Kismet is a nice solution at all, but beholder[1] also could help. ./nelson -murilo
[1] - http://www.beholderwireless.org On Fri, Apr 24, 2009 at 11:04:01AM -0700, Jeremy Bennett wrote: > That requirement is focused on rogue detection and mitigation. If your WLAN > can be moved out of scope for PCI (using a stateful firewall) then you are > only required to scan for rogue devices. > You can either do walk-around scans using something like kismet or > NetStumbler or you can invest in a system with distributed sensors that can > scan for the rogue devices all the time. In theory you could build this with > low cost sensors running kismet and syslog and watch/filter the logs in a > central location. You'd need a way of filtering out the known neighbors and > internal devices and set up something to alert you, etc. I think you'll find > that it is a lot less "free" than you would hope.
