Penetration Testing mailing list archives
VS: MORE: Tools for Detecting Wireless APs - from the wire side.
From: "Toni Heinonen" <Toni.Heinonen () teleware fi>
Date: Sat, 15 Jun 2002 07:43:40 +0300
Ahh, but indeed. It's of course smarter to block accessfrom the APsinstead of just trying to detect them. AFAIK no Wireless APs can do 802.1x authentication to connect to the LAN, even though most can accept wireless 802.1x clients.The fact that leap is only available on the newest of cisco's wireless equipment is one part of the issue. The other part of the wireless issue is how it expands ones perimiter. You still with encryption or not have opened up an external 'ethernet segment' to snooping. The management packets, which contain alot of information in and of themselfs on the wireless topology at the least, help intruders to map the segment, if not more, depending upon how the wireless toys are terminated and where.
Good morning, No, actually I didn't mean quite that. I am not talkin about wireless client authentication with 802.1x, I mean locking the LAN switches up with 802.1x so all LAN clients have to authenticate (wired LAN). Thus all the wired workstations have to "log in" to the switch in order for them to be able to transmit and receive through the port they are connected to. APs won't be able to do this. You don't need Cisco's proprietary LEAP anyhow for 802.1x, be the clients wireless or wired. EAP-TLS is well supported with Windows XP, as is (or soon will be, anyone have any more knowledge?) EAP-MD5. That, also, is the only downside of 802.1x in LANs: bad support. WinXP has support, but that's all I've heard of. Someone sent me a private e-mail explaining even WLAN APs can authenticate to the LAN using 802.1x, but could someone point me to a link of a product overview where it's specifically stated so? Of course, you could make your own AP with Linux and some 802.1x client code, but I'm looking for ready off-the-shelf products. -- Toni Heinonen, Teleware Oy Wireless +358 (40) 836 1815 Telephone +358 (9) 3434 9123 toni.heinonen () teleware fi www.teleware.fi ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- VS: MORE: Tools for Detecting Wireless APs - from the wire side. Toni Heinonen (Jun 14)
- Re: VS: MORE: Tools for Detecting Wireless APs - from the wire side. R. DuFresne (Jun 14)
- <Possible follow-ups>
- VS: MORE: Tools for Detecting Wireless APs - from the wire side. Toni Heinonen (Jun 16)
- Re: MORE: Tools for Detecting Wireless APs - from the wire side. Larry Youngquist (Jun 18)