RE: Wireless PenTesters Hardware

[Jim Kelly <macubergeek () comcast net>]

I would suggest a prism based pcmcia card. I prefer the Senao NL2511 
card. Check on ebay. Google. should cost you about $70 including shipping.
I prefer linux, Kubuntu or some other Debian based distro. read 
www.nestumbler.org forums for how-to info.

good luck.

JimKxy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
He who dies with the most initials after their name, wins.
M(ust)C(all)S(omeone)E(lse)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

On Wed, 31 May 2006, Campbell Murray wrote:

> Hi this thread has been very slow, I am interested in getting this info too,
> anyone have anything to contribute?
>
> Campbell
>
>
> -----Original Message-----
> From: john.holmes () securewired com [mailto:john.holmes () securewired com]
> Sent: 23 May 2006 01:17
> To: pen-test () securityfocus com
> Subject: Wireless PenTesters Hardware
>
>
> Hello List,
>
>
>
> I have been contracted by my company to perform a wireless hack for a large
> company. I am trying to figure out what hardware I need for this..
>
>
>
> I have done this before but It has been a while..
>
>
>
> Questions:
>
> What type of wireless card(s) do I need to buy? I have used Orinoco 200Mw
> before but it was only 802.11B...
>
>
>
> I'm guessing I need a card that handles A/B/G?
>
>
>
> I am also interested in Evil-Twin attacks.. does this mean I need (2) cards
> or should I get one of those HOstAP cards that acts as an AP?
>
>
>
> I know the client is probably going to be using WPA or something similar..
> so my best bet may be to use the strongest signal and try to get some of the
> users machines to lock into my fake AP...
>
>
>
> But then how would you route them back into the network using another card
> if you can't associate..
>
>
>
> SO do I need a 802.11A/B/G card to do wireless hacks?
>
>
>
> Thanks,
>
>
>
> JH
>
> ----------------------------------------------------------------------------
> --
> This List Sponsored by: Cenzic
>
> Concerned about Web Application Security?
> Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
> Choice Award from eWeek. As attacks through web applications continue to
> rise,
> you need to proactively protect your applications from hackers. Cenzic has
> the
> most comprehensive solutions to meet your application security penetration
> testing and vulnerability management needs. You have an option to go with a
> managed service (Cenzic ClickToSecure) or an enterprise software
> (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
> help you: http://www.cenzic.com/news_events/wpappsec.php
> And, now for a limited time we can do a FREE audit for you to confirm your
> results from other product. Contact us at request () cenzic com for details.
> ----------------------------------------------------------------------------
> --
>
>
>
>
> ------------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Concerned about Web Application Security?
> Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
> Choice Award from eWeek. As attacks through web applications continue to rise,
> you need to proactively protect your applications from hackers. Cenzic has the
> most comprehensive solutions to meet your application security penetration
> testing and vulnerability management needs. You have an option to go with a
> managed service (Cenzic ClickToSecure) or an enterprise software
> (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
> help you: http://www.cenzic.com/news_events/wpappsec.php
> And, now for a limited time we can do a FREE audit for you to confirm your
> results from other product. Contact us at request () cenzic com for details.
> ------------------------------------------------------------------------------

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's 
Choice Award from eWeek. As attacks through web applications continue to rise, 
you need to proactively protect your applications from hackers. Cenzic has the 
most comprehensive solutions to meet your application security penetration 
testing and vulnerability management needs. You have an option to go with a 
managed service (Cenzic ClickToSecure) or an enterprise software 
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can 
help you: http://www.cenzic.com/news_events/wpappsec.php 
And, now for a limited time we can do a FREE audit for you to confirm your 
results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------