Re: Wireless pentesting requirements

[Mister Coffee <live4java () stormcenter net>]

This is proving an interesting thread.  My personal angle is as a hobbiest and amature radio operator with an interest 
in Penetration Testing.  I'm in Information Security, though I do Incident Response rather than primarily Pen-Testing.

A couple of interesting points have come up.

First: Your selection of antenna and card will depend on your specific requiremements.  If you are trying to identify 
the existence of nodes or AP's you'll need intermediate to wide beamwidth and low to moderate gain.  If you're trying 
to localize an AP, you'll want a narrow beam and higher gain. 

Side note:  Most Ham RDF equipment gets it's line of position from a deep Null in the antenna's pattern, not a high 
gain lobe.  The same thing would probably apply here as well.  Radio is, after all, radio.

Your rules of engagement will probably determine the sort of antenna you'll need for the actual penetration.  Though I 
suspect high gain and narrow beamwidth would be an asset in any penetration scenario.

Second:  Several people have mentioned the need to maintain a professional image.  A good point that I don't consider 
as a hobbiest.  A Pringles Can antenna may give you decent gain, but they look like, well, a Pringles Can, which is 
probably not the professional image you'd want to project.  That alone may rule out many home-brew antennas - and 
require the expenditure of some real cash to get appropriate kit.

So, to go back to what started this all, what kind of antenna and card you need depends on:

A: Are you Identifying, or Localizing?
B: Does Professional Image matter?
C: How much do you want to spend?

That about sum it up?

Cheers,
L4J