Penetration Testing mailing list archives
Re: [Ring-of-Fire] Wireless Scanning
From: Joey Peloquin <joeyp () voteprivacy com>
Date: Fri, 24 Sep 2004 07:36:07 -0500
Chuck Fullerton wrote:
Everyone, I'm currently looking for a tool (or compliment of tools) to perform Wireless Scanning during a Pen test. My plan is to Scan first for the presence of 802.11(whatever), bluetooth, spycams, bugs, etc. Once these are detected, then each of the items found can have their security tested. My goal of being able to do this is to Take a good security audit methodology (such as the OSSTMM) and scale it down for small to medium business effectively. Can any one recommend tools that they have used to detect these items? Chuck Fullerton CEH,OPST,CISSP,CSS1,CCNP,CCDA,CNA,A+
Great idea, Chuck. In my experience, that market is virtually wide-open. As you suspect, no one tool can accomplish your goals, so with that in mind, here's a few suggestions to get you started.
Naturally, your laptop is your friend, and generally speaking, will be your primary tool. That said, grab the following scanner for bluetooth:
http://www.pentest.co.uk/cgi-bin/viewcat.cgi?cat=downloads§ion=01_bluetooth@stake has done a lot of stuff with bluetooth in the not-so distant past, so a little googling may turn up some tools and what-not they created for their research.
Microwave Detector (electronic bugs) http://www.eaprotection.com/counter/microbugdetector.htm WiFi Signal Finder WFS-1 (the king; this was one of the first out, and I love it) http://www.smartid.com.sg/prod01.htm Mobile Edge http://www.meritline.com/wifi-finder-wireless-internet.htmlMy boss just ordered this one for me yesterday, so I can't pass judgement on it yet.
I don't think I've met all of your requirements, but I'm hoping at least the stuff I had laying around can point you (and google ;) in the right direction.
Cheers, Joey Peloquin ------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------------------------
Current thread:
- Wireless Scanning Chuck Fullerton (Sep 24)
- Re: Wireless Scanning Dave McCormick (Sep 24)
- RE: Wireless Scanning Jaeson Schultz (Sep 24)
- RE: Wireless Scanning Eyal Udassin (Sep 24)
- Re: [Ring-of-Fire] Wireless Scanning Joey Peloquin (Sep 25)
- RE: Wireless Scanning Rob Shein (Sep 27)
- RE: Wireless Scanning Chuck Fullerton (Sep 27)
- RE: Wireless Scanning R. DuFresne (Sep 28)
- Re: Wireless Scanning Konstantin V. Gavrilenko (Sep 28)
- <Possible follow-ups>
- RE: Wireless Scanning Carney, Mark (Sep 24)
- RE: Wireless Scanning Clarke, Tyronne (Contractor) (Sep 24)
- RE: Wireless Scanning DeGennaro, Gregory (Sep 27)
- Re:Wireless Scanning Ghaith Nasrawi (Sep 27)
- Re: Wireless Scanning admin (Sep 27)
- RE: Wireless Scanning Ben Cook (Sep 27)
(Thread continues...)