Wireless LAN detection

From: Boschmann, Armin (aboschmann@hydro.mb.ca)
Date: 12/06/02

  • Next message: Neal K. Groothuis: "Re: ICMP on port 3"
    From: "Boschmann, Armin" <aboschmann@hydro.mb.ca>
    To: "'security-basics@lists.securityfocus.com'" <security-basics@lists.securityfocus.com>
    Date: Fri, 6 Dec 2002 12:45:24 -0600 

    We have a policy of no-wireless at our sites. I want to audit this policy,
    similar to war-dialing, or more correctly war-driving.

    My thinking is to find illegal wireless equipment in realtime. My concern
    is insiders (temporary employees, contractors, 'bad' employees) plugging in
    a wireless access point, then accessing our network from the street, then
    disconnecting. So I am envisioning a computer with a wireless receiver that
    will look for TCP/IP traffic, and tell me if it detects communications to
    any of our computers.

    I can see several problems, such as distinguishing between our 192.168.x.x
    addresses and those on WLANs of our neighbors. Also I would have to harden
    the wireless detection computer, and ideally not connect it to our network
    at all yet have some means of notifying me (pager, cell modem).

    Does anyone know of a product that does this? Or if you think my approach
    is suspect, suggest another one?

    Armin Boschmann
    Manitoba Hydro

    Relevant Pages

    • RE: Wireless security question
      ... If you have a Windows Domain and these machines are on that domain, ... These along with a known written company policy should ... Policy against wireless, including cards. ... We have a secure network with no wireless ...
    • Re: Wireless LAN detection
      ... connects to your network and start your audit policy from that point... ... Boschmann, Armin wrote: ... > My thinking is to find illegal wireless equipment in realtime. ...
    • Re: Wireless security question
      ... Subject: Wireless security question ... I may also suggest to enforce a policy in your company that addresses the ... disable the wireless card in it. ... profile anytime she's on your network. ...
    • Re: Wireless Login help please
      ... bypass domain user configuration Group Policy. ... wireless card, logon with cached credentials, then plug their network card ... certificates may help. ...
    • Re: Wireless security question
      ... her in an OU and create a policy for her that disables the Wireless Zero ... > profile anytime she's on your network. ...