Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Wireless assessment

from [Mister Coffee] Network Security [Permanent Link]
Subject: Re: Wireless assessment
Date: Tue, 24 Jul 2007 12:22:15 -0700
rajat swarup wrote: 
Hi Pen-Testers,
Needed some advice from your experience:

Which is the best card, antenna and GPS combination for performing
wireless assessments?

I have picked up the EliteConnect SMC 2532W-B, Garmin Nuvi 350.
Anyone experienced any problems with this?

Thanks and regards, 
A bit late to respond, but here goes.

There appears to be no single "best" wireless card. They each have some quirks, and, in an ideal test, you'd be able to run several combinations of OS and Card at the same time. I'm rather fond of the Proxym (Atheros) cards myself, and for years ran a Cisco card with an external antenna.

Antennas for wireless penetration are kind of a mixed bag. What are you really trying to gain? When hunting for rogue Access Points or hidden clients, directionality is important - but most directional antennas also give you a lot of gain, which is often NOT what you want. Still haven't settled on the best compromise, but I lean towards a multi-element Yagi with some attenuation to make up for the gain.

If you're looking for range, a big horn works wonders.

The GPS portion is a different animal. Most GPS receivers absolutely suck indoors. We don't even bother with them when we're doing a building. That said, you want one that has an output format you can read. NMEA0183 is a good standard. You might want to look at something like a Garmin 18 (hockey puck on a USB cable) or the 72/76 series. The 72 and 76 series are designed for Marine use and put out standard NMEA0183. Magellan and others make similar units.

None of them work well indoors. Most are available over the internet for under $200. If you go with a small one, like an eTrex, make sure it can output to other devices. All the marine ones can.

Anyway, good luck!

Cheers,
L4J

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Vulnerability Assessment, Pete Herzog
Next by Date:  Re: Re: Are paypal buttons secure from e-lifting? Is this data secure?, steingra
Previous by Thread:  Re: Wireless assessment, Cedric Blancher
Next by Thread:  Re: Wireless assessment, eladexposed
Indexes:  [Date] [Thread] [Top] [All Lists]