Penetration Testing mailing list archives
Re: Wireless Pent-Test
From: "MARTIN M. Bénoni" <benoni_martin () hotmail com>
Date: Fri, 10 Oct 2003 13:30:36 +0000
Hi community! Some other tools for your pen-test: - Airsnort. Many told about this, I will not come back on it. - WEPCrack. Look the same that Airsnort.- Sniffer Wireless. It counts the number of sent packets splitting them in control packets and management packets. It gives also some stats an all stations. It can also look for the private key usni the weak keys of RC4 and clear-text attacks.
- PrismSnort, - Prismdump (www.guerrilla.net/gnet_linux_software.html) - AirTraf (sourceforge.net/projects/airtraf), - AirIDS (www.internetcomealive.com/clients/airids). - AirTraf Linux (sourceforge.net/projects/airtraf), - GtkScan/PerlSkan (sourceforge.net/projects/wavelan-tools/), - Kismet (www.kismetwireless.net), - PrismStumbler (prismstumbler.sourceforge.net), - Wardrive (www.thehackerschoice.com). - NetStumbler (www.netstumbler.org)- WiFi Scanner (www.hsc.fr/ressources/outils/wifiscanner/) + GraphViz (www.graphviz.org).
Good luck! :)
*********** REPLY SEPARATOR *********** On 10/6/2003 at 5:09 PM Daniel Nylander wrote: >Getting the WEP-key from a WLAN is "pretty" simple.>Download airsnort, wepcrack, kismet and other usefull tools.. then capture>enough packets to wepcrack and .. voila! > >Daniel > >----- Original Message ----- >From: "Cesar Diaz" <cesadiz () yahoo com> >To: <pen-test () securityfocus com> >Sent: Sunday, October 05, 2003 3:16 AM >Subject: Wireless Pent-Test > > >> >> >> Remote users in my company have been begging for permission to use >wireless NICs in their laptops for awhile now. When they are not on the >road, most of them work from home and would like to be able to use their >laptops anywhere in their house. >>>> Due to our industry and business requierements, we have to document every >process and method used to access our data and prove that we've tested the>security of our data.In order to let the users go wireless I have to show >that I've tested the security on a wireless network. >> >> Our idea is to let the users buy wireless routers to connect to their>cable/dsl routers and then wireless PCMCIA or USB cards on the laptop. We>would implement 128 bit WEP security to prevent unauthorized access. I>realize that WEP does not provide for stringent security, but we feel that>by forcing users to change their WEP key regularly we can meet our >requierements. >>>> My question is, how do I test WEP and document wether or not it's secure? >Any way to sniff for WEP keys, or to brute force attack a WEP session? If>there is, how hard is it to set up? How much of a risk of a wireless>connection with WEP enabled to be comprimised other than a dedicated, brute>force attack? >> >> Any information is greatly appreciated. >> >> >> Cesar >> >> >-------------------------------------------------------------------------- >- >> Tired of constantly searching the web for the latest exploits? >> Tired of using 300 different tools to do one job? >> Get CORE IMPACT and get some rest. >> www.coresecurity.com/promos/sf_ept2 >> >-------------------------------------------------------------------------- >-- >> >> > > > >--------------------------------------------------------------------------- >Tired of constantly searching the web for the latest exploits? >Tired of using 300 different tools to do one job? >Get CORE IMPACT and get some rest. >www.coresecurity.com/promos/sf_ept2 >---------------------------------------------------------------------------- --------------------------------------------------------------------------- Tired of constantly searching the web for the latest exploits? Tired of using 300 different tools to do one job? Get CORE IMPACT and get some rest. www.coresecurity.com/promos/sf_ept2 ----------------------------------------------------------------------------
_________________________________________________________________The new MSN 8: smart spam protection and 2 months FREE* http://join.msn.com/?page=features/junkmail
--------------------------------------------------------------------------- Tired of constantly searching the web for the latest exploits? Tired of using 300 different tools to do one job? Get CORE IMPACT and get some rest. www.coresecurity.com/promos/sf_ept2 ----------------------------------------------------------------------------
Current thread:
- Re: Wireless Pent-Test, (continued)
- Re: Wireless Pent-Test Michael J. Semaniuk (Oct 06)
- Re: Wireless Pent-Test goat (Oct 06)
- RE: Wireless Pent-Test Steve De Doncker (Oct 06)
- RE: Wireless Pent-Test Artes, Francisco (Oct 06)
- RE: Wireless Pent-Test Matthew Wagenknecht (Oct 06)
- RE: Wireless Pent-Test MJohnst5 (Oct 06)
- RE: Wireless Pent-Test Keith T. Morgan (Oct 06)
- Re: Wireless Pent-Test Gregory Spath (Oct 06)
- RE: Wireless Pent-Test Keith T. Morgan (Oct 07)
- Re: Re: Wireless Pent-Test Anish (Oct 09)
- Re: Wireless Pent-Test MARTIN M. Bénoni (Oct 10)
- Re: Wireless Pent-Test Michael J. Semaniuk (Oct 06)