Penetration Testing mailing list archives
RE: Wireless Scanning
From: "Rob Shein" <shoten () starpower net>
Date: Sat, 25 Sep 2004 15:18:34 -0400
While the 802.11x, bluetooth, and generic spycam scanning components are easy enough, when you get into countermeasures against real, professional-grade bugs you're getting into a whole new world. For one, you're going to have to throw down thousands on gear, and then you're just getting started. The basic gist of a bug sweep...and mind you, this will only detect bugs that are transmitting...is to do a sweep, locate sources of RF noise, eliminate them, and then repeat until the area is clean. You'll be amazed at how hard this is to do; the average modern environment is insanely noisy in terms of RF emissions. And then it won't catch bugs that are wired to a more distant transmitter, laser mics being bounced off of the windows, or doppler radar being used to detect the modulation of an object in the room in response to sound waves. The later scenarios show increasingly funded and well-trained adversaries, but the technology and skills aren't restricted to the realm of governments anymore, either.
-----Original Message----- From: Chuck Fullerton [mailto:chuckf69 () ceinetworks com] Sent: Friday, September 24, 2004 4:59 AM To: RoF@yahoo; Pen-Test Subject: Wireless Scanning Everyone, I'm currently looking for a tool (or compliment of tools) to perform Wireless Scanning during a Pen test. My plan is to Scan first for the presence of 802.11(whatever), bluetooth, spycams, bugs, etc. Once these are detected, then each of the items found can have their security tested. My goal of being able to do this is to Take a good security audit methodology (such as the OSSTMM) and scale it down for small to medium business effectively. Can any one recommend tools that they have used to detect these items? Chuck Fullerton CEH,OPST,CISSP,CSS1,CCNP,CCDA,CNA,A+ -------------------------------------------------------------- ---------------- Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization.
http://www.infosecinstitute.com/courses/ethical_hacking_training.html ---------------------------------------------------------------------------- --- ------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------------------------
Current thread:
- Wireless Scanning Chuck Fullerton (Sep 24)
- Re: Wireless Scanning Dave McCormick (Sep 24)
- RE: Wireless Scanning Jaeson Schultz (Sep 24)
- RE: Wireless Scanning Eyal Udassin (Sep 24)
- Re: [Ring-of-Fire] Wireless Scanning Joey Peloquin (Sep 25)
- RE: Wireless Scanning Rob Shein (Sep 27)
- RE: Wireless Scanning Chuck Fullerton (Sep 27)
- RE: Wireless Scanning R. DuFresne (Sep 28)
- Re: Wireless Scanning Konstantin V. Gavrilenko (Sep 28)
- <Possible follow-ups>
- RE: Wireless Scanning Carney, Mark (Sep 24)
- RE: Wireless Scanning Clarke, Tyronne (Contractor) (Sep 24)
- RE: Wireless Scanning DeGennaro, Gregory (Sep 27)
- Re:Wireless Scanning Ghaith Nasrawi (Sep 27)
- Re: Wireless Scanning admin (Sep 27)
- RE: Wireless Scanning Ben Cook (Sep 27)
- RE: Wireless Scanning Maliha Rashid (Sep 27)
(Thread continues...)