try the simple solution, buy a 802.11b nic and setup airsnort ... if you get a symbol extender /antenna you can get range to cover a pretty large campus. better yet, you can get access to the WAP and connect to your network through it so you can block the MAC on the thing (although some WAP's allow mac spoofing by default, you might want to try just sending out a memo so people know of the dangers of WAP's...
On Wed, 2 Jan 2002, sim wrote: > Hello, > I spent the better part of my morning today tracking down a WAP within > my building. We basically stumbled onto the signal by blind luck > (testing a WAP enabled laptop) and I proceeded to walk around on a few > floors searching cubicles until I found it sitting inside someone's > cabinet. > > My current network policy is no wireless devices. > > My question is how does one proactively monitor for a WAP in a standard > routed/switched environment. Is there any intelligent way to accomplish > this? I would be interested in ideas/solutions for LAN's and WAN's. Is > there something I can look for within each packet or perhaps specific > types of traffic (broadcast?) create by the WAP? > > Unfortunately I am not up on 802.11 (yet) and this recent incident has > me concerned given anyone within range had free access to my network. > > Any comments, links, documents, or criticisms are welcome. Please > respond to the group. > CM >
