Questions

How can I find WAP devices on my network by scanning through the wired LAN?

Tags:
+
0 Votes
Locked

How can I find WAP devices on my network by scanning through the wired LAN?

ghenneborn
I have a network that comprises of many locations. I would like the ability to scan through the wired network to find WAP devices that end users are connecting to the network. I could scan for wireless AP's but I would have to travel to each location which isnt an option.
Can this be done?

Thanks in advance.
  • +
    0 Votes
    CG IT

    something to think about...

    +
    0 Votes
    ghenneborn

    Thanks for the fast response.
    For testing purposes I plugged a Netgear WAP into the network. I confirmed that it got an IP address but when I look in the DHCP table the WAP appears just like the other PC's do. Is there a way or a tool that I can use to find this WAP or differentiate this WAP from the other PC's?

    Thanks

    +
    0 Votes
    CG IT

    or rather who is allowed on the network. part of network documentation. anyone not on the list is rogue.

    That's one of the drawbacks of DHCP it will assign an address to anyone who requests it, unless you take steps to lock that down.

    you can use mac addresses as a security measure.

    +
    0 Votes
    ghenneborn

    and am trying to fix these problems. Seems that my IT dept does not have the budget to afford an upgrade to Cisco switches from our very old Nortel switches. Im just at the starting point and wanted to find these devices via network scan and go from there.
    Nothing like fixing other peoples mistakes but then again thats job security.

    +
    0 Votes
    CG IT

    and have that capability with the standard and enhanced image. Around $200.00 USD each for a 24 port.

    another method is using DHCP.

    here's a petri article on it. Probably the way to go on the cheap.

    http://www.petri.co.il/filter-mac-address-windows-server-2008-dhcp-server-callout-dll.htm

    that way, you know that anyone not on the list won't get an address. They would have to take the card out of one machine and put it in another.

    +
    0 Votes
    ghenneborn

    It is very useful. I just need something asap so that I can find and get these devices off the network considering the security risk. I do agree with you about the 2950 and port security and will continue to push management to purchase them.

    Thanks

    +
    0 Votes
    CG IT

    easy fast and cheap way to do it.

    +
    0 Votes
    mafergus

    I would use whatever network scanning tool you are comfortable with and get an inventory of what is on the network. This will give you at least an initial taste of what is out there. Most good scanners will return information that makes it easy to determine the nature of most devices. Most people, even in a corporate environment won't take the time to disguise their access points.

    After you have a good feel, then go to the number one trouble spot and validate what you found on your network scans using a wireless sniffer. That will validate what you saw earlier and give you more evidence for whatever the next action may be.

  • +
    0 Votes
    CG IT

    something to think about...

    +
    0 Votes
    ghenneborn

    Thanks for the fast response.
    For testing purposes I plugged a Netgear WAP into the network. I confirmed that it got an IP address but when I look in the DHCP table the WAP appears just like the other PC's do. Is there a way or a tool that I can use to find this WAP or differentiate this WAP from the other PC's?

    Thanks

    +
    0 Votes
    CG IT

    or rather who is allowed on the network. part of network documentation. anyone not on the list is rogue.

    That's one of the drawbacks of DHCP it will assign an address to anyone who requests it, unless you take steps to lock that down.

    you can use mac addresses as a security measure.

    +
    0 Votes
    ghenneborn

    and am trying to fix these problems. Seems that my IT dept does not have the budget to afford an upgrade to Cisco switches from our very old Nortel switches. Im just at the starting point and wanted to find these devices via network scan and go from there.
    Nothing like fixing other peoples mistakes but then again thats job security.

    +
    0 Votes
    CG IT

    and have that capability with the standard and enhanced image. Around $200.00 USD each for a 24 port.

    another method is using DHCP.

    here's a petri article on it. Probably the way to go on the cheap.

    http://www.petri.co.il/filter-mac-address-windows-server-2008-dhcp-server-callout-dll.htm

    that way, you know that anyone not on the list won't get an address. They would have to take the card out of one machine and put it in another.

    +
    0 Votes
    ghenneborn

    It is very useful. I just need something asap so that I can find and get these devices off the network considering the security risk. I do agree with you about the 2950 and port security and will continue to push management to purchase them.

    Thanks

    +
    0 Votes
    CG IT

    easy fast and cheap way to do it.

    +
    0 Votes
    mafergus

    I would use whatever network scanning tool you are comfortable with and get an inventory of what is on the network. This will give you at least an initial taste of what is out there. Most good scanners will return information that makes it easy to determine the nature of most devices. Most people, even in a corporate environment won't take the time to disguise their access points.

    After you have a good feel, then go to the number one trouble spot and validate what you found on your network scans using a wireless sniffer. That will validate what you saw earlier and give you more evidence for whatever the next action may be.