Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-IDS
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Wired detection of rogue access points

from [Hari Sekhon] Network Security [Permanent Link]
Subject: Re: Wired detection of rogue access points
Date: Wed, 21 Mar 2007 15:40:48 +0000 
that's actually quite clever. I might look it up....

-h

Hari Sekhon



Tim Holman wrote:
Not at all - if you use the LAN based component of the Airtight unit to send packets to all the MAC addresses visible on that wired network, then any bridging devices (eg Wireless APs) should transmit these packets into the air, and the wireless component of Airtight would pick these up and identify the presence of a wireless device connected to your LAN. You're right in that you couldn't work the other way round - sorry for not being clearer!

Rgds,

Tim

----- Original Message ----- From: "Hari Sekhon" <hpsekhon@googlemail.com>
To: <tim_holman@hotmail.com>
Cc: <focus-ids@securityfocus.com>
Sent: Wednesday, March 21, 2007 12:36 PM
Subject: Re: Wired detection of rogue access points


that can't be very effective, if I attached a rogue access point, the first thing I would do is to wpa protect it so nobody else can use it and arouse suspicions...

it would also block this test.

Hari Sekhon



tim_holman@hotmail.com wrote:
www.Airtightnetworks.net offer commercial products that can do what you need.
It sits on your network and works by sending small packets back to itself through any air based devices it can pick up (if these are connected to your network then the packets will loop back), thus both valid and invalid access points can be identified.
Rgds

Tim

Sent from my BlackBerry® wireless device
-----Original Message-----
From: johnnywkm@gmail.com
Date: 19 Mar 2007 10:20:43 To:focus-ids@securityfocus.com
Subject: Wired detection of rogue access points

Hello there,

Can anyone point me to a wired LAN scanner/sniffer that detects wireless access points connected to the LAN?

Thanks,
JW

------------------------------------------------------------------------ 

Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more.
------------------------------------------------------------------------ 







------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more.
------------------------------------------------------------------------

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Wired detection of rogue access points, Benjamin Hofstetter
Next by Date:  RE: Wired detection of rogue access points, Waters, Chris
Previous by Thread:  Re: Wired detection of rogue access points, Tim Holman
Next by Thread:  Re: Wired detection of rogue access points, Eric Hacker
Indexes:  [Date] [Thread] [Top] [All Lists]