To detect Wireless Access Points remotely?

Discussion in 'Cisco' started by Doug Fox, Apr 2, 2005.

  1. Doug Fox

    Doug Fox Guest

    I am searching for a way that a systems administrator can
    locate/detect/identify unauthorized wireless access points in global (or
    WAN) network, including those across the oceans, even not being physically
    there!

    One way is "war driving". However, it requires a person physically walking
    inside the organization or driving around the organization's campus with a
    "war driving" software.

    Can one use a packet sniffer? But it may be "blocked" by VLANs.

    Any advice / pointers are appreciated.

    Thanks and have a nice weekend.
     
    Doug Fox, Apr 2, 2005
    #1
    1. Advertising

  2. Hello, Doug!
    You wrote on Sat, 2 Apr 2005 02:08:33 -0500:

    DF> I am searching for a way that a systems administrator can
    DF> locate/detect/identify unauthorized wireless access points in
    DF> global (or WAN) network, including those across the oceans, even
    DF> not being physically there!

    DF> One way is "war driving". However, it requires a person
    DF> physically walking inside the organization or driving around the
    DF> organization's campus with a "war driving" software.

    DF> Can one use a packet sniffer? But it may be "blocked" by VLANs.

    DF> Any advice / pointers are appreciated.

    Radio monitoring and WLSE in case of Cisco or/and AirMagnet Enterprise.

    http://www.cisco.com/en/US/products/sw/cscowork/ps3915/
    http://www.airmagnet.com/products/enterprise.htm

    With best regards,
    Andrey.
     
    Andrey Tarasov, Apr 2, 2005
    #2
    1. Advertising

  3. Doug Fox

    Doug Fox Guest

    These are costly solutions, which we cannot afford :-( We are looking for a
    "cheaper one".

    Any suggestions are appreciated.

    "Andrey Tarasov" <> wrote in message
    news:d2lhj4$4hp$...
    > Hello, Doug!
    > You wrote on Sat, 2 Apr 2005 02:08:33 -0500:
    >
    > DF> I am searching for a way that a systems administrator can
    > DF> locate/detect/identify unauthorized wireless access points in
    > DF> global (or WAN) network, including those across the oceans, even
    > DF> not being physically there!
    >
    > DF> One way is "war driving". However, it requires a person
    > DF> physically walking inside the organization or driving around the
    > DF> organization's campus with a "war driving" software.
    >
    > DF> Can one use a packet sniffer? But it may be "blocked" by VLANs.
    >
    > DF> Any advice / pointers are appreciated.
    >
    > Radio monitoring and WLSE in case of Cisco or/and AirMagnet Enterprise.
    >
    > http://www.cisco.com/en/US/products/sw/cscowork/ps3915/
    > http://www.airmagnet.com/products/enterprise.htm
    >
    > With best regards,
    > Andrey.
     
    Doug Fox, Apr 2, 2005
    #3
  4. Doug Fox

    BradReeseCom Guest

    Hi Doug,

    There are some open source tools that can aid in the detection of
    wireless networks in a geographically distributed corporate network.

    You may wish to investigate Nmap.

    http://www.insecure.org/nmap/

    Nmap is a network discovery tool and port scanner that can be used to
    audit large networks.

    It also has a feature that is useful for detecting wireless access
    points on the wired network.

    This feature is called TCP/IP Finger Printing, which is a remote system
    identification technique.

    Within the Nmap distribution, there is a database of TCP/IP
    fingerprints enabling the tool to detect nearly 700 operating systems
    running on target devices.

    A subset of these devices includes wireless access points.

    Configuring Nmap to scan a portion of the network with the TCP/IP
    fingerprint option enabled will yield a list of hosts and their
    associated operating system.

    Further filtering this output for "wireless" could identify rogue
    wireless access points on a network.

    Using this technique assumes that the security staff can then map an IP
    address to the physical location of the wireless access point or at
    least the switch port to which the device is connected.

    In an ideal environment this should not be difficult task, given proper
    documentation of network topology.

    Nmap was developed to run on UNIX, but has been ported and is now
    available on Windows platforms.

    ---------------------------------------------------------------------------------

    Yet another open source tool is APTools.

    http://winfingerprint.sourceforge.net/aptools.php

    A different technique is to connect directly to a switch or router in
    the environment and compare the MAC addresses in the Address Resolution
    Protocol (ARP) table to a database of 802.11b wireless access point MAC
    addresses.

    This is exactly what APTools attempts to accomplish and can reduce the
    amount of time it takes to search for wireless access points in a large
    corporate environment.

    By providing a list of routers and switches (and the associated
    passwords), APTools will either query the switch's Content Accessible
    Memory or the router's ARP table and compare it to a database of
    wireless access point MAC addresses.

    APTools runs on both Windows and UNIX.

    ---------------------------------------------------------------------------------

    Hope this helps.

    Sincerely,

    Brad Reese
    BradReese.Com® Cisco Resource Center
    Toll Free: 877-549-2680
    International: 828-277-7272
    Website: http://www.BradReese.Com
     
    BradReeseCom, Apr 2, 2005
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. MethodX
    Replies:
    2
    Views:
    456
    Scote
    Feb 26, 2004
  2. Doug Fox

    Detect Wireless Access Points

    Doug Fox, Apr 2, 2005, in forum: Computer Security
    Replies:
    21
    Views:
    1,516
    Moe Trin
    Apr 7, 2005
  3. Petrucciowns

    Remotely Access Cisco Lab.

    Petrucciowns, Jul 29, 2009, in forum: Cisco
    Replies:
    0
    Views:
    419
    Petrucciowns
    Jul 29, 2009
  4. alisha jones
    Replies:
    0
    Views:
    763
    alisha jones
    Sep 8, 2009
  5. john bently
    Replies:
    2
    Views:
    618
    chuckcar
    Dec 23, 2009
Loading...

Share This Page