Re: Gear

[Pete Herzog <lists () isecom org>]

Hi Jan, et al.,

You bring up a good point.  Having a robust system or two for interception 
and monitoring is important for network level analysis.  While laptops are 
getting better, faster, and more like desktop PCs, it might be an 
investment not worth making especially when laptops have still such a huge 
failure rate (something around 25% go back to the shop for repairs- I 
myself have lost 3 out of 10 to motherboard failure).  You don't want that 
happening on the job!

Laptops are fine for simple wireless networks tests but you should consider 
getting a more formidable spectrum analyzer from a reputable company.  Many 
of the OSSTMM 3 wireless tests are within spectrum ranges most laptops 
can't touch. When it comes to testing for interference, privacy, anomalies, 
and human safety, you can't stay within the confines of the traditional 
wireless modes.  Considering that damaged, imported, and even older packet 
radio technology will slip right through your fingers.  It's not hard to 
get a packet fax on Ebay as used on boats and start sending out documents. 
 Will you detect that with your laptop?  How about devices using freq. 
ranges legal and present in one country but not yours (WiFi Channel 14?). 
Criminals will not follow the EM spectrum rules and you need to find these 
leaks.

Depending on the tests you do inside there is a lot of gear you might need 
from air quality sniffers to cameras which can see infrared and measure 
light intensity.  OSSTMM 3 goes into detail on what these tests are.

Anyway, I have yet to find a decent spectrum analyzer or many of the other 
tools that are needed for a successful test scenario. Good luck!

-pete.


Jan Heisterkamp wrote:
> Hi Peter,
> you will be astonished, I don't use laptops exeptual I go wireless, then 
> I have to, no PDA's and no sonic ear type devices.
> I carry my ATX towers, cables keyboards, a good stack of paper, pencils, 
> calculator, references where needed, Software - mostly open source, 
> enough cigarretes, "dos pinos"-strawberrymilk, water, Maruchan or Ramen 
> Instantnoodlesoups.
> I take my notices  with a  txt-editor or doing screeshots and all the 
> rest  I write down by hand -old shool...
>
> In the past years I often heard from customers the question "And where 
> is your laptop" and I alway had the feeling that they think, the 
> posession of a laptop is a important proof of competence; the world 
> turned crazy, enjoy!

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------