[44169] in North American Network Operators' Group
Re: wireless traffic
daemon@ATHENA.MIT.EDU (Spencer.Wood@dot.state.oh.us)
Fri Nov 9 11:36:11 2001
To: "Steven M. Bellovin" <smb@research.att.com>
Cc: Andrew Brown <atatat@atatdot.net>,
Art Houle <houle@zeppo.acns.fsu.edu>, nanog@merit.edu,
owner-nanog@merit.edu, Valdis.Kletnieks@vt.edu
MIME-Version: 1.0
Message-ID: <OF1EEF3828.523DA0F9-ON85256AFF.005B1CB4@dot.state.oh.us>
From: Spencer.Wood@dot.state.oh.us
Date: Fri, 9 Nov 2001 11:35:43 -0500
Content-Type: text/plain; charset="us-ascii"
Errors-To: owner-nanog-outgoing@merit.edu
Cisco Access Points start out with 0040.96
************************************************************
Spencer Wood, Network Manager
Ohio Department Of Transportation
1320 Arthur E. Adams Drive
Columbus, Ohio 43221
E-Mail: Spencer.Wood@dot.state.oh.us
Phone: 614.387.0710/Fax: 815.361.0714/Pager: 866.591.9954
*************************************************************
"Steven M. Bellovin" <smb@research.att.com>
Sent by: owner-nanog@merit.edu
11/09/2001 11:29 AM
To: Andrew Brown <atatat@atatdot.net>
cc: Valdis.Kletnieks@vt.edu, Art Houle <houle@zeppo.acns.fsu.edu>,
nanog@merit.edu
Subject: Re: wireless traffic
In message <20011109104400.A6249@noc.untraceable.net>, Andrew Brown
writes:
>
>>> Does anybody know where I can locate a list of MAC address prefixes
that
>>> belong specifically to wireless NIC cards? I am looking for a method
of
>>> discovering what devices on my network are wireless devices.
>>
>>Power down the wireless hub and see who calls? ;)
>>
>>Seriously though - your wireless hub/transmitter may have a queryable
>>arp table that will tell you what's not using the wire....
>
>i've used/seen cards with these prefixes:
>
> 00:e0:29 - smc
> 00:02:2d - orinoco/wavelan cards (lucent/agere)
>
I'm sending this via a Lucent card with prefix 0:60:1d. A glance at my
ARP table for a wireless-only segment shows 0:4:dd, 0:3:6b, 8:0:20,
0:0:c, 0:c0:b7, 0:d0:b7, 8:0:6a, and more.
--Steve Bellovin, http://www.research.att.com/~smb
Full text of "Firewalls" book now at http://www.wilyhacker.com
