RE: HW/SW Rogue AP Wireless Detection

From: R. DuFresne (dufresne@sysinfo.com)
Date: Fri Mar 14 2003 - 15:05:28 EST


doesn't this setiup though limit you to 802.11b scanning and thus leave
you open to rogue 802.11a AP's?

Thanks,

Ron DuFresne

On Fri, 14 Mar 2003, MILES John M wrote:

> Completely agreed, in our war-drives through our facilities to find rouge
> access points, the best combiniation we have found is an iPAQ, with the
> dual-pcmcia sleeve, a Lucent/Orinoco card, mini-stumbler, and a good
> external antenna.
>
> -----Original Message-----
> From: Rob Shein [mailto:shoten@starpower.net]
> Sent: Friday, March 14, 2003 9:02 AM
> To: 'Dan Lynch'; pen-test@securityfocus.com
> Subject: RE: HW/SW Rogue AP Wireless Detection
>
>
> Dan,
>
> Your better choice is an iPAQ with the PC Card "expansion sleeve plus,"
> which adds a second battery to the equation. This gives you longer life,
> and also allows you to use a Lucent/Cisco PC Card adapter that can accept an
> external antenna, which will give you better range.
>
> > -----Original Message-----
> > From: Dan Lynch [mailto:dan.lynch@placer.ca.gov]
> > Sent: Thursday, March 13, 2003 7:43 PM
> > To: pen-test@securityfocus.com
> > Subject: Re: HW/SW Rogue AP Wireless Detection
> >
> >
> > Gary,
> >
> > I recently acquired a Toshiba e740 for that purpose. It's a
> > reasonably priced and perfectly competent little Windows CE
> > device. But I've also found that its wireless capabilities
> > are limited due to the small amount of power available.
> > First, running with the built-in antenna enabled depletes a
> > full battery in under an hour. Second, you need to be pretty
> > danged close to an AP to detect it.
> >
> > As for software, PocketWarrior (www.pocketwarrior.org), and
> > Cirond's Winc (www.cirond.com/site/products/wifispotter),
> > along with the built-in Windows CE "Wireless LAN Utility"
> > does the trick.
> >
> > Finding these limitations though has sent me in search of a
> > better solution. From NetStumbler.org I found reference to
> > www.fab-corp.com, where they offer LinkSys and DLink "starter
> > kits" (antennas and cables), as well as NICs, etc. I hear
> > they offer special discounts for "net stumblers". But I
> > haven't tried out any of those solutions or compared prices yet.
> >
> > Best of luck,
> >
> > Dan Lynch
> > County of Placer
> > Auburn, CA
> >
> >
> > >>> Gary Nugent <garynugent@mobile.rogers.com> 03/12/03 10:27AM >>>
> > Hello, there, I am looking for anyone who has had experience
> > with a combined (pref. PDA) device for signal
> > detection/analysis. I am familiar with the Fluke Ipaq-based
> > product
> > (http://www.flukenetworks.com/us/LAN/Handheld+Testers/WaveRunn
> er/Overview.htm),
> but it is quite expensive (app. $2500 US or more). The rogue AP detection
> is a crucial part of this. Any thoughts?
>
> Regards,
>
> Gary Nugent
> E gary.nugent@acrodex.com
>
>
> --------------------------------------------------------------------
> This message originated from a mobile.rogers.com webmail account. Ce message
> provient d'un compte de courriel web mobile.rogers.com.
> --------------------------------------------------------------------
>
> ----------------------------------------------------------------------------
>
> Are your vulnerability scans producing just another report? Manage the
> entire remediation process with StillSecure VAM's Vulnerability Repair
> Workflow. Download a free 15-day trial:
> http://www2.stillsecure.com/download/sf_vuln_list.html
>
>
>
>
>
> ----------------------------------------------------------------------------
> Did you know that you have VNC running on your network?
> Your hacker does. Plug your security holes now!
> Download a free 15-day trial of VAM:
> http://www2.stillsecure.com/download/sf_vuln_list.html
>
>
> ----------------------------------------------------------------------------
> Did you know that you have VNC running on your network?
> Your hacker does. Plug your security holes now!
> Download a free 15-day trial of VAM:
> http://www2.stillsecure.com/download/sf_vuln_list.html
>
> ----------------------------------------------------------------------------
> Did you know that you have VNC running on your network?
> Your hacker does. Plug your security holes now!
> Download a free 15-day trial of VAM:
> http://www2.stillsecure.com/download/sf_vuln_list.html
>

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior security consultant:  sysinfo.com
                        http://sysinfo.com
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart
testing, only testing, and damn good at it too!
----------------------------------------------------------------------------
Did you know that you have VNC running on your network? 
Your hacker does. Plug your security holes now! 
Download a free 15-day trial of VAM:
http://www2.stillsecure.com/download/sf_vuln_list.html


This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:30 EDT