Results 1 to 7 of 7

Thread: Detecting anauthorised APs during wireless assessment

  1. #1
    Just burned his ISO
    Join Date
    Sep 2011
    Posts
    2

    Question Detecting anauthorised APs during wireless assessment

    Hello everybody!

    I've got a question about detecting unauthorized APs in facilities during wireless assessment, as this might be one of the objectives in penetration test.
    Has anyone did such work, what tools and hardware do you usually use with backtrack5 and how does it looks in practice?

    As for me I've practiced in BT with kismet and airodump-ng on my net-book and looked for signal level and quality of signal which are PWR and RXQ, but I don't think that this is the most accurate decision, as in my report I would like to mark the floor and nearby room where unauthorized AP was spotted.

  2. #2
    Senior Member ShadowMaster's Avatar
    Join Date
    Jul 2011
    Location
    /root
    Posts
    189

    Default Re: Detecting anauthorised APs during wireless assessment

    I use the ALFA AWUSO36H. It's got a great 5 dbi antenna, and I got another 9 dbi extender. If that doesn't improve your reception nothing will. Incidentally, theres a great program out there in forumland called fern-wifi-cracker, that'll do it for you.

  3. #3
    Just burned his ISO valasudurai's Avatar
    Join Date
    Jan 2011
    Location
    INDIA
    Posts
    6

    Default Re: Detecting anauthorised APs during wireless assessment

    thank you i am a beginner in back track

  4. #4
    My life is this forum Barry's Avatar
    Join Date
    Jan 2010
    Posts
    3,817

    Default Re: Detecting anauthorised APs during wireless assessment

    For tracking down rogue access points, you want the lowest dbi antenna you can get. The higher dbi, usually means the longer range you'll "see" an access point. You can start out with a bigger antenna, but to get it down to which room, you'll need a smaller antenna, or attenuate the signal some how.
    Of course, if you really wanted to have some fun, go to Wal-Mart late at night and ask the greeter if they could help you find trashbags, roll of carpet, rope, quicklime, clorox and a shovel. See if they give you any strange looks. --Streaker69

  5. #5
    Very good friend of the forum TAPE's Avatar
    Join Date
    Jan 2010
    Location
    Europe
    Posts
    599

    Default Re: Detecting anauthorised APs during wireless assessment

    I seem to remember that Barry (?) also advised that Heatmapper could be used
    for such a task to find unauthorized (wireless) APs around ;

    http://www.ekahau.com/products/heatm...een-shots.html

    It works pretty well actually, but this is a windows application and not on BT.
    Last edited by TAPE; 09-25-2011 at 06:30 PM.

  6. #6
    My life is this forum Barry's Avatar
    Join Date
    Jan 2010
    Posts
    3,817

    Default Re: Detecting anauthorised APs during wireless assessment

    Yea, that was probably me. The more data points you can give it the more accurate it is. I've also just found a program for Android that does the same thing, but I'm not paying $50 for a phone app...
    Of course, if you really wanted to have some fun, go to Wal-Mart late at night and ask the greeter if they could help you find trashbags, roll of carpet, rope, quicklime, clorox and a shovel. See if they give you any strange looks. --Streaker69

  7. #7
    Just burned his ISO
    Join Date
    Feb 2010
    Posts
    5

    Default Re: Detecting anauthorised APs during wireless assessment

    Hello,
    Just curious if there are any enterprise wide methods of detection, preferably linux. We have over 200 locations and the threat of rogue AP's is constant. For sites that have AP's (not all do or can afford to) I can spot rogue AP's that way. Visiting each location with an alfa and appropriate software is not a viable option. 802.1x is certainly on the horizon and I suppose I could collect all 50,000 enterprise MACs and then compare those against trusted OUI's. Any thoughts on a better strategy welcome.

    brill

Similar Threads

  1. Need help detecting my wireless card.
    By Exhaustable in forum BackTrack 5 Beginners Section
    Replies: 0
    Last Post: 07-11-2011, 02:40 AM
  2. EAPeak - Security Assessment of wireless networks Enterprise Authentication Protocol
    By firebits in forum BackTrack 5 Tool Requests (NOW CLOSED) Please see sticky
    Replies: 0
    Last Post: 07-08-2011, 01:47 PM
  3. Not detecting any wireless networks?
    By Nel1to in forum Beginners Forum
    Replies: 2
    Last Post: 01-25-2011, 09:16 PM
  4. A tool which automates wireless assessment
    By wif1bust3r in forum OLD Newbie Area
    Replies: 6
    Last Post: 06-07-2009, 11:14 AM
  5. BT2 not detecting internal wireless
    By Noots610 in forum OLD Newbie Area
    Replies: 1
    Last Post: 12-19-2007, 09:17 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •