Re: Tool for Identifying Rogue Linksys Routers
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Martin,
Martin Mkrtchian wrote:
> Is there a scanning tool out there that can determine if there are
> unauthorized Linksys (type) routers in a specific VLAN?
You can use the Nessus plugin 11026 (find_ap.nasl) to scan your network
for open HTTP, SNMP and FTP servers. Using Nmap fingerprinting and
banner grabbing, this plugin does a decent job at finding rogue AP's
that don't mind being found (e.g. they haven't been specifically
configured to hide from administrators).
Alternatively, wireless-side analysis is the way to go to locate rogue
AP's! Kismet (www.kismetwireless.net), or a commercial tool will be
helpful there.
- -Josh
- --
- -Joshua Wright
jwright@xxxxxxxxxxx
2005-2006 pgpkey: http://802.11ninja.net/pgpkey.htm
fingerprint: F00E 7A42 8375 0C55 964F E5A4 4D2F 22F6 3658 A4BF
Today I stumbled across the world's largest hotspot. The SSID is "linksys".
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFDDjTNTS8i9jZYpL8RAqbCAKCD7fGJk/tCRrPg8BfQ2p+tbC0zRgCg4ZLX
u8D2UrPqEa2Q17fDiu8x0oM=
=0/CO
-----END PGP SIGNATURE-----