Re: VS: MORE: Tools for Detecting Wireless APs - from the wire side.

From: R. DuFresne (dufresne@sysinfo.com)
Date: Fri Jun 14 2002 - 15:14:44 EDT

• Next message: Toni Heinonen: "VS: MORE: Tools for Detecting Wireless APs - from the wire side."
• Previous message: batz: "Re: Sniff/Source Route Cisco Router Traffic?"
• In reply to: Toni Heinonen: "VS: MORE: Tools for Detecting Wireless APs - from the wire side."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Fri, 14 Jun 2002, Toni Heinonen wrote:

> > -----Alkuperäinen viesti-----
> > Lähettäjä: Jon [mailto:vandivee@midsouth.rr.com]
> > Lähetetty: 12. kesäkuuta 2002 7:18
> > Vastaanottaja: 'Pen-Test'
> > Aihe: RE: MORE: Tools for Detecting Wireless APs - from the wire side.
> >
> <snip>
> > EAP based authentication for port security....
> >
> > And with that.... I can honestly say I have NO IDEA how to do
> > it right now.....
> >
> > If anyone has a whitepaper for implementation EAP for port
> > security, please post it or send it to me...
>
> Ahh, but indeed. It's of course smarter to block access from the APs instead of just trying to detect them. AFAIK no Wireless APs can do 802.1x authentication to connect to the LAN, even though most can accept wireless 802.1x clients.
>
> These links quickly popped to my search at cisco.com:
>
> http://www.cisco.com/univercd/cc/td/doc/product/lan/c3550/1219ea1/3550scg/sw8021x.htm
> http://www.cisco.com/warp/public/cc/pd/sqsw/sq/tech/deacs_wp.htm
>
> Of course, those links only work on Cisco catalysts.
>
>

The fact that leap is only available on the newest of cisco's wireless
equipment is one part of the issue. The other part of the wireless issue
is how it expands ones perimiter. You still with encryption or not have
opened up an external 'ethernet segment' to snooping. The management
packets, which contain alot of information in and of themselfs on the
wireless topology at the least, help intruders to map the segment, if not
more, depending upon how the wireless toys are terminated and where.

Thanks,

Ron DuFresne

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior security consultant:  sysinfo.com
                        http://sysinfo.com
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart
testing, only testing, and damn good at it too!
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

• Next message: Toni Heinonen: "VS: MORE: Tools for Detecting Wireless APs - from the wire side."
• Previous message: batz: "Re: Sniff/Source Route Cisco Router Traffic?"
• In reply to: Toni Heinonen: "VS: MORE: Tools for Detecting Wireless APs - from the wire side."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:22 EDT