Penetration Testing mailing list archives

RE: HW/SW Rogue AP Wireless Detection

From: "R. DuFresne" <dufresne () sysinfo com>
Date: Fri, 14 Mar 2003 15:05:28 -0500 (EST)


doesn't this  setiup though limit you to 802.11b scanning and thus leave
you open to rogue 802.11a AP's?

Thanks,

Ron DuFresne


On Fri, 14 Mar 2003, MILES John M wrote:

Completely agreed, in our war-drives through our facilities to find rouge
access points, the best combiniation we have found is an iPAQ, with the
dual-pcmcia sleeve, a Lucent/Orinoco card, mini-stumbler, and a good
external antenna.

-----Original Message-----
From: Rob Shein [mailto:shoten () starpower net] 
Sent: Friday, March 14, 2003 9:02 AM
To: 'Dan Lynch'; pen-test () securityfocus com
Subject: RE: HW/SW Rogue AP Wireless Detection

Dan,

Your better choice is an iPAQ with the PC Card "expansion sleeve plus,"
which adds a second battery to the equation.  This gives you longer life,
and also allows you to use a Lucent/Cisco PC Card adapter that can accept an
external antenna, which will give you better range.

-----Original Message-----
From: Dan Lynch [mailto:dan.lynch () placer ca gov]
Sent: Thursday, March 13, 2003 7:43 PM
To: pen-test () securityfocus com
Subject: Re: HW/SW Rogue AP Wireless Detection

Gary,

I recently acquired a Toshiba e740 for that purpose. It's a
reasonably priced and perfectly competent little Windows CE 
device. But I've also found that its wireless capabilities 
are limited due to the small amount of power available. 
First, running with the built-in antenna enabled depletes a 
full battery in under an hour. Second, you need to be pretty 
danged close to an AP to detect it.

As for software, PocketWarrior (www.pocketwarrior.org), and
Cirond's Winc (www.cirond.com/site/products/wifispotter), 
along with the built-in Windows CE "Wireless LAN Utility" 
does the trick. 

Finding these limitations though has sent me in search of a
better solution. From NetStumbler.org I found reference to 
www.fab-corp.com, where they offer LinkSys and DLink "starter 
kits" (antennas and cables), as well as NICs, etc. I hear 
they offer special discounts for "net stumblers". But I 
haven't tried out any of those solutions or compared prices yet. 

Best of luck,

Dan Lynch
County of Placer
Auburn, CA

Gary Nugent <garynugent () mobile rogers com> 03/12/03 10:27AM >>>

Hello, there, I am looking for anyone who has had experience
with a combined (pref. PDA) device for signal 
detection/analysis.  I am familiar with the Fluke Ipaq-based 
product 
(http://www.flukenetworks.com/us/LAN/Handheld+Testers/WaveRunn

er/Overview.htm),
but it is quite expensive (app. $2500 US or more).  The rogue AP detection
is a crucial part of this.  Any thoughts? 

Regards, 

Gary Nugent 
E gary.nugent () acrodex com 


--------------------------------------------------------------------
This message originated from a mobile.rogers.com webmail account. Ce message
provient d'un compte de courriel web mobile.rogers.com.
--------------------------------------------------------------------

----------------------------------------------------------------------------

Are your vulnerability scans producing just another report? Manage the
entire remediation process with StillSecure VAM's Vulnerability Repair
Workflow. Download a free 15-day trial:
http://www2.stillsecure.com/download/sf_vuln_list.html 





----------------------------------------------------------------------------
Did you know that you have VNC running on your network? 
Your hacker does. Plug your security holes now! 
Download a free 15-day trial of VAM:
http://www2.stillsecure.com/download/sf_vuln_list.html


----------------------------------------------------------------------------
Did you know that you have VNC running on your network? 
Your hacker does. Plug your security holes now! 
Download a free 15-day trial of VAM:
http://www2.stillsecure.com/download/sf_vuln_list.html

----------------------------------------------------------------------------
Did you know that you have VNC running on your network? 
Your hacker does. Plug your security holes now! 
Download a free 15-day trial of VAM:
http://www2.stillsecure.com/download/sf_vuln_list.html


-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior security consultant:  sysinfo.com
                        http://sysinfo.com

"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart

testing, only testing, and damn good at it too!


----------------------------------------------------------------------------
Did you know that you have VNC running on your network? 
Your hacker does. Plug your security holes now! 
Download a free 15-day trial of VAM:
http://www2.stillsecure.com/download/sf_vuln_list.html

Current thread:

HW/SW Rogue AP Wireless Detection Gary Nugent (Mar 13)
- Re: HW/SW Rogue AP Wireless Detection Shawn Grimes (Mar 14)
- Re: HW/SW Rogue AP Wireless Detection David T Hollis (Mar 14)
- Re: HW/SW Rogue AP Wireless Detection Mike Forrester (Mar 14)
  - Re: HW/SW Rogue AP Wireless Detection R. DuFresne (Mar 14)
- Re: HW/SW Rogue AP Wireless Detection Keith Akins (Mar 14)
- <Possible follow-ups>
- Re: HW/SW Rogue AP Wireless Detection Dan Lynch (Mar 14)
  - RE: HW/SW Rogue AP Wireless Detection Rob Shein (Mar 14)
- RE: HW/SW Rogue AP Wireless Detection MILES John M (Mar 14)
  - RE: HW/SW Rogue AP Wireless Detection R. DuFresne (Mar 14)
    - Re: HW/SW Rogue AP Wireless Detection Reyk Floeter (Mar 16)
- RE: HW/SW Rogue AP Wireless Detection MILES John M (Mar 14)
- RE: HW/SW Rogue AP Wireless Detection Joshua Wright (Mar 18)