Wireless PenTesters Hardware

From: john.holmes@securewired.com
Date: Mon May 22 2006 - 20:17:28 EDT


('binary' encoding is not supported, stored as-is) Hello List,

I have been contracted by my company to perform a wireless hack for a large company. I am trying to figure out what hardware I need for this..

I have done this before but It has been a while..

Questions:
What type of wireless card(s) do I need to buy? I have used Orinoco 200Mw before but it was only 802.11B...

I'm guessing I need a card that handles A/B/G?

I am also interested in Evil-Twin attacks.. does this mean I need (2) cards or should I get one of those HOstAP cards that acts as an AP?

I know the client is probably going to be using WPA or something similar.. so my best bet may be to use the strongest signal and try to get some of the users machines to lock into my fake AP...

But then how would you route them back into the network using another card if you can't associate..

SO do I need a 802.11A/B/G card to do wireless hacks?

Thanks,

JH

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request@cenzic.com for details.
------------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:59 EDT