Hi J0e
Again most clients are starting to implement WPA2 (often Cisco) but
none so far have wireless IPS.
>* 802.1x - I haven't seen it on an assessment yet.
Not really my scene, but Didi, our head of R&D (who leads our
wireless testing) may have.
The person Pete mentioned above is me! So to answer your question, I
have only seen 802.1x via RADIUS implemented twice out of about 15
wireless audits...
>For wireless I pretty much just use Kisment/Aircrack-NG, but I'm really
>interested in wicrawl. Anyone using it on pentests yet?
Gonna have to ask Didi this, but mostly she uses a wireless packet
sniffer and analyses the results manually, making most tools
unnecessary. We did invest in Airopeek (I think) recently but
haven't played with it much yet.
I got so used to using packet sniffing for "casing the joint" in the
early days of wireless, I actually prefer it to a lot of the tools
that interpret the packets, so to speak, out there! Not least
because a lot of my work also involves investigating client devices
and their interactions! For me there's nothing like the "raw"
stuff! But then I am an old-ish fogey who still prefers to use CLI
FTP for managing our web site files than something GUI like FTP
Voyager! Yes, I think it's time I moved forward ;-)
Anyway, I haven't had the chance to play with Airopeek yet - that is
WIP for me. I am sad enough to say that I do really, really like the
GUI on NetStumbler that has many times helped me to physically locate
a rogue AP for example - faster than doing it from signal analysis
from packet sniffing. But since sometimes I want to physically
locate a client device, then packet sniffing using the SNR data is
the only way - unless anyone else knows a better one - I'd be really
interested if they did!??? Will have to have a look at wicrawl. I
do use Aircrack for proof-of-concept WEP stuff though and yes I do
sometimes use Kismet. It really depends on how low I have to go -
and/or how much detail and/or thoroughness the client wants.
Hope that helps
Best wishes
Didi
----------------------------------------------------------------------------------------------------------------------
Didi Barnes
Partner (Head of R&D)
First Base Technologies
www.fbtechies.co.uk
www.white-hats.co.uk
--------------------------------------------------------------------------------------------------------------------------
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
