RE: HW/SW Rogue AP Wireless Detection

From: MILES John M (John.Miles@co.lane.or.us)
Date: Fri Mar 14 2003 - 13:36:23 EST


Completely agreed, in our war-drives through our facilities to find rouge
access points, the best combiniation we have found is an iPAQ, with the
dual-pcmcia sleeve, a Lucent/Orinoco card, mini-stumbler, and a good
external antenna.

-----Original Message-----
From: Rob Shein [mailto:shoten@starpower.net]
Sent: Friday, March 14, 2003 9:02 AM
To: 'Dan Lynch'; pen-test@securityfocus.com
Subject: RE: HW/SW Rogue AP Wireless Detection

Dan,

Your better choice is an iPAQ with the PC Card "expansion sleeve plus,"
which adds a second battery to the equation. This gives you longer life,
and also allows you to use a Lucent/Cisco PC Card adapter that can accept an
external antenna, which will give you better range.

> -----Original Message-----
> From: Dan Lynch [mailto:dan.lynch@placer.ca.gov]
> Sent: Thursday, March 13, 2003 7:43 PM
> To: pen-test@securityfocus.com
> Subject: Re: HW/SW Rogue AP Wireless Detection
>
>
> Gary,
>
> I recently acquired a Toshiba e740 for that purpose. It's a
> reasonably priced and perfectly competent little Windows CE
> device. But I've also found that its wireless capabilities
> are limited due to the small amount of power available.
> First, running with the built-in antenna enabled depletes a
> full battery in under an hour. Second, you need to be pretty
> danged close to an AP to detect it.
>
> As for software, PocketWarrior (www.pocketwarrior.org), and
> Cirond's Winc (www.cirond.com/site/products/wifispotter),
> along with the built-in Windows CE "Wireless LAN Utility"
> does the trick.
>
> Finding these limitations though has sent me in search of a
> better solution. From NetStumbler.org I found reference to
> www.fab-corp.com, where they offer LinkSys and DLink "starter
> kits" (antennas and cables), as well as NICs, etc. I hear
> they offer special discounts for "net stumblers". But I
> haven't tried out any of those solutions or compared prices yet.
>
> Best of luck,
>
> Dan Lynch
> County of Placer
> Auburn, CA
>
>
> >>> Gary Nugent <garynugent@mobile.rogers.com> 03/12/03 10:27AM >>>
> Hello, there, I am looking for anyone who has had experience
> with a combined (pref. PDA) device for signal
> detection/analysis. I am familiar with the Fluke Ipaq-based
> product
> (http://www.flukenetworks.com/us/LAN/Handheld+Testers/WaveRunn
er/Overview.htm),
but it is quite expensive (app. $2500 US or more). The rogue AP detection
is a crucial part of this. Any thoughts?

Regards,

Gary Nugent
E gary.nugent@acrodex.com

--------------------------------------------------------------------
This message originated from a mobile.rogers.com webmail account. Ce message
provient d'un compte de courriel web mobile.rogers.com.
--------------------------------------------------------------------

----------------------------------------------------------------------------

Are your vulnerability scans producing just another report? Manage the
entire remediation process with StillSecure VAM's Vulnerability Repair
Workflow. Download a free 15-day trial:
http://www2.stillsecure.com/download/sf_vuln_list.html

----------------------------------------------------------------------------
Did you know that you have VNC running on your network?
Your hacker does. Plug your security holes now!
Download a free 15-day trial of VAM:
http://www2.stillsecure.com/download/sf_vuln_list.html

----------------------------------------------------------------------------
Did you know that you have VNC running on your network?
Your hacker does. Plug your security holes now!
Download a free 15-day trial of VAM:
http://www2.stillsecure.com/download/sf_vuln_list.html

----------------------------------------------------------------------------
Did you know that you have VNC running on your network?
Your hacker does. Plug your security holes now!
Download a free 15-day trial of VAM:
http://www2.stillsecure.com/download/sf_vuln_list.html



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:30 EDT