From: Jonathan Rickman (jonathan@xcorps.net)
Date: Wed Sep 03 2003 - 15:23:07 EDT
On Wednesday 03 September 2003 05:05, Andy Dockerty wrote:
> Consider your average environment; there is nearly always a comms
> cupboard, riser or under-floor access for cabling. A small form factor
> device such as the Cappuccino series from Thinkgeek.com. This has storage
> space aplenty and can be installed with a full OS or Linux distribution.
> Add a USB wireless adapter and you have a wireless snooping device. By
> using, say freeswan or ssh you can afford a degree of protection to the
> data you capture from the client's network. You can choose your OS and
> toolset as long as it is compatible with a standard X86 architecture.
> Given the circumstances you have described, I would be looking at
> figuring out how to conceal a marginally larger sniffing platform, within
> the target environment.
POE is great and all, but is not really in widespread use in most offices.
If we ditch the requirement for POE and accept a stealth solution that can
be used with on premise power, the UPS (undetectable packet sniffer) as
presented at DEFCON this year is probably the ideal platform.
http://defcon.org/html/defcon-11/defcon-11-speakers.html#Spyde~1
Adding wireless capability should be trivial.
-- Jonathan Rickman X Corps Security http://www.xcorps.net --------------------------------------------------------------------------- FREE Trial! New for security consultants and in-house pros: FOUNDSTONE PROFESSIONAL and PROFESSIONAL TL software. Fast, reliable vulnerability assessment technology powered by the award-winning FoundScan engine. Try it free for 21 days at: http://www.securityfocus.com/sponsor/Foundstone_pen-test_030825 ----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:39 EDT