Network managers desirous of keeping track of what's attached to their network(s) might consider running ARPwatch (or something similar) and a database of MACs on their network(s). Anything new that pops up should be investigated. Additionally, while not authoritative, matching new MACs against known MAC ranges for wireless access points might make the investigative process a little easier.
---Matthew *********** REPLY SEPARATOR *********** On 6/7/2002 at 6:22 PM Isherwood Jeff C Contr AFRL/IFOSS wrote: >I'm doing some research for a paper on wireless security, and I've been >trying to find a decent way for an administrator to probe his network for >APs that might be attached. > >There seems to be very little out there for this sort of thing. > >NMAP can recognize a fingerprint of some APs, but not all... > >ISS can sweep a wire, and report back on any that have SNMP enabled... > >APTOOLS claims to be capable, but isn't that easy to use or figure out (for >me so far) > > >Is there anything else out there? > >---------------------------------------------------------------------------- >This list is provided by the SecurityFocus Security Intelligence Alert >(SIA) >Service. For more information on SecurityFocus' SIA service which >automatically alerts you to the latest security vulnerabilities please see: >https://alerts.securityfocus.com/ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
