RE: wireless access point
From: Bo Mendenhall (Bo.Mendenhall_at_hsc.utah.edu)
Date: 06/06/03
- Previous message: Mears,Caleb M: "Wireless security without Radius Server"
- Maybe in reply to: Leopoldo Dato: "wireless access point"
- Next in thread: David Gillett: "RE: wireless access point"
- Reply: David Gillett: "RE: wireless access point"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 06 Jun 2003 14:25:01 -0600 To: <security-basics@securityfocus.com>
Please correct me if I'm wrong:
Marvin's Statement below is true because eventually someone who has the SSID for an AP will hop on the AP, at which time it broadcasts the SSID, so Netstumbler would potentially pick it up the SSID at that point.
>>> "Myers, Marvin" <MRMyers@anteon.com> 06/06/03 12:34PM >>>
That is not entirely true. Netstumbler does in fact detect AP's that do not broadcast their SSID, it just takes longer. I have proven this on more than one occasion using NetStumbler on XP with both Orinoco and Netgear cards.
-----Original Message-----
From: Christopher Harrington [mailto:charrington@syseng.com]
Sent: Friday, June 06, 2003 1:23 PM
To: lod@acmesecurity.org; security-basics@securityfocus.com
Subject: RE: wireless access point
Netstumbler does not detect AP's that do not broadcast their SSID. I know Kismet and Wellenreiter do, I cant speak for the others.
--Chris
-----Original Message-----
From: Luiz Otávio Duarte [mailto:lod@acmesecurity.org]
Sent: Thursday, June 05, 2003 9:54 PM
To: security-basics@securityfocus.com
Subject: RE: wireless access point
Hi,
>Is there any way of detecting wireless access point that doesn't
>broadcast
>the SSID?
Yep, It's possible. I will tell you why:
We have two probing modes for channels in a 802.11 network.
- Activing probe - Is when the prober machine exchange some probe frames
with the AP.
- RFMON - Radio Frequency Monitor (Passive probe) - when the probe machine
capture all data in the channel and try to find some SSID (Service Set
Identification)
You can find AP that does not broadcast the SSID using any probe technique.
You can use: Netstumbler, DStumbler, Kismet, Wellenreiter, THC-RUT,
WEPCrack, AirSnort, ....
That's All Folks!
--
##
# Luiz Otávio Duarte (lod at acmesecurity dot org)
# www.acmesecurity.org/~lod
##
# ACME! (Computer Security Research)
# www.acmesecurity.org
##
# Unesp - São José do Rio Preto - São Paulo - Brazil
##
---------------------------------------------------------------------------
----------------------------------------------------------------------------
---------------------------------------------------------------------------
----------------------------------------------------------------------------
---------------------------------------------------------------------------
----------------------------------------------------------------------------
---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------
- Previous message: Mears,Caleb M: "Wireless security without Radius Server"
- Maybe in reply to: Leopoldo Dato: "wireless access point"
- Next in thread: David Gillett: "RE: wireless access point"
- Reply: David Gillett: "RE: wireless access point"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
