On Monday, August 20, 2001 5:45 AM, Mike.Ruscher@CSE-CST.GC.CA wrote: [...] > When mapping a LAN topology, what are the general methods to use for > discovering access points and wireless hosts from inside the > wired network. > This becomes important to detect rogue WLANS which are a > potential threat to > the enterprise as they might be behind firewalls etc. > > I would expect that the MAC addresses for APs would be unique > to the various > vendors., as would the wireless NICs on the WLAN hosts. Are there any > scanning tools freely available that can do this kind of search? Indeed, identifying the access points by the OUI gathered from arp table information works. The last time I did this sort of thing was by using a perl script that used fping to ping a range, and then SNMP.pm to pull the arp cache, feed it into an SQL database, and use the OUI information at <http://standards.ieee.org/regauth/oui/index.shtml> to figure out the nature of the device. The scripts are not complex. I can send a copy if there is interest. --woody ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Mon Aug 20 2001 - 10:02:53 PDT