From: R. DuFresne (dufresne@sysinfo.com)
Date: Mon Sep 27 2004 - 14:49:08 EDT
Chuck,
Besides the fact, as has been laid out by many that there is no single
tools or set of tools for all the variable technologies you are trying to
track down, one of the biggest issues with a person tryin to tackle what
you are about to is determining your perimiter. And that can be a big
area of variation, depending upon the tools of potential attackers and
intruders upon your perimiter. How far does the noise travel from toys
not supposed to be present or poorly implimented. It will require more
the trodding about from office and hallway to office and hallway, and more
then a few walks about the parkinglot, with each and every toolset for
each and ever possible technology you intend upon tracking.
Thanks,
Ron DuFresne
On Mon, 27 Sep 2004, Chuck Fullerton wrote:
> Everyone,
>
> I'd like to thank everyone for their responses.
>
> However, please remember when replying that I'm trying to detect the
> presence of these technologies first. I can enumerate them later. If we
> can first detect the presence we can save time during a pen test by not
> bothering to enumerate technologies that aren't present. Once we are able
> to do this we are able to take pentesting from the Enterprise level and
> start helping out the Small and Medium businesses with a Quality Pen Test
> that is just as thorough as the Enterprise level however without the cost
> and time needed for the larger corporations.
>
> Chuck Fullerton
> CEH,OPST,CISSP,CSS1,CCNP,CCDA,CNA,A+
>
> -----Original Message-----
> From: Chuck Fullerton [mailto:chuckf69@ceinetworks.com]
> Sent: Friday, September 24, 2004 4:59 AM
> To: RoF@yahoo; Pen-Test
> Subject: Wireless Scanning
>
>
> Everyone,
>
> I'm currently looking for a tool (or compliment of tools) to perform
> Wireless Scanning during a Pen test. My plan is to Scan first for the
> presence of 802.11(whatever), bluetooth, spycams, bugs, etc. Once these are
> detected, then each of the items found can have their security tested. My
> goal of being able to do this is to Take a good security audit methodology
> (such as the OSSTMM) and scale it down for small to medium business
> effectively.
>
> Can any one recommend tools that they have used to detect these items?
>
> Chuck Fullerton
> CEH,OPST,CISSP,CSS1,CCNP,CCDA,CNA,A+
>
>
>
> ----------------------------------------------------------------------------
> --
> Ethical Hacking at the InfoSec Institute. All of our class sizes are
> guaranteed to be 12 students or less to facilitate one-on-one interaction
> with one of our expert instructors. Check out our Advanced Hacking course,
> learn to write exploits and attack security infrastructure. Attend a course
> taught by an expert instructor with years of in-the-field pen testing
> experience in our state of the art hacking lab. Master the skills of an
> Ethical Hacker to better assess the security of your organization.
>
> http://www.infosecinstitute.com/courses/ethical_hacking_training.html
> ----------------------------------------------------------------------------
> ---
>
>
>
> ------------------------------------------------------------------------------
> Ethical Hacking at the InfoSec Institute. All of our class sizes are
> guaranteed to be 12 students or less to facilitate one-on-one interaction
> with one of our expert instructors. Check out our Advanced Hacking course,
> learn to write exploits and attack security infrastructure. Attend a course
> taught by an expert instructor with years of in-the-field pen testing
> experience in our state of the art hacking lab. Master the skills of an
> Ethical Hacker to better assess the security of your organization.
>
> http://www.infosecinstitute.com/courses/ethical_hacking_training.html
> -------------------------------------------------------------------------------
>
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com
http://sysinfo.com
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
-- Johnny Hart
testing, only testing, and damn good at it too!
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:06 EDT