Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Wireless Audit Reports

From: "Kyle Maxwell" <krmaxwell () gmail com>
Date: Thu, 30 Mar 2006 07:40:40 -0600
On 3/29/06, Matthew Webster <awakenings () mindspring com> wrote:

      Now a traditional wireless audit would be easy.  I could report
the signal strengths of our devices, if the SSID's are correct, are
non-broadcast, etc.  That would be an easy report to create after data
collection.  In this case, I am trying to prove a negative.  I can list
networks, signal strengths, etc. but I feel like I am fluffing the
report with meaningless and time wasting statistics.  Does anyone have
any experience in what they would report under these circumstances?


I'd think the strongest statement you could make would be that, at a
given date and time, no 802.11x broadcast sources were detected from
within a given facility.

--
Kyle Maxwell
http://caffeinatedsecurity.com
[krmaxwell () gmail com]

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
As attacks through web applications continue to rise, you need to proactively
protect your applications from hackers. Cenzic has the most comprehensive
solutions to meet your application security penetration testing and
vulnerability management needs. You have an option to go with a managed
service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm).
Download FREE whitepaper on how a managed service can help you:
http://www.cenzic.com/forms/ec.php?pubid=10025
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request () cenzic com
------------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: