 Security Basics Mailing List
A high-volume list which permits people to ask "stupid questions" without being derided as "n00bs". I recommend this list to network security newbies, but be sure to read Bugtraq and other lists as well.
List Archives
Latest Posts
Re: website monitoring
Don Thomas (May 16)
http://www.site24x7.com/
Regards,
Don Thomas
------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase,
install and use a thawte...
RE: Tool to find rouge wireless access points?
Erik Muttersbach (May 16)
Some time ago I have read about the idea to use clock skew in wireless
networks to characterize (or: fingerprint, if you want) the access points in
your network.
More information here:
http://ansr.cs.utah.edu/home/sites/default/files/files/papers/www.cs.utah.ed
u/~kasera/myPapers/fast%20and%20accurate%20detection%20clock%20skew.pdf
and here: http://www.cs.dartmouth.edu/~cja/papers/toorcon11_ver6a.pdf
This looked quite interesting, but I...
RE: Tool to find rouge wireless access points?
Vincent Yeo (May 16)
Hi Jon,
If you are detecting any AP that is going to connect to your network, have you implement port security on your network?
Or go by mac address filtering? Mac address should be able to determine which brand of network is connected to it.
Correct me if I m wrong. I m still learning. :)
Thanks,
Vincent Yeo
-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Brandon Edmunds...
Re: website monitoring --Clarification
Gareth Fletcher (May 15)
Hi GMF
Yeah we use AlertSite which alerts us and it also sends alerts to
another external company (here in New Zealand), who then keep calling
our on call engineers until someone answers (in case our internal
monitoring is also down for some reason).
Handy when something hits the fan... Or there's a meteoroid...
------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital...
Re: Tool to find rouge wireless access points?
Brandon Edmunds (May 15)
repost for group:
Nessus will do this. There is a plugin just for this.
More rudimentary, is that you can use a wireless scanner to capture
traffic. Use strings and a perl script to pull hostnames from the
traffic and then compare those hostnames to your inventory (I told you
it was rudimentary, but this will tell you either you have a your
clients connecting to a rogue ap that they set up, or they are
connecting to one circumventing your...
Re: website monitoring --Clarification
flanny16 (May 15)
More details that I should have provided in the first post.
Externally on the internet we require a website monitor service to notify us if any of our websites, whether http or
https or SMTP goes offline. an example of this is if one of our datacenters were to go down,then which of our services
is not available. can this service offer a notification page stating that there is an issue with the website and we are
working on it?
thx to all who...
RE: Tool to find rouge wireless access points?
Mike Saldivar (May 15)
Jon,
Just to clarify, you keep talking about APs of a different color:
http://dictionary.reference.com/browse/rouge?s=t
http://dictionary.reference.com/browse/rogue?s=t
The Net Disco tool isn't too difficult to set up if you know your way around Linux
http://www.netdisco.org/
It'll SNMP walk your entire network and tell you what's connected, and where. If the rogue AP has SNMP enabled, it'll
find it and tell you the...
RE: Tool to find rouge wireless access points?
Estell Kauffman (May 15)
Jon,
If you are running lightweight APs off a controller most of the controller software I've seen includes rogue AP
detection. The APs themselves act as detectors reporting the beacons and related information back to the controller.
The controller itself is generally able to see the wired side of the network and can then identify the rogue. Some
controllers also include the ability to shut down rogue APs.
The only other tool I've...
RE: website monitoring
Jerry Gamblin (May 15)
Just to monitor if the services are responding you can't do any better than uptimerobot.
http://www.uptimerobot.com/
Thanks,
Jerry
-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of flanny16 () gmail com
Sent: Tuesday, May 15, 2012 2:40 PM
To: security-basics () securityfocus com
Subject: website monitoring
This may be a little off topic but here goes. can anyone...
website monitoring
flanny16 (May 15)
This may be a little off topic but here goes. can anyone suggest a secure/reliable website monitoring service? we have
number of websites that require monitoring for https,http,smtp etc but would like suggestions from reputable companies.
thx,
gmf
------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs...
Re: Tool to find rouge wireless access points?
Jon D (May 15)
Sorry Felipe. Basically the core question is 'how to find rouge access points'.
For example, if an end user plugs in a linksys wireless router under
their desk, how do you detect it?
Expanding on the question, is that usually from what I've seen, just
scanning with nmap or something might not pick it up if the AP is
configured not to respond to pings, and doesn't have ports open, etc.
And without knowing the encryption...
Re: Tool to find rouge wireless access points?
Vincent Ngundi (May 15)
+1
Regards,
Vincent
------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase,
install and use a thawte Digital Certificate on your...
Re: Tool to find rouge wireless access points?
Patrick Laverty (May 15)
Could the wireless access points be a different color?
------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase,
install and use a...
Re: Tool to find rouge wireless access points?
Rajiv D (May 15)
I would suggest using airodump. You can check for the bssid field there.
-- Rajiv
-----Original Message-----
From: Jon D <rekcahpmip () gmail com>
Sender: listbounce () securityfocus com
Date: Mon, 14 May 2012 11:28:40
To: <security-basics () securityfocus com>
Subject: Tool to find rouge wireless access points?
Does anyone know of a tool to find rouge wireless access points?
I know of a lot of the various wireless scanners, but...
RE: Tool to find rouge wireless access points?
Mikhail A. Utin (May 15)
I would suggest vulnerability scanning, not just nmap. While nmap will try to identify a node OS, VS will try more, for
instance, can get manufacturer name, host name, etc. Nessus, for instance, has 'General? Set of plugins, which I would
run first, and which collects various information about the network nodes. Thus, youm can match wireless and LAN
scanning to identify Aps.
Good luck
Mikhail
-----Original Message-----
From: listbounce...
More Lists
Dozens of other network security lists are archived at
SecLists.Org.
| 
Current Month
RSS Feed
About List
All Lists