|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Locating rogue APs
On Tue, Feb 11, 2003 at 11:27:28AM -0600, John Kristoff wrote: > > Apologies if this ends up on the list multiple times. I seem to > have trouble getting this posted in a timely fashion. > > In general, MAC OUI designations may indicate a particular AP. IP > multicast group participation may also be used by some APs. Some > APs have a few unique ports open. Lastly, APs may be found with > a radio on a particular default channel. All of these potentially > identifying characteristics may be used to help audit the network > for rogue IPs. Below is information on locating particular APs: > Why are you posting this here? The information is somewhat incomplete/incorrect as well. Persons interested in finding rogue AP's would be much better off with a tool such as kismet that already identifies model/make of access points based on various datapoints (including the types you posted), as well as the ability to determine in where the AP is (pysically) with the use of a GPS unit. As a side benefit, it can make pretty maps. http://www.poptix.net/thehills.jpg > John -- Matthew S. Hallacy FUBAR, LART, BOFH Certified http://www.poptix.net GPG public key 0x01938203
|
