IDS mailing list archives
RE: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort?
From: Chris Waters <cwaters () paglo com>
Date: Thu, 23 Apr 2009 18:04:58 -0400
Hi, It is also possible to meet the PCI 11.1 requirement by scanning the *wired* network looking for wireless access points. This is much easier to do and more practical that walk-around wireless audits using a laptop based tool. There is an open source project called RogueScanner (http://paglo.com/opensource/roguescanner)---which I am one of the authors of---that is specifically designed for wired side discovery of APs. Regards, Chris.
-----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Taras P. Ivashchenko Sent: Thursday, April 23, 2009 12:51 PM To: focus-ids () securityfocus com Subject: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort? Hello, list! There is requirement in PCI DSS v.1.2: "...11.1 Test for the presence of wireless access points by using a wireless analyzer at least quarterly or deploying a wireless IDS/IPS to identify all wireless devices in use..." I made some research for open source wireless IDSs and results are not good. I found some articles about using together Kismet and Snort but it looks like not best soliution. Air Snort project is dead. What wireless IDS/IPS (especially opensource/free) do you use? -- Тарас Иващенко (Taras Ivashchenko), OSCP www.securityaudit.ru ---- "Software is like sex: it's better when it's free." - Linus Torvalds
Current thread:
- Re: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort?, (continued)
- Re: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort? Joel Snyder (Apr 27)
- Re: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort? Jeremy Bennett (Apr 27)
- Re: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort? Joel Snyder (Apr 27)
- Re: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort? Jeremy Bennett (Apr 27)
- RE: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort? Emm Maxim (Apr 27)
- Re: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort? Nelson Murilo (Apr 24)
- RE: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort? Gary Everekyan (Apr 24)
- Re: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort? Leon Ward (Apr 24)