Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Finding Wireless AP's on your network

from [hein] Network Security [Permanent Link]
Subject: Re: Finding Wireless AP's on your network
Date: 20 Apr 2006 17:41:27 -0000 
Tried Arpwatch and Port Security on switches? If you really want to prevent any 
APs being plugged into any network above will certainly help, but of course 
depends highly on the infrastructure in place (managed or unmanaged switches, 
hubs in use etc.). NMAP scanning could also identify an AP, but its also easily 
circumvented and one can do naughty things to fool nmap and making it believe 
its a Windows Workstation or so, but also here it depends on the Hardware used. 
And to detect any other Wireless device is a bit tricky. You can't rely on the 
fact that you see the affected office only and you might pick up signals from 
the outside and start chasing ghosts. To prevent this you would need to shield 
the entire office against any radiation from the outside, which is a bit costly 
to be honest.

I know that we have only two APs in use in our office, but i pick about 8 APs 
from the outside up (7 of them fully open and unprotected, 2 of them in 
positively identified offices and allowing unrestricted access to internal and 
external resources). I also can pick loads of PCs and Workstations up in this 
area here. So as i said it is almost impossible to identify where a Wireless 
client is coming from, especially from remote locations as in your scenario.

I know port security is a pain in the back, especially if you have an ever 
changing environment, but it seems to be the only feasable solution. And of 
course pointing to security policies and threatening with disciplinary action 
against anybody who plugs anything unauthorized into a network can help as well.

Hope this helps

Tom

-------------------------------------------------------------------------
This List Sponsored by: Webroot

Don't leave your confidential company and customer records un-protected. 
Try Webroot's Spy Sweeper Enterprise(TM) for 30 days for FREE with no 
obligation. See why so many companies trust Spy Sweeper Enterprise to 
eradicate spyware from their networks.
FREE 30-Day Trial of Spy Sweeper Enterprise

http://www.webroot.com/forms/enterprise_lead.php
--------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Finding Wireless AP's on your network, Goran Pizent
Next by Date:  Password Management, Securi Net
Previous by Thread:  RE: Finding Wireless AP's on your network, Conlan Adams
Next by Thread:  RE: Finding Wireless AP's on your network, Hayes, Ian
Indexes:  [Date] [Thread] [Top] [All Lists]