It's theoretically possible that an IDS could use a combination of
information about the intruder and information from the intruder (in
this case, the person jumping onto an open access point is austensibly
going to use it for something) to determine some information about them.
On the other hand, if someone's just war-driving, grapping arp info,
and then port-scanning/attempting to compromise the machines it can find
on the local subnet then it's unlikely you can get any useful
information. The other option being that this thing attempts to
compromise systems on your own network that aren't authorized, in order
to determine more information. Since I don't know the source of these
claims, it's hard to judge reputability in any sense.
I don't see any information about the specific product you're referring
to here or links to it, do you have a link? I'd be interested to do
some more looking and see how the author claims it works.
Take care, mdh.
[EMAIL PROTECTED] wrote:
IDS with Intruder Identification System (IIS) - "identifies wireless
piggybackers".
dontstealmywifi
provides the identity of the attacker...?
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------
--
/*
* Matt D. Harris <[EMAIL PROTECTED]>
* Solitox Networks - Lead Project Engineer
* [http://mdh.name/]
*/
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------
