| Posted by: | dragorn |
|---|
| Subject: | How to set a Baseline |
|---|
| Date: | 15:59:00 28/06/2012 |
|---|
> So , how does kismet detects rogue AP right now . That is differentiates between unauthorized (not harmful) and a rogue AP (harmful)
There are a few automated detections; conflicting SSIDs advertising different encryption, a bssid reducing its encryption (indicating active twin).
For detecting APs which share your official SSID but aren't yours, you can use the apspoof rule in the config file to define a regex match for the SSID and a list of valid MAC addresses for it.
Reply to this message
