Re: kismet and wifi probing
On Mon, 14 Mar 2005, Jochen Schulz wrote:
> * Bob Alexander:
> >
> > Any tutorials on this ?
too many ... but not tutorial format
what precisely is the purpose of the spotting these rogue boxes ??
- if its to prevent others from seeing your internal corp
emails, everything should be ssh'd and secure pop3 and secure
imap
- assume that you are being sniffed ... from the dark van outside your
office or on the mountain top you just looked at or the office bldg
nextdoor
- more wireless fun
http://Linux-Wireless.org/Sniffers
> > I have been requested by our CIO to roam through our offices and try
> > spotting rogue APs and possible external networks extending in our premises.
that'd be impossible ... for you be watching for them when they happen
to be online to catch um
you can do the hard way ... go to each cubicle and look gor things with
wires connected to it, but you're assumign you walk by when tye are using
it instead of in their backpack to/from work and the
hotel/starbucks/airports and other places to pick up trojans
just turn off dhcp and you are 100% sure all rogue wireless goes away
esp if you are using mac addy with your dhcp server
- and assign all unused ip# to a dummy box to occupy all ip#
so anything new that tries to use a spare ip# will trigger
the "ip# collision" detector
- but for those sniffers that change their mac addy on the fly,
you're basically needing to find the wireless sniffer-detector
pro to catch their adversaries
c ya
alvin
Reply to: