Tweet
What are the challenges in locating a unauthorized AP or client?
Any proven method or technology?
Any proven method or technology?
-
-
I don't mean to be flippant, but it is pretty easy. Use netstumbler or kismet (more reliable) and walk your building/facility.perl -e 'print pack(c5, (41*2), sqrt(7056), (unpack(c,H)-2), oct(115), 10)' -
jetcyc, could you perhaps explain what you are looking for exactly? For some reason in other forums some people declare "unauthorized AP or clients" as rogue APs, which are not the same... rogue APs are APs that for example an employee got an AP at walmart and brought it to work and connected it to their network without their IT/MIS deparment knowing... therefore punching a hole right through their "security" methodology...
Otherwise if this is not what you are talking about, (which I doubt it is), Chris' advice is what you want to follow.Comment
-
Chris>>
Kismet and NS does a good job to identify AP or client.
Having done that, the next step is to find the exact location of the unauthorized AP or client?Comment
-
To find the exact location of any AP you would want to do some fox hunting methodology... just take a pda warwalking setup and a directional and hope you don't have to find it in a highrise. otherwise if you want to use commercial software several companies offer a monitoring system for such rogue systems...Originally posted by jetcyc
Chris>>
Kismet and NS does a good job to identify AP or client.
Having done that, the next step is to find the exact location of the unauthorized AP or client?
it seems like you are talking about rogue APs...
so here are some rogue ap links:
http://www.flukenetworks.com/us/LAN/...+Rogue+APs.htm
http://www.airwave.com/airwave_rogue_detection.pdf
http://www.airdefense.net/webinars/webinar_info.php4
... the reason you couldn't find an answer on google was because you were not defining the term correctly as I had discussed in my initial post on this thread... search for ROGUE AP DETECTION and you will be back in the game.
If you want to detect, let's say netstumbler users.. you can use a windows program called spyglass/airsnare and an linkys AP
spyglass:
http://home.attbi.com/~digitalmatrix/nsspyglass/
airsnare:
http://home.attbi.com/~digitalmatrix...e/download.htm
if they are using kismet in monitor mode good luck detecting them....Comment
-
BW>>
I am looking at physically tracking the Rogue AP or unauthorized client that are identified by Kismet and NS.Comment
-
Yes I just described pretty much everything you needed to know.Originally posted by jetcyc
BW>>
I am looking at physically tracking the Rogue AP or unauthorized client that are identified by Kismet and NS.Comment
-
I like to use kismet and my laptop to track em down....kind like a cold/warm/hot game from when i was a kid. the CLOSER I get..the STRONGER the signal...till I find it.Originally posted by jetcyc
BW>>
I am looking at physically tracking the Rogue AP or unauthorized client that are identified by Kismet and NS.
There are more expensive ways to do it...but mine is free :Dperl -e 'print pack(c5, (41*2), sqrt(7056), (unpack(c,H)-2), oct(115), 10)'Comment
Comment