Penetration Testing mailing list archives
Re: VS: MORE: Tools for Detecting Wireless APs - from the wire side.
From: "R. DuFresne" <dufresne () sysinfo com>
Date: Fri, 14 Jun 2002 15:14:44 -0400 (EDT)
On Fri, 14 Jun 2002, Toni Heinonen wrote:
-----Alkuperäinen viesti----- Lähettäjä: Jon [mailto:vandivee () midsouth rr com] Lähetetty: 12. kesäkuuta 2002 7:18 Vastaanottaja: 'Pen-Test' Aihe: RE: MORE: Tools for Detecting Wireless APs - from the wire side.<snip>EAP based authentication for port security.... And with that.... I can honestly say I have NO IDEA how to do it right now..... If anyone has a whitepaper for implementation EAP for port security, please post it or send it to me...Ahh, but indeed. It's of course smarter to block access from the APs instead of just trying to detect them. AFAIK no Wireless APs can do 802.1x authentication to connect to the LAN, even though most can accept wireless 802.1x clients. These links quickly popped to my search at cisco.com: http://www.cisco.com/univercd/cc/td/doc/product/lan/c3550/1219ea1/3550scg/sw8021x.htm http://www.cisco.com/warp/public/cc/pd/sqsw/sq/tech/deacs_wp.htm Of course, those links only work on Cisco catalysts.
The fact that leap is only available on the newest of cisco's wireless equipment is one part of the issue. The other part of the wireless issue is how it expands ones perimiter. You still with encryption or not have opened up an external 'ethernet segment' to snooping. The management packets, which contain alot of information in and of themselfs on the wireless topology at the least, help intruders to map the segment, if not more, depending upon how the wireless toys are terminated and where. Thanks, Ron DuFresne -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ admin & senior security consultant: sysinfo.com http://sysinfo.com "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart testing, only testing, and damn good at it too! ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- VS: MORE: Tools for Detecting Wireless APs - from the wire side. Toni Heinonen (Jun 14)
- Re: VS: MORE: Tools for Detecting Wireless APs - from the wire side. R. DuFresne (Jun 14)
- <Possible follow-ups>
- VS: MORE: Tools for Detecting Wireless APs - from the wire side. Toni Heinonen (Jun 16)
- Re: MORE: Tools for Detecting Wireless APs - from the wire side. Larry Youngquist (Jun 18)