Wired detection of rogue access points Hari Sekhon (Mar 21)
- Re: Wired detection of rogue access points Tim Holman (Mar 21)
- Re: Wired detection of rogue access points Hari Sekhon (Mar 21)
- Re: Wired detection of rogue access points Eric Hacker (Mar 22)
- Re: Wired detection of rogue access points tim_holman (Mar 26)
- Re: Wired detection of rogue access points Hari Sekhon (Mar 21)