Penetration Testing mailing list archives

Re: Identification of non Cisco AP's

From: Peter Wood <peterw () firstbase co uk>
Date: Wed, 27 Jul 2005 08:39:54 +0100

Hi Jonathan

We have had considerable success in locating default APs by simplyidentifying their banners (on TCP 80). SuperScan will do this very well.


regards
Pete

At 20:22 26/07/2005 -0500, Jonathan Gauntt wrote:
>Hi,
>
>I have been tasked with the project of scanning and identifying all non
>Cisco wireless access points within the company's network.
>
>We have about 800 /22 and /24 subnets, and because of the IP addressing
>scheme in place, might just be easier for me to scan the whole class A range
>of IP's.
>
>I have access to Nessus and GFI Security Scanner.  Since we over 8000 IP's
>in place, does anyone have any advice on the best way to identify these non
>Cisco AP's such as Linksys and Netgear, etc.
>
>I wouldn't want to have a report produced that is two miles long unless
>absolutely necessary.
>
>Thanks,
>
>
>Jonathan

--------------------------------------------------------------------
Peter Wood FBCS CITP MIEEE MIMIS CISSP
Chief of Operations
First Base Technologies
+44 (0)1273 454525
www.fbtechies.co.uk
www.white-hats.co.uk

Current thread:

Identification of non Cisco AP's Jonathan Gauntt (Jul 26)
- Re: Identification of non Cisco AP's Peter Wood (Jul 27)
  - RE: Identification of non Cisco AP's Jonathan Gauntt (Jul 28)
- Re: Identification of non Cisco AP's Chuck (Jul 27)
  - RE: Identification of non Cisco AP's Jonathan Gauntt (Jul 28)
- Re: Identification of non Cisco AP's Ian Gorrie (Jul 27)
  - Re: Identification of non Cisco AP's ben creitz (Jul 27)
  - RE: Identification of non Cisco AP's Jonathan Gauntt (Jul 28)
- Re: Identification of non Cisco AP's hfortier (Jul 27)
- Re: Identification of non Cisco AP's Sherwood R. Probeck (Jul 28)
  - RE: Identification of non Cisco AP's Jonathan Gauntt (Jul 29)
- <Possible follow-ups>
- Re: Re: Identification of non Cisco AP's mox11 (Jul 27)

(Thread continues...)