Penetration Testing mailing list archives
Re: Wireless PenTesters Hardware
From: "Javier Liendo" <javier () liendo net>
Date: Wed, 31 May 2006 19:13:27 -0500
hello campbell based on my experience i would say that first and of utterly importance: your wireless card...my recomendation would be either a Senao Long Range 200mW (prism 2.5 based) or a Ubiquiti Super Range Cardbus 300mW (atheros based)...depending on distances involved you should need (in case of the senao a *must*) a 2dBi or a 7dBi omnidirectional antenna (as always: more is better) regarding the laptop, in my experience any laptop that is capable of running backtrack (http://www.remote-exploit.org/index.php/BackTrack) is more than ok... regarding the tools, there is nothing better than aircrack (aircrack, aireplay, airodump) and kismet...(personal taste)...in fact, depending on the scope of your assesment (going beyond wep cracking) you should also need a lot of "the other more traditional" security tools...my own personal recommendation is that you should use a live distro like BackTrack... this is a very frequently asked question and there are a lot of info regarding this on the remote-exploit.org forums... regards javier On 5/31/06, Campbell Murray <campbell () encription co uk> wrote:
Hi this thread has been very slow, I am interested in getting this info too, anyone have anything to contribute? Campbell -----Original Message----- From: john.holmes () securewired com [mailto:john.holmes () securewired com] Sent: 23 May 2006 01:17 To: pen-test () securityfocus com Subject: Wireless PenTesters Hardware Hello List, I have been contracted by my company to perform a wireless hack for a large company. I am trying to figure out what hardware I need for this.. I have done this before but It has been a while.. Questions: What type of wireless card(s) do I need to buy? I have used Orinoco 200Mw before but it was only 802.11B... I'm guessing I need a card that handles A/B/G? I am also interested in Evil-Twin attacks.. does this mean I need (2) cards or should I get one of those HOstAP cards that acts as an AP? I know the client is probably going to be using WPA or something similar.. so my best bet may be to use the strongest signal and try to get some of the users machines to lock into my fake AP... But then how would you route them back into the network using another card if you can't associate.. SO do I need a 802.11A/B/G card to do wireless hacks? Thanks, JH ---------------------------------------------------------------------------- -- This List Sponsored by: Cenzic Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details. ---------------------------------------------------------------------------- -- ------------------------------------------------------------------------------ This List Sponsored by: Cenzic Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details. ------------------------------------------------------------------------------
------------------------------------------------------------------------------ This List Sponsored by: CenzicConcerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------
Current thread:
- Wireless PenTesters Hardware john . holmes (May 23)
- RE: Wireless PenTesters Hardware Campbell Murray (May 31)
- Re: Wireless PenTesters Hardware Ivan . (May 31)
- Re: Wireless PenTesters Hardware Javier Liendo (May 31)
- RE: Wireless PenTesters Hardware Terry (May 31)
- RE: Wireless PenTesters Hardware Campbell Murray (May 31)