Marc probably has the best idea.. restrict access to known MAC's. Sniffer Pro's wireless piece has a way to keep to track of your valid access points and others. Basically, the first time you run it it discovers the APs and you select which ones are truly yours. Down the road when you run it and it see's other APs it will show them as rogue. If you have added APs you can then add it to the list of valid APs.
--- "Marc Eiler (Volt)" <[EMAIL PROTECTED]> wrote: > Depending on the brand of transceiver that you are > using, you > may be able to add all of the MAC addresses of the > access points that > you are using into the transceiver's DB. I used a > Lucent WaveLAN > wireless network, and we were able to prevent > anybody from connecting > unless we had entered the MAC address into our DB. > I realize that this > doesn't address the question of "how do I discover > if a rogue is > connected", but this information may be able to > allow you to not to have > to worry about the need to detect rogue connections. > > Virtually, > MarC Eiler > > -----Original Message----- > From: Hornat, Charles > [mailto:[EMAIL PROTECTED]] > Sent: Friday, February 22, 2002 1:22 PM > To: [EMAIL PROTECTED] > Subject: detecting wireless access points > > What is the best method to discover rogue wireless > access points on your > network? Other than the obvious, buy a laptop with > a wireless card and > search theory. Is there a network tool that would > detect a wireless > access point being plugged in? > > As a security administrator, I would like to have > the ability to know if > a user has purchased an access point and plugged it > into my network. > > Any thoughts are appreciated. > > mrcorp > > > ________________________________________________________________ > The information contained in this message is > intended only for the > recipient, may be privileged and confidential and > protected from > disclosure. If the reader of this message is not the > intended recipient, > or an employee or agent responsible for delivering > this message to the > intended recipient, please be aware that any > dissemination or copying of > this communication is strictly prohibited. If you > have received this > communication in error, please immediately notify us > by replying to the > message and deleting it from your computer. > > Thank you, > Standard & Poor's __________________________________________________ Do You Yahoo!? Yahoo! Sports - sign up for Fantasy Baseball http://sports.yahoo.com
