Penetration Testing mailing list archives

VS: MORE: Tools for Detecting Wireless APs - from the wire side.

From: "Toni Heinonen" <Toni.Heinonen () teleware fi>
Date: Sat, 15 Jun 2002 07:43:40 +0300

Ahh, but indeed. It's of course smarter to block access

from the APs

instead of just trying to detect them. AFAIK no Wireless APs can do 
802.1x authentication to connect to the LAN, even though most can 
accept wireless 802.1x clients.



The fact that leap is only available on the newest of cisco's 
wireless equipment is one part of the issue.  The other part 
of the wireless issue is how it expands ones perimiter.  You 
still with encryption or not have opened up an external 
'ethernet segment' to snooping.  The management packets, 
which contain alot of information in and of themselfs on the 
wireless topology at the least,  help intruders to map the 
segment, if not more, depending upon how the wireless toys 
are terminated and where.


Good morning,

No, actually I didn't mean quite that. I am not talkin about wireless
client authentication with 802.1x, I mean locking the LAN switches up
with 802.1x so all LAN clients have to authenticate (wired LAN). Thus
all the wired workstations have to "log in" to the switch in order for
them to be able to transmit and receive through the port they are
connected to. APs won't be able to do this.

You don't need Cisco's proprietary LEAP anyhow for 802.1x, be the
clients wireless or wired. EAP-TLS is well supported with Windows XP, as
is (or soon will be, anyone have any more knowledge?) EAP-MD5. That,
also, is the only downside of 802.1x in LANs: bad support. WinXP has
support, but that's all I've heard of.

Someone sent me a private e-mail explaining even WLAN APs can
authenticate to the LAN using 802.1x, but could someone point me to a
link of a product overview where it's specifically stated so? Of course,
you could make your own AP with Linux and some 802.1x client code, but
I'm looking for ready off-the-shelf products.

-- 
Toni Heinonen, Teleware Oy
  Wireless +358 (40) 836 1815
  Telephone +358 (9) 3434 9123
  toni.heinonen () teleware fi
  www.teleware.fi

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Current thread:

VS: MORE: Tools for Detecting Wireless APs - from the wire side. Toni Heinonen (Jun 14)
- Re: VS: MORE: Tools for Detecting Wireless APs - from the wire side. R. DuFresne (Jun 14)
- <Possible follow-ups>
- VS: MORE: Tools for Detecting Wireless APs - from the wire side. Toni Heinonen (Jun 16)
  - Re: MORE: Tools for Detecting Wireless APs - from the wire side. Larry Youngquist (Jun 18)