Hello Isherwood, Friday, June 07, 2002, 8:22:13 PM, you wrote:
IJCCAI> I'm doing some research for a paper on wireless security, and I've been IJCCAI> trying to find a decent way for an administrator to probe his network for IJCCAI> APs that might be attached. IJCCAI> Is there anything else out there? Assuming you know the SNMP passwords, Solarwinds is very good (www.solarwinds.net) at gathering information. If you don't know them, bruteforcing snmp widely isn't a good idea as it can lock up Cisco equipment (among others) and you'll immediately attract attention. If you are checking your own network, of course, it could be easier since any device having a password different from the ones you assigned is suspect and if it has the same password, you get the info anyway. In a recent audit, what we did was a combination of extensive GPS assisted netstumbling, when we had an approximate idea of the location of the devices, we looked at the ARP tables of the plausible Ciscos. We also searched for specific ranges of Mac addresses known to be used by APs or outside the range of the standard devices used by the company. Certainly not perfect but worked well enough. I very interested in a better method, if there is one. -- Best regards, Pierre mailto:[EMAIL PROTECTED] ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
