Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

firewall-wizards logo Firewall Wizards mailing list archives

Re: Hopefully not too OT
From: James Richards <jimmy () chickenhollow net>
Date: Tue, 3 May 2005 19:56:34 -0500
In a somewhat ironic twist of fate,
I was searching on google to try to see what risk management perhaps had to say about identity theft. (more specifically what types of financial incentive I might be able to apply to protecting our organization, to free up funds) 

I came up with this... 4th down in the list on google.

http://www.lexisnexis.com/riskmanagement/
Which is one of the companies which got me alarmed in the first place :) 

(it is not a direct correlation, but I thought it was worth a chuckle)

Jim

On May 3, 2005, at 2:07 PM, Paul Melson wrote:
If you mistrust internal users, I think you may be better served by looking 
at EAP or some other sort of network access control (gee, I wonder if
somebody's branded that term... :-) that could address any rogue equipment or users. It's just as feasible that an outside contractor, a guest, an untrustworthy employee, or even a cunning criminal could get past physical security and connect to your wired network and have their way with your data that way. Even within the parameters of corporate security policies, this type of thing represents a real threat. All of the network-based worm exposures I've seen at (insert current employer here) were caused by laptops brought in by (insert high-profile audit firm, now removed from approved 
infosec vendor list here).
Anyway, nmap -sS -O -p23,80,443 can identify rogues from the wired side, 
since it can fingerprint about a dozen different AP types.

PaulM


-----Original Message-----
I am going to have to take a multifaceted approach to this I believe, we have a very aggressive security posture here, we mistrust our internal users just as much as external users, and have a very tight filtering system, at 
the wire and application level, but I am paranoid, so I will keep going
further.
If anyone has any experience with scanners (preferrably open source) which 
are good at ferreting out rogue APs I would be gratefull for pointers.

  Again,  many thanks to all!





_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]