|
Click to See Complete Forum and Search --> : Rouge AP Detection ssarica 10-16-2008, 11:51 AM Hi, Can you guys recommend a product to perform rouge AP detection? I am looking at Air Defense and wanted to see if anyone has experience with it or any other products. Thanks for the help! Steve Planet 10-16-2008, 07:59 PM Have you read this article (http://www.wi-fiplanet.com/tutorials/article.php/3590551) by Ronald Pacchiano? Also, check out the "monitoring (http://products.wi-fiplanet.com/wifi/monitoring/recent1.html)" section of the Wi-Fi Planet Product guide (http://products.wi-fiplanet.com/wifi/recent1.html). ad5mb 10-16-2008, 09:46 PM If you're looking at AirDefense, you have a budget. The following advice is for people who do not have a budget that supports buying AirDefense, but found this post and have this problem. All software below is free. Netstumbler, for XP but not for Vista: http://www.netstumbler.com/downloads/ inSSIDer, works on Vista: http://www.metageek.net/products/inssider Vistumbler, which I discovered about 12 seconds ago and haven't tried yet: http://vistumbler.sourceforge.net/ Obviously you have documented what you have installed; IPs, MACs, locations, SSIDs. So anything that turns up can be quickly identified as undocumented. As noted in the article, search the wired side for IP addresses that don't fit: http://www.softperfect.com/products/networkscanner/ One way to search for transmitters: Use a radio with a series of antennas, each less effective than the one before. Discover it with a 15 dBi antenna, switch to a 9 dBi antenna and move around until it's strongest. Switch to a 2 dBi antenna... If you're using Vista, Xirrus WiFi monitor will usually tell you the brand of AP, derived from the MAC address... http://www.xirrus.com/library/wifitools.php jordan.perks 10-17-2008, 03:35 PM I have just finished a product demo of AirDefense. Our Demo consisted of 5 sensors and one server. The server was located on AirDefense's network so there was a few things that we were not capable due to the remote server. We are currently running a Cisco Controller based network with 2 4402 and 1 4404 controller. The controllers are being managed with WCS and we have cisco's location server in the mix as well. The features that are provided by Cisco are okay, but we really want to have more. I thought the product was amazing. I can't think of a feature that it did not have that I wanted. The pre-canned reports are top-notch. The ability to create custom reports is just too easy. The user interface is very simple. I was plugging away with configs on the 1st day of using it without looking over the documentation. The sensors can use PoE. I am sure you have several specific questions. I will be moer than happy to attempt to answer anything you ask. golfnut 11-12-2008, 01:44 AM Proxim AP's, and I'm sure others, have this feature built-in... Greg Wifi-Guru 04-23-2009, 04:54 PM AirTight SpectraGuard has been rated one of the best Wireless IPS systems for a few years now. Highly recommended, but lots of it depends on what you already have installed as a sensor network. ~K wi-fiplanet.com
Copyright Internet.com Inc., All Rights Reserved. |
|