RE: MORE: Tools for Detecting Wireless APs - from the wire side.

From: ed d (ragdelaed@hotmail.com)
Date: 06/11/02

Previous message: Isherwood Jeff C Contr AFRL/IFOSS: "RE-cap: Tools for Detecting Wireless APs - from the wire side."
Maybe in reply to: Isherwood Jeff C Contr AFRL/IFOSS: "MORE: Tools for Detecting Wireless APs - from the wire side."
Next in thread: John Adams: "RE: MORE: Tools for Detecting Wireless APs - from the wire side."
Reply: John Adams: "RE: MORE: Tools for Detecting Wireless APs - from the wire side."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "ed d" <ragdelaed@hotmail.com>
To: Jeffrey.Isherwood@rl.af.mil
Date: Tue, 11 Jun 2002 15:12:56 -0400

depending on how the clients in your network get their ip addresses, you
might be able to search through your dhcp logs and pull all of the ap mac
addresses.

this discounts rogue aps with statics, but if i was to drop a rogue ap into
a network, i would probably turn on dhcp, then let it go.

a good site for mac address/vendor coorelation is:
http://standards.ieee.org/regauth/oui/oui.txt

_________________________________________________________________
Chat with friends online, try MSN Messenger: http://messenger.msn.com

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Previous message: Isherwood Jeff C Contr AFRL/IFOSS: "RE-cap: Tools for Detecting Wireless APs - from the wire side."
Maybe in reply to: Isherwood Jeff C Contr AFRL/IFOSS: "MORE: Tools for Detecting Wireless APs - from the wire side."
Next in thread: John Adams: "RE: MORE: Tools for Detecting Wireless APs - from the wire side."
Reply: John Adams: "RE: MORE: Tools for Detecting Wireless APs - from the wire side."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Medium Scale Scanning Best Practices
... network, ... > vulnerability rather than having to scan the entire network each time. ... > This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
(Pen-Test)
Re: Vulnebrability level definition
... >There would also be a need for probablity which I do guess is very subjectivem ... >medium for a server on the internal network, and low on a network with no ... This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
(Pen-Test)
RE: Using ARP to map a network
... I'm not quite sure how ARP harvesting is passive, ... > a network based on ARP tables. ... > This list is provided by the SecurityFocus Security ... > SecurityFocus' SIA service which automatically alerts you to ...
(Pen-Test)
RE: Opinions on ClicktoSecures Hailstorm Product
... Opinions on ClicktoSecure's Hailstorm Product ... inputs from the network - custom ISAPI interfaces, ... end-user and the software vendor find problems _before_ the hackers do - ... This list is provided by the SecurityFocus Security Intelligence Alert ...
(Pen-Test)
RE: Using ARP to map a network
... The only way to truly passively map a network, ... >> there are machines that infrequently communicate outwards ... For more information on SecurityFocus' SIA ...
(Pen-Test)