I think your best bet would be to check out a list of MAC address for APs (several exist, however I don't have the urls on hand), then sweep the LAN and look for matching MACs. From there you could port scan to limit the possibles.
Soren Macbeth Network/Security Administrator ATC-NY -----Original Message----- From: Isherwood Jeff C Contr AFRL/IFOSS [mailto:[EMAIL PROTECTED]] Sent: Friday, June 07, 2002 2:22 PM To: 'Pen-Test' Subject: Tools for Detecting Wireless APs - from the wire side. I'm doing some research for a paper on wireless security, and I've been trying to find a decent way for an administrator to probe his network for APs that might be attached. There seems to be very little out there for this sort of thing. NMAP can recognize a fingerprint of some APs, but not all... ISS can sweep a wire, and report back on any that have SNMP enabled... APTOOLS claims to be capable, but isn't that easy to use or figure out (for me so far) Is there anything else out there? ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
