Re: Mini Access Point

["Robert J. Brown" <rjb () robertjbrown com>]

Volker Tanger <volker.tanger () discon de> said:

> Why a "mini" version? The usual SOHO versions come with a 4port switch.
> Just choose one with an "uplink" port - and without external antennaes,
> if possible. For your attack choose an office where the network printer
> server is tucked away under a table - antennaes are simply too
> suspicious.

I agree with this approach. Assuming that you have the ability to power the 
device, my best idea for this would be to use a Linksys WRT54G AP (or 
something similar) and a small hub. The Linksys runs an embedded version of 
Linux that can be customized as needed. Instructions can be found at:

http://www.batbox.org/wrt54g-linux.html

or

http://www.batbox.org/wrt54g.html

The URLs above provide a modification to the device that includes snort. 
Assuming your intent is to passively capture traffic, you could deploy the 
hub and access point to collect your sniffed information. It's a bit larger 
than the form factor you were looking for but it's easy to use and cheaper 
than building a dedicated mini PC for the task.

-Robert

-- 
Robert J. Brown
Email:   rjb () robertjbrown com
Web:     http://www.robertjbrown.com
PGP Key: http://www.robertjbrown.com/rjbpgp.asc




---------------------------------------------------------------------------
FREE Whitepaper: Better Management for Network Security

Looking for a better way to manage your IP security?
Learn how Solsoft can help you:
- Ensure robust IP security through policy-based management
- Make firewall, VPN, and NAT rules interoperable across heterogeneous
networks
- Quickly respond to network events from a central console

Download our FREE whitepaper at:
http://www.securityfocus.com/sponsor/Solsoft_pen-test_031015
----------------------------------------------------------------------------