[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Detection of Rogue Access Points

Subject: Detection of Rogue Access Points
From: ops.lists at gmail.com (Suresh Ramasubramanian)
Date: Mon, 15 Oct 2012 07:39:56 +0530
In-reply-to: <CAAAwwbWD7S6_ZqEaFgE5ZaGyGsaTazSJ6nAjbCKm9fOm+KXc2Q@mail.gmail.com>
References: <CAC47Z9mEDndWoNUsXjUNgawifNtv4RXztLZgLZ2SLc4JTe0AGA@mail.gmail.com> <CAHsqw9sfxByWg1WAYpuC9dMZf6D=T2oBr8V78qndJzu5PKzZiw@mail.gmail.com> <CAAAwwbWD7S6_ZqEaFgE5ZaGyGsaTazSJ6nAjbCKm9fOm+KXc2Q@mail.gmail.com>

SSL throughout the network, with access control enforced using certificates
is certainly a good idea.

But most of the problem you face is metrics and inventory control of
authorized devices.  Commercial WIPS gear does a lot of this heavy lifting
without your having to script it all yourself.

On Monday, October 15, 2012, Jimmy Hess wrote:

> A NAT device is one example.....
> another example of an unauthorized device could be an unauthorized
> hardware keylogger/ network backdoor,  with unauthorized connectivity to
> the LAN,  and
> possible  covert channels/backdoors/firewall bypasses.
>
>

-- 
Suresh Ramasubramanian (ops.lists at gmail.com)

References:
- Detection of Rogue Access Points
  - From: quantumfoam at gmail.com (Jonathan Rogers)
- Detection of Rogue Access Points
  - From: jof at thejof.com (Jonathan Lassoff)
- Detection of Rogue Access Points
  - From: mysidia at gmail.com (Jimmy Hess)

Prev by Date: Attacking on Source Port 0 (ZERO)
Next by Date: Attacking on Source Port 0 (ZERO)
Previous by thread: Detection of Rogue Access Points
Next by thread: Detection of Rogue Access Points
Index(es):
- Date
- Thread