RE: HW/SW Rogue AP Wireless Detection

[MILES John M <John.Miles () co lane or us>]

Completely agreed, in our war-drives through our facilities to find rouge
access points, the best combiniation we have found is an iPAQ, with the
dual-pcmcia sleeve, a Lucent/Orinoco card, mini-stumbler, and a good
external antenna.

-----Original Message-----
From: Rob Shein [mailto:shoten () starpower net] 
Sent: Friday, March 14, 2003 9:02 AM
To: 'Dan Lynch'; pen-test () securityfocus com
Subject: RE: HW/SW Rogue AP Wireless Detection


Dan,

Your better choice is an iPAQ with the PC Card "expansion sleeve plus,"
which adds a second battery to the equation.  This gives you longer life,
and also allows you to use a Lucent/Cisco PC Card adapter that can accept an
external antenna, which will give you better range.

> -----Original Message-----
> From: Dan Lynch [mailto:dan.lynch () placer ca gov]
> Sent: Thursday, March 13, 2003 7:43 PM
> To: pen-test () securityfocus com
> Subject: Re: HW/SW Rogue AP Wireless Detection
>
>
> Gary,
>  
> I recently acquired a Toshiba e740 for that purpose. It's a
> reasonably priced and perfectly competent little Windows CE 
> device. But I've also found that its wireless capabilities 
> are limited due to the small amount of power available. 
> First, running with the built-in antenna enabled depletes a 
> full battery in under an hour. Second, you need to be pretty 
> danged close to an AP to detect it.
>  
> As for software, PocketWarrior (www.pocketwarrior.org), and
> Cirond's Winc (www.cirond.com/site/products/wifispotter), 
> along with the built-in Windows CE "Wireless LAN Utility" 
> does the trick. 
>  
> Finding these limitations though has sent me in search of a
> better solution. From NetStumbler.org I found reference to 
> www.fab-corp.com, where they offer LinkSys and DLink "starter 
> kits" (antennas and cables), as well as NICs, etc. I hear 
> they offer special discounts for "net stumblers". But I 
> haven't tried out any of those solutions or compared prices yet. 
>  
> Best of luck,
>  
> Dan Lynch
> County of Placer
> Auburn, CA
>
>
> > > > Gary Nugent <garynugent () mobile rogers com> 03/12/03 10:27AM >>>
> Hello, there, I am looking for anyone who has had experience
> with a combined (pref. PDA) device for signal 
> detection/analysis.  I am familiar with the Fluke Ipaq-based 
> product 
> (http://www.flukenetworks.com/us/LAN/Handheld+Testers/WaveRunn
er/Overview.htm),
but it is quite expensive (app. $2500 US or more).  The rogue AP detection
is a crucial part of this.  Any thoughts? 

Regards, 

Gary Nugent 
E gary.nugent () acrodex com 


--------------------------------------------------------------------
This message originated from a mobile.rogers.com webmail account. Ce message
provient d'un compte de courriel web mobile.rogers.com.
--------------------------------------------------------------------

----------------------------------------------------------------------------

Are your vulnerability scans producing just another report? Manage the
entire remediation process with StillSecure VAM's Vulnerability Repair
Workflow. Download a free 15-day trial:
http://www2.stillsecure.com/download/sf_vuln_list.html 





----------------------------------------------------------------------------
Did you know that you have VNC running on your network? 
Your hacker does. Plug your security holes now! 
Download a free 15-day trial of VAM:
http://www2.stillsecure.com/download/sf_vuln_list.html


----------------------------------------------------------------------------
Did you know that you have VNC running on your network? 
Your hacker does. Plug your security holes now! 
Download a free 15-day trial of VAM:
http://www2.stillsecure.com/download/sf_vuln_list.html

----------------------------------------------------------------------------
Did you know that you have VNC running on your network? 
Your hacker does. Plug your security holes now! 
Download a free 15-day trial of VAM:
http://www2.stillsecure.com/download/sf_vuln_list.html