Re: Wired detection of rogue access points
- From: Vladimir Vuksan <vlists@xxxxxxx>
- Date: Mon, 19 Mar 2007 17:46:30 -0400
johnnywkm@xxxxxxxxx wrote:
Can anyone point me to a wired LAN scanner/sniffer that detects wireless access points connected to the LAN?
I don't believe you can identify an AP just by sniffing. The problem is that AP acts as a L2 switch so there is not necessarily a signature.
The only way I can think of doing something like that is polling your switches (through SNMP) for connected MAC addresses and running a wireless sniffer like Kismet and cross referencing mac addresses that Kismet sees vs. what you see on your wired switches. That has been on my to-do list and I have a project that does switch polling for MAC addresses I just haven't added the Kismet portion yet :-(.
Vladimir
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more.
------------------------------------------------------------------------
- Follow-Ups:
- Re: Wired detection of rogue access points
- From: Adam Crosby
- Re: Wired detection of rogue access points
- References:
- Wired detection of rogue access points
- From: johnnywkm
- Wired detection of rogue access points
- Prev by Date: Re: Bittorrent - utorrent
- Next by Date: RE: Bittorrent - utorrent
- Previous by thread: RE: Wired detection of rogue access points
- Next by thread: Re: Wired detection of rogue access points
- Index(es):
Relevant Pages
|
