From: Matthew Webster (awakenings@mindspring.com)
Date: Thu Mar 30 2006 - 06:24:19 EST
David,
Thanks. That is one method I am using. That mitigates one risk, but if, for example, one were to attach an AP to a computer then connect to one of the hundreds of AP's available around them to connect to the internet to send data, we would never know. Yes, this is highly unlikely, but it makes auditors happy to see such a report.
Matt
-----Original Message-----
>From: "David M. Zendzian" <dmz@dmzs.com>
>Sent: Mar 30, 2006 2:53 AM
>To: Matthew Webster <awakenings@mindspring.com>
>Cc: pen-test@securityfocus.com
>Subject: Re: Wireless Audit Reports
>
>Something you might find easier would be to do an inventory of MAC
>addresses on your network (query all your switches if you have to) and
>then determine the manufacturer of all devices. If you have any APs in
>there, if they aren't running off some machine (hostap/madwifi/etc),
>then you should be able to find them this way.
>
>dmz
>
>Matthew Webster wrote:
>> Hi,
>>
>> I work in an environment that has a policy that does not permit
>> wireless devices. We still do an "audit" of the area to ensure that
>> there are no wireless devices in our area. I wish to prove that there
>> are no devices. Being in a city, there are literally hundreds of
>> wireless networks present - perhaps up to 50 in any one given area of
>> our building. I have tracked the signals down and have determined
>> that there are no rogue access points or peer networks hidden in our
>> portion of the building.
>>
>> Now a traditional wireless audit would be easy. I could report
>> the signal strengths of our devices, if the SSID's are correct, are
>> non-broadcast, etc. That would be an easy report to create after data
>> collection. In this case, I am trying to prove a negative. I can
>> list networks, signal strengths, etc. but I feel like I am fluffing
>> the report with meaningless and time wasting statistics. Does anyone
>> have any experience in what they would report under these circumstances?
>>
>> Matt
>>
>> ------------------------------------------------------------------------------
>>
>> This List Sponsored by: Cenzic
>>
>> Concerned about Web Application Security? As attacks through web
>> applications continue to rise, you need to proactively protect your
>> applications from hackers. Cenzic has the most comprehensive solutions
>> to meet your application security penetration testing and
>> vulnerability management needs. You have an option to go with a
>> managed service (Cenzic ClickToSecure) or an enterprise software
>> (Cenzic Hailstorm). Download FREE whitepaper on how a managed service
>> can help you: http://www.cenzic.com/forms/ec.php?pubid=10025
>> And, now for a limited time we can do a FREE audit for you to confirm
>> your results from other product. Contact us at request@cenzic.com
>> ------------------------------------------------------------------------------
>>
>>
>>
>
------------------------------------------------------------------------------
This List Sponsored by: Cenzic
Concerned about Web Application Security?
As attacks through web applications continue to rise, you need to proactively
protect your applications from hackers. Cenzic has the most comprehensive
solutions to meet your application security penetration testing and
vulnerability management needs. You have an option to go with a managed
service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm).
Download FREE whitepaper on how a managed service can help you:
http://www.cenzic.com/forms/ec.php?pubid=10025
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request@cenzic.com
------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:46 EDT