Hi, It is also possible to meet the PCI 11.1 requirement by scanning the *wired* network looking for wireless access points. This is much easier to do and more practical that walk-around wireless audits using a laptop based tool. There is an open source project called RogueScanner (http://paglo.com/opensource/roguescanner)---which I am one of the authors of---that is specifically designed for wired side discovery of APs.
Regards, Chris. > -----Original Message----- > From: [email protected] > [mailto:[email protected]] On Behalf Of Taras P. Ivashchenko > Sent: Thursday, April 23, 2009 12:51 PM > To: [email protected] > Subject: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". > Kismet+Snort? > > Hello, list! > > There is requirement in PCI DSS v.1.2: > > "...11.1 Test for the presence of wireless access points by using a > wireless analyzer at least quarterly or deploying a wireless IDS/IPS to > identify all wireless devices in use..." > > I made some research for open source wireless IDSs and results are not > good. > I found some articles about using together Kismet and Snort but it > looks like not best soliution. > Air Snort project is dead. > What wireless IDS/IPS (especially opensource/free) do you use? > > > -- > Тарас Иващенко (Taras Ivashchenko), OSCP www.securityaudit.ru > ---- > "Software is like sex: it's better when it's free." - Linus Torvalds
