Re: VS: MORE: Tools for Detecting Wireless APs - from the wire side.

From: R. DuFresne (dufresne@sysinfo.com)
Date: 06/14/02 

Date: Fri, 14 Jun 2002 15:14:44 -0400 (EDT)
From: "R. DuFresne" <dufresne@sysinfo.com>
To: Toni Heinonen <Toni.Heinonen@teleware.fi>

On Fri, 14 Jun 2002, Toni Heinonen wrote:

> > -----Alkuperäinen viesti-----
> > Lähettäjä: Jon [mailto:vandivee@midsouth.rr.com]
> > Lähetetty: 12. kesäkuuta 2002 7:18
> > Vastaanottaja: 'Pen-Test'
> > Aihe: RE: MORE: Tools for Detecting Wireless APs - from the wire side.
> >
> <snip>
> > EAP based authentication for port security....
> >
> > And with that.... I can honestly say I have NO IDEA how to do
> > it right now.....
> >
> > If anyone has a whitepaper for implementation EAP for port
> > security, please post it or send it to me...
>
> Ahh, but indeed. It's of course smarter to block access from the APs instead of just trying to detect them. AFAIK no Wireless APs can do 802.1x authentication to connect to the LAN, even though most can accept wireless 802.1x clients.
>
> These links quickly popped to my search at cisco.com:
>
> http://www.cisco.com/univercd/cc/td/doc/product/lan/c3550/1219ea1/3550scg/sw8021x.htm
> http://www.cisco.com/warp/public/cc/pd/sqsw/sq/tech/deacs_wp.htm
>
> Of course, those links only work on Cisco catalysts.
>
>

The fact that leap is only available on the newest of cisco's wireless
equipment is one part of the issue. The other part of the wireless issue
is how it expands ones perimiter. You still with encryption or not have
opened up an external 'ethernet segment' to snooping. The management
packets, which contain alot of information in and of themselfs on the
wireless topology at the least, help intruders to map the segment, if not
more, depending upon how the wireless toys are terminated and where.

Thanks,

Ron DuFresne 

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior security consultant:  sysinfo.com
                        http://sysinfo.com

"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart

testing, only testing, and damn good at it too!

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Relevant Pages

  • Re: Enabling telnet, ftp, pop3 for root...
    ... Where did I say ANYTHING about not using authentication. ... You're presenting it like direct root login would be a total security ... DON'T have access to the port. ...
    (alt.os.linux)
  • Re: BEFVP41 -2003 SBS Help Please
    ... Couple of things to keep in mind about exposed ports, VPN, and security ... + 1723 is authentication, it doesn't pass the data stream. ... 1723 is an authentication port, if someone authenticated, they get in. ...
    (microsoft.public.windows.server.sbs)
  • Re: PEAP-TLS vs EAP-TLS
    ... -- IEEE 802.11 Wireless LAN Security with Microsoft Windows), ... in the PEAP-MS-CHAP v2 Authentication section: ... Although EAP provides authentication flexibility through the use of EAP ...
    (microsoft.public.windows.server.security)
  • Re: wireless security question.
    ... User Authentication via existing databases eg LDAP, RADIUS, Win NT ... Subject: wireless security question. ... eg. reports that a large % do not have WEP enabled. ...
    (Security-Basics)
  • RE: 802.1x was: [fw-wiz] IPv6 comes in the game
    ... I don't think anyone here is implying that 802.1x authentication is the ... end-all method to securing a network...be it wireless or not. ... in conjunction with a security policy that allows ... where I physically plug it in (it's logical place in the network scheme, ...
    (Firewall-Wizards)