If you have managed switches, you can configure them to refuse traffic from an unknown MAC address, or to flag a warning when a new Mac address is detected, and you can thus trace it to the connected port from your network plan. Anyone plugging in something new onto the network (including a wireless access point) will be blocked or at least flagged.
> -----Original Message----- > From: sim [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, January 02, 2002 5:58 PM > To: [EMAIL PROTECTED] > Subject: Detecting WAP's > > > Hello, > I spent the better part of my morning today tracking down a > WAP within my building. We basically stumbled onto the > signal by blind luck (testing a WAP enabled laptop) and I > proceeded to walk around on a few floors searching cubicles > until I found it sitting inside someone's cabinet. > > My current network policy is no wireless devices. > > My question is how does one proactively monitor for a WAP in > a standard routed/switched environment. Is there any > intelligent way to accomplish this? I would be interested in > ideas/solutions for LAN's and WAN's. Is there something I > can look for within each packet or perhaps specific types of > traffic (broadcast?) create by the WAP? > > Unfortunately I am not up on 802.11 (yet) and this recent > incident has me concerned given anyone within range had free > access to my network. > > Any comments, links, documents, or criticisms are welcome. > Please respond to the group. CM > >
