Penetration Testing mailing list archives
RE: HW/SW Rogue AP Wireless Detection
From: "R. DuFresne" <dufresne () sysinfo com>
Date: Fri, 14 Mar 2003 15:05:28 -0500 (EST)
doesn't this setiup though limit you to 802.11b scanning and thus leave you open to rogue 802.11a AP's? Thanks, Ron DuFresne On Fri, 14 Mar 2003, MILES John M wrote:
Completely agreed, in our war-drives through our facilities to find rouge access points, the best combiniation we have found is an iPAQ, with the dual-pcmcia sleeve, a Lucent/Orinoco card, mini-stumbler, and a good external antenna. -----Original Message----- From: Rob Shein [mailto:shoten () starpower net] Sent: Friday, March 14, 2003 9:02 AM To: 'Dan Lynch'; pen-test () securityfocus com Subject: RE: HW/SW Rogue AP Wireless Detection Dan, Your better choice is an iPAQ with the PC Card "expansion sleeve plus," which adds a second battery to the equation. This gives you longer life, and also allows you to use a Lucent/Cisco PC Card adapter that can accept an external antenna, which will give you better range.-----Original Message----- From: Dan Lynch [mailto:dan.lynch () placer ca gov] Sent: Thursday, March 13, 2003 7:43 PM To: pen-test () securityfocus com Subject: Re: HW/SW Rogue AP Wireless Detection Gary, I recently acquired a Toshiba e740 for that purpose. It's a reasonably priced and perfectly competent little Windows CE device. But I've also found that its wireless capabilities are limited due to the small amount of power available. First, running with the built-in antenna enabled depletes a full battery in under an hour. Second, you need to be pretty danged close to an AP to detect it. As for software, PocketWarrior (www.pocketwarrior.org), and Cirond's Winc (www.cirond.com/site/products/wifispotter), along with the built-in Windows CE "Wireless LAN Utility" does the trick. Finding these limitations though has sent me in search of a better solution. From NetStumbler.org I found reference to www.fab-corp.com, where they offer LinkSys and DLink "starter kits" (antennas and cables), as well as NICs, etc. I hear they offer special discounts for "net stumblers". But I haven't tried out any of those solutions or compared prices yet. Best of luck, Dan Lynch County of Placer Auburn, CAGary Nugent <garynugent () mobile rogers com> 03/12/03 10:27AM >>>Hello, there, I am looking for anyone who has had experience with a combined (pref. PDA) device for signal detection/analysis. I am familiar with the Fluke Ipaq-based product (http://www.flukenetworks.com/us/LAN/Handheld+Testers/WaveRunner/Overview.htm), but it is quite expensive (app. $2500 US or more). The rogue AP detection is a crucial part of this. Any thoughts? Regards, Gary Nugent E gary.nugent () acrodex com -------------------------------------------------------------------- This message originated from a mobile.rogers.com webmail account. Ce message provient d'un compte de courriel web mobile.rogers.com. -------------------------------------------------------------------- ---------------------------------------------------------------------------- Are your vulnerability scans producing just another report? Manage the entire remediation process with StillSecure VAM's Vulnerability Repair Workflow. Download a free 15-day trial: http://www2.stillsecure.com/download/sf_vuln_list.html ---------------------------------------------------------------------------- Did you know that you have VNC running on your network? Your hacker does. Plug your security holes now! Download a free 15-day trial of VAM: http://www2.stillsecure.com/download/sf_vuln_list.html ---------------------------------------------------------------------------- Did you know that you have VNC running on your network? Your hacker does. Plug your security holes now! Download a free 15-day trial of VAM: http://www2.stillsecure.com/download/sf_vuln_list.html ---------------------------------------------------------------------------- Did you know that you have VNC running on your network? Your hacker does. Plug your security holes now! Download a free 15-day trial of VAM: http://www2.stillsecure.com/download/sf_vuln_list.html
-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ admin & senior security consultant: sysinfo.com http://sysinfo.com "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart testing, only testing, and damn good at it too! ---------------------------------------------------------------------------- Did you know that you have VNC running on your network? Your hacker does. Plug your security holes now! Download a free 15-day trial of VAM: http://www2.stillsecure.com/download/sf_vuln_list.html
Current thread:
- HW/SW Rogue AP Wireless Detection Gary Nugent (Mar 13)
- Re: HW/SW Rogue AP Wireless Detection Shawn Grimes (Mar 14)
- Re: HW/SW Rogue AP Wireless Detection David T Hollis (Mar 14)
- Re: HW/SW Rogue AP Wireless Detection Mike Forrester (Mar 14)
- Re: HW/SW Rogue AP Wireless Detection R. DuFresne (Mar 14)
- Re: HW/SW Rogue AP Wireless Detection Keith Akins (Mar 14)
- <Possible follow-ups>
- Re: HW/SW Rogue AP Wireless Detection Dan Lynch (Mar 14)
- RE: HW/SW Rogue AP Wireless Detection Rob Shein (Mar 14)
- RE: HW/SW Rogue AP Wireless Detection MILES John M (Mar 14)
- RE: HW/SW Rogue AP Wireless Detection R. DuFresne (Mar 14)
- Re: HW/SW Rogue AP Wireless Detection Reyk Floeter (Mar 16)
- RE: HW/SW Rogue AP Wireless Detection R. DuFresne (Mar 14)
- RE: HW/SW Rogue AP Wireless Detection MILES John M (Mar 14)
- RE: HW/SW Rogue AP Wireless Detection Joshua Wright (Mar 18)