Penetration Testing mailing list archives
RE: Wireless Scanning
From: "R. DuFresne" <dufresne () sysinfo com>
Date: Mon, 27 Sep 2004 14:49:08 -0400 (EDT)
Chuck, Besides the fact, as has been laid out by many that there is no single tools or set of tools for all the variable technologies you are trying to track down, one of the biggest issues with a person tryin to tackle what you are about to is determining your perimiter. And that can be a big area of variation, depending upon the tools of potential attackers and intruders upon your perimiter. How far does the noise travel from toys not supposed to be present or poorly implimented. It will require more the trodding about from office and hallway to office and hallway, and more then a few walks about the parkinglot, with each and every toolset for each and ever possible technology you intend upon tracking. Thanks, Ron DuFresne On Mon, 27 Sep 2004, Chuck Fullerton wrote:
Everyone, I'd like to thank everyone for their responses. However, please remember when replying that I'm trying to detect the presence of these technologies first. I can enumerate them later. If we can first detect the presence we can save time during a pen test by not bothering to enumerate technologies that aren't present. Once we are able to do this we are able to take pentesting from the Enterprise level and start helping out the Small and Medium businesses with a Quality Pen Test that is just as thorough as the Enterprise level however without the cost and time needed for the larger corporations. Chuck Fullerton CEH,OPST,CISSP,CSS1,CCNP,CCDA,CNA,A+ -----Original Message----- From: Chuck Fullerton [mailto:chuckf69 () ceinetworks com] Sent: Friday, September 24, 2004 4:59 AM To: RoF@yahoo; Pen-Test Subject: Wireless Scanning Everyone, I'm currently looking for a tool (or compliment of tools) to perform Wireless Scanning during a Pen test. My plan is to Scan first for the presence of 802.11(whatever), bluetooth, spycams, bugs, etc. Once these are detected, then each of the items found can have their security tested. My goal of being able to do this is to Take a good security audit methodology (such as the OSSTMM) and scale it down for small to medium business effectively. Can any one recommend tools that they have used to detect these items? Chuck Fullerton CEH,OPST,CISSP,CSS1,CCNP,CCDA,CNA,A+ ---------------------------------------------------------------------------- -- Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. http://www.infosecinstitute.com/courses/ethical_hacking_training.html ---------------------------------------------------------------------------- --- ------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------------------------
-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ admin & senior security consultant: sysinfo.com http://sysinfo.com "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart testing, only testing, and damn good at it too!
Current thread:
- Wireless Scanning Chuck Fullerton (Sep 24)
- Re: Wireless Scanning Dave McCormick (Sep 24)
- RE: Wireless Scanning Jaeson Schultz (Sep 24)
- RE: Wireless Scanning Eyal Udassin (Sep 24)
- Re: [Ring-of-Fire] Wireless Scanning Joey Peloquin (Sep 25)
- RE: Wireless Scanning Rob Shein (Sep 27)
- RE: Wireless Scanning Chuck Fullerton (Sep 27)
- RE: Wireless Scanning R. DuFresne (Sep 28)
- Re: Wireless Scanning Konstantin V. Gavrilenko (Sep 28)
- <Possible follow-ups>
- RE: Wireless Scanning Carney, Mark (Sep 24)
- RE: Wireless Scanning Clarke, Tyronne (Contractor) (Sep 24)
- RE: Wireless Scanning DeGennaro, Gregory (Sep 27)
- Re:Wireless Scanning Ghaith Nasrawi (Sep 27)
- Re: Wireless Scanning admin (Sep 27)
- RE: Wireless Scanning Ben Cook (Sep 27)
- RE: Wireless Scanning Maliha Rashid (Sep 27)
- RE: Wireless Scanning Lodin, Steven {D106~Indianapolis} (Sep 27)
- RE: Wireless Scanning Jason T (Sep 28)
(Thread continues...)