Netstumbler would be a good choice. I think that the perl script is a much more inventive solution, but in a pinch, netstumbler is a good idea for 'Gee, I wonder if there's a WAP around'. I have a relative who war drives with his laptop and netstumbler. It sounds dumb, but is actually very interesting-- no one locks down their WAPs-- not even me (but that's a different story).
Regardless, I belive that the perl script is the way to go. As well, locking down MAC addresses is the best, although inefficient way. adam On Thu, 3 Jan 2002, [EMAIL PROTECTED] wrote: > > Check out www.netstumbler.com. I'm > not sure if they are white hats or > grey hats, but their site includes > links and info on vendors of > equipment, as well as summarized info > on 802.11b. The only way I know of, > at this moment, to secure WAPs is by > isolating and securing the vlans on > which the WAPs are located and to > require WAP sessions to use IPSec VPN > sessions. Have fun... > >----- Original Message ----- > >Wrom: YOQKEDOTWFAOBUZXUWLSZLKBR > >To: <security- > [EMAIL PROTECTED]> > >Sent: Wednesday, January 02, 2002 > 4:57 PM > >Subject: Detecting WAP's > > > > > >> Hello, > >> I spent the better part of my > morning today tracking down a WAP > within > >> my building. We basically stumbled > onto the signal by blind luck > >> (testing a WAP enabled laptop) and > I proceeded to walk around on a few > >> floors searching cubicles until I > found it sitting inside someone's > >> cabinet. > >> > >> My current network policy is no > wireless devices. > >> > >> My question is how does one > proactively monitor for a WAP in a > standard > >> routed/switched environment. Is > there any intelligent way to accomplish > >> this? I would be interested in > ideas/solutions for LAN's and WAN's. > Is > >> there something I can look for > within each packet or perhaps specific > >> types of traffic (broadcast?) > create by the WAP? > >> > >> Unfortunately I am not up on 802.11 > (yet) and this recent incident has > >> me concerned given anyone within > range had free access to my network. > >> > >> Any comments, links, documents, or > criticisms are welcome. Please > >> respond to the group. > >> CM > >> > >> > > > > >
