We used Reefedge for about a year with many continuous problems.
Scott Weeks wrote:
Good Morning Everyone,
This does help. We would be using it in a very similar configuration
(transparent mode to our LDAP server, etc). How long did you use the
Reefedge and how long have you used Bluesocket?
Our campus, as all other universities in US, has lots of rogue APs.
People spent less than 100 dollars each bought them from Bestbuy or
circuitcity and plug them into the campus wired network. A large portion
of the Rogue AP population even don't have WEP on. Everybody agrees
that it could cause
If you have Cisco gear, you might try enabling POT SECURITY to limit the number of MAC
addresses
seen on each port. We set our general ports to a max of 2 MAC addresses which allows
for easy
change to a new desktop machine but typically hurts wireless users (unless it is only
their
wireless AP &
On Feb 17, 2004, at 11:29 AM, John Watters wrote:
If you have Cisco gear, you might try enabling POT SECURITY to limit
the number of MAC addresses
seen on each port. We set our general ports to a max of 2 MAC
addresses which allows for easy
change to a new desktop machine but typically hurts wirel
Fyi...for those of you who are ECAR members, a new research bulletin on
Wireless Networking in Higher Education has been posted that is worth
looking at.
-d
http://www.educause.edu/asp/doclib/abstract.asp?ID=ERS0202
Abstract
This study provides an analysis of wireless networking and is based on a
Here are a few hints Re: Rogue AP Detection:
1. We found that they usually pop up in areas of low or no coverage (of
campus wireless network). So, generally people will take them home, if
you provide better coverage at their spot...
2. Some WLAN software management tools have introduced Rogue AP
Not on the wired side, but still interesting
to mention:
Cisco has developped CCX (Cisco Compatible eXtensions)
That architecture is being adopted by many Wi-Fi chip manufacturers.
(available beyond Cisco products)
It has, besides other things, a built-in tattletale (or Nark)
function.
Both, APs
If you want to do some distributed wireless security monitoring, you might want to look at a solution from AirDefense or AirMagnet. Network Chemistry has a cheap monitoring solution.
As for wire side detection, it's rather difficulty because the Ethernet MAC may or may not be the same as the w
I don't believe that Netstumbler catches devices that hide their SSID.
While Cisco's WLSE 2.5 identifies rogues, it's not a solution I would get just to identify rogues. WLSE remains primarily a configuration system for AP's. Of course, if you already have Cisco AP's, then WLSE is a no-braine
