From: D'Amato Luigi (admin@securitywireless.info)
Date: Tue Jun 15 2004 - 04:08:53 EDT
You can find scheme, tool, link and other information on Wireless Security
on :
http://www.securitywireless.info
-----Messaggio Originale-----
Da: "Andre Ludwig" <andre.ludwig@gmail.com>
A: <andrew@arhont.com>
Cc: <pen-test@nym.hush.com>; <pen-test@securityfocus.com>
Data invio: giovedì 10 giugno 2004 20.19
Oggetto: Re: Wireless pentesting requirements
> I have found that cisco cards paired with kismet, make for one of the
> best site survey tools around. Then a good prism based card in
> conjunction with a hermes card to top it off for actual pen testing.
> (cisco works fine as well, but i just allways have my cisco card stuck
> to kismet to watch all the action on all channels at once)
>
> Just my two cents.
>
> I would write a bit more but i cant right now.
>
> Andre Ludwig CISSP
>
> On Wed, 09 Jun 2004 20:32:48 +0100, Andrew A. Vladimirov
> <mlists@arhont.com> wrote:
> >
> > pen-test@nym.hush.com wrote:
> > >>In an attempt to investigate the wlan in terms of pen-testing, i am
> > >>wondering what is the best antenna one would need and the best (in
>terms
> > >
> > > of wireless pen testing needs) wireless card around?
> > >
> > > Antenna
> > > As far as types go, you'll probably want dipole and yagi. Also look
> > > beyond the reported gain on an antenna and look at the type of cable
> > > and connectors because, if poorly shielded, they'll introduce _lots_
> > > of loss. Also look at the radiation patterns to make sure it's
adequate
> > > for your situation.
> >
> > Good omni (we use 12 dBi) and decent directional (we use 19 dBi but will
> > buy 24 dBi one, the beamwidth should not be more than 8 degrees). You'll
> > need high gain low beamwidth directionals to pinpoint devices,
> > triangulate attackers, blast through walls etc. And yes, pay a lot of
> > attention to the connectors and cables, especially pigtails. Always have
> > a spare pigtail with you - they get broken / worn out easily. Get proper
> > connectors from the start - a barrel adapter can introduce up to 2 dBm
loss.
> >
> > Our favourite sites for antennas, amplifiers and Co:
> >
> > http://www.fab-corp.com
> > http://www.hyperlinktech.com/
> > http://www.solwise.co.uk/networkingwireless.htm
> >
> >
> > >
> > > Cards
> > > I like the Senao (EnGenius in USA) cards as they've been the most
> > powerful
> > > I've come across (200mW output power for my 802.11b card). As far as
> > > chipsets are concerned, Prism2/Prism54 and Atheros are probably your
> > > best bets (Cisco Aironet is popular also). I'd definitely avoid
Broadcom
> > > chipsets.
> >
> > Prism2 is a must, you may need Atheros for 802.11a evaluation.
> > Our favourite card is SMC High Power EliteConnect - Prism2 chipset, 23
> > dBm power, excellent receiving sensitivity, removable dipole omni and
> > two decent external antenna connectors. Get a pair of them for some
> > man-in-the-middle attacks too.
> >
> > As to the wireless pentests per se, we wrote a fat handbook about it
> > that would be shipped on 25th this month. Check out www.wi-foo.com and
> > look at the table of contents, Appendix G is our official wireless
> > pentesting template we use when working with clients and it is 16 pages
> > long :) Also check out the list of tools on the site (sorry, open source
> > only ! :)
> >
> > Cheers,
> > Andrew
> >
> > --
> > Dr. Andrew A. Vladimirov
> > CISSP #34081, CWNA, CCNP/CCDP, TIA Linux+
> > CSO
> > Arhont Ltd - Information Security.
> >
> > Web: http://www.arhont.com
> > http://www.wi-foo.com
> > Tel: +44 (0)870 44 31337
> > Fax: +44 (0)117 969 0141
> > GPG: Key ID - 0x1D312310
> > GPG: Server - gpg.arhont.com
> >
> >
>
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:56 EDT