[TriLUG] Detecting rogue wifi access points
Greg Brown
gwbrown1 at gmail.com
Thu Aug 21 15:31:56 EDT 2008
I can tell you what NOT to use: AirMagnet. Never have I seen such a poorly
implemented software package (well I have, but this one is on my bad side
today).
A good Fluke meter works wonders for detecting rogues and continuous
transmitters (non 802.11 yet in 2.4 or 5.8 Ghz ranges). Expensive, but
worth it if you really want the hard-core spectrum analysis.
Otherwise a laptop with some kind of stumbler works well. I've used that in
the past many times. Just walk around and watch the signal strength as it
goes towards zero. When you get close to zero and it goes back up turn back
around and look. It should be around within the 3 dimensions somewhere
close by.
On Thu, Aug 21, 2008 at 3:16 PM, Mike Shaw <mdshaw89 at gmail.com> wrote:
> On Thu, Aug 21, 2008 at 2:39 PM, Matt Frye <mattfrye at gmail.com> wrote:
>
> > I'm looking to find out what's needed to detect rogue wifi access
> > points in an office. Anyone have experience doing this?
> >
> > MPF
> > --
> > TriLUG mailing list :
> http://www.trilug.org/mailman/listinfo/trilug
> > TriLUG FAQ : http://www.trilug.org/wiki/Frequently_Asked_Questions
> >
>
> Last time I had to do this I used a PDA+Wireless card+Ministumbler. Then
> just start walking down the hallway.
>
> kismet seems to be the way to go on Linux but at the time I had a device
> that only had WinCE loaded.
>
> Good luck!
>
> l8r,
>
> Mike
> --
> Ed: This is worse than when he was just stupid! - from "Sitting Ducks"
> --
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG FAQ : http://www.trilug.org/wiki/Frequently_Asked_Questions
>
More information about the TriLUG
mailing list