Re: Wireless network assessment

From: c0ded (c0ded@stackoverflow.com.ar)
Date: Tue Oct 28 2003 - 08:34:31 EST


Sup,
First u will have to detect the targets AP(s) using
a app that understand 802.11b or a/g frames using a
wlan card in monitor mode, u have two kinds ok wireless detection
programs, 1 passive , 2 active.
the active one , sends like a probe request expecting a response from x ap
the passive , show all the packets that are passing thru your card.
most of w32 programs are active , and most of lnx are passive.

after u detected the targets AP
You will have to detect if they are using wep, vpn, 'open', etc
an then you will try to connect to the targets network / sniff some traffic
should help u out.

the tools:
Kismet lnx
netstumbler w32
aerosol w32
wepcrack lnx
airsnort lnx , w32

english is not my lenguage

 c ya

On Monday 27 October 2003 22:48, Andres Martinez wrote:
> I'm ready to perform my first wireless security assessment, I have some
> experience performing wired security assesments, more than the tools that
> are available to perform the scan, I'm concern for the testing methodology
> and procedures since I believe that the nature of the wireless world it is
> totally different, can somebody point me to the right direction
>
> thanks
>
> Andres
>
> ---------------------------------------------------------------------------
> Network with over 10,000 of the brightest minds in information security
> at the largest, most highly-anticipated industry event of the year.
> Don't miss RSA Conference 2004! Choose from over 200 class sessions and
> see demos from more than 250 industry vendors. If your job touches
> security, you need to be here. Learn more or register at
> http://www.securityfocus.com/sponsor/RSA_pen-test_031023
> and use priority code SF4.
> ---------------------------------------------------------------------------
>-

-- 
An effective way to deal with predators is to taste terrible.
---------------------------------------------------------------------------
Network with over 10,000 of the brightest minds in information security
at the largest, most highly-anticipated industry event of the year.
Don't miss RSA Conference 2004! Choose from over 200 class sessions and
see demos from more than 250 industry vendors. If your job touches
security, you need to be here. Learn more or register at
http://www.securityfocus.com/sponsor/RSA_pen-test_031023
and use priority code SF4.
----------------------------------------------------------------------------


This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:41 EDT