Penetration Testing mailing list archives
Re: OpenAir pen-testing
From: "Paul Melson" <pmelson () gmail com>
Date: Wed, 11 Jul 2007 08:06:59 -0400
Does anyone have any experience with pen-testing or general security setup/issues of any "OpenAir" wireless devices? It appears to be a pre-802.11 wlan protocol from proxim.
It's actually not pre-802.11. It's nothing like it. It's FHSS (frequency hopping spread spectrum), while 802.11 (and its precursor WaveLAN) are DSSS (direct sequence). You you will need special hardware to test this network. Proxim made RangeLAN2 PCMCIA cards that work with Win2K and Linux. (They probably work fine with XP also, but I've never tried.) Last time I tried, Knoppix came with the rl2 driver and loaded with my card just fine. The Security ID you mentioned is stored in the firmware of the NIC itself. It's blank by default, which is pretty much what you have to hope for, because the Security ID is actually the key for frequency modulation. Sniffing without it is essentially impossible since your card won't be listening to the right frequency at the right time, and while you could write a script to try and brute force the key with proxcfg, it's theoretically 36^20, so that could take a smidge more time than you have for this work. More here: http://kristi.erdves.lt/books/wireless/rl2security.pdf Good luck! PaulM PS - If you can't find a card, e-mail me off-list. I doubt I'll use mine again. ------------------------------------------------------------------------ This List Sponsored by: Cenzic Swap Out your SPI or Watchfire app sec solution for Cenzic's robust, accurate risk assessment and management solution FREE - limited Time Offer http://www.cenzic.com/wf-spi ------------------------------------------------------------------------
Current thread:
- OpenAir pen-testing Aaron Peterson (Jul 10)
- Re: OpenAir pen-testing Paul Melson (Jul 11)
- Re: OpenAir pen-testing Michael Painter (Jul 13)
- <Possible follow-ups>
- Re: OpenAir pen-testing hwertz (Jul 12)
- Re: OpenAir pen-testing Paul Melson (Jul 11)