Firewall Wizards mailing list archives
RE: Wireless
From: ejb3 () cornell edu
Date: Fri, 9 Aug 2002 14:53:13 -0400 (EDT)
Why not restrict access via MAC addresses on the wireless cards? This would be a preventative measure.
Spoofing MAC addresses is easy, even on 802.11b cards. Managing permitted MAC addresses is a good idea for home users with few cards and only a single base station. It's a management nightmare for large installations. Besides, that just restricts access to approved APs, and does nothing to address the problem at hand. Find rogue networks the same way their users do, with netstumbler or something similar. Anything that's got an SSID other than the official one, or that's offering up addresses beyond the approved wireless range gets hunted down. Perhaps this is the kind of thing that should be built into next-gen APs? The AP will notice if someone else in range is offering service, and syslog this fact. ericb
------- How are people starting to deal with hunting down and killing rogue Wireless Access Points (WAPs)[1]? It seems pretty easy in environments where wireless isn't allowed at all, but is anyone dealing with the situation in an environment where there are sanctioned wireless networks?
_______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Wireless Paul Robertson (Aug 09)
- Re: Wireless R. DuFresne (Aug 09)
- Re: Wireless B. Scott Harroff (Aug 09)
- <Possible follow-ups>
- RE: Wireless Scott, Richard (Aug 09)
- RE: Wireless ejb3 (Aug 09)
- Re: Wireless Jeff Newton (Aug 09)
- Re: Wireless R. DuFresne (Aug 09)
- Re: Wireless Jeff Newton (Aug 09)
- RE: Wireless ejb3 (Aug 09)
- Re: Wireless John McDermott (Aug 09)
- Re: Wireless Paul Robertson (Aug 09)
- Re: Wireless Dave Piscitello (Aug 19)
- Re: Wireless ejb3 (Aug 09)
- Re: Wireless R. DuFresne (Aug 09)