From: Javier Liendo (javier@liendo.net)
Date: Wed May 31 2006 - 20:13:27 EDT
hello campbell
based on my experience i would say that first and of utterly
importance: your wireless card...my recomendation would be either a
Senao Long Range 200mW (prism 2.5 based) or a Ubiquiti Super Range
Cardbus 300mW (atheros based)...depending on distances involved you
should need (in case of the senao a *must*) a 2dBi or a 7dBi
omnidirectional antenna (as always: more is better)
regarding the laptop, in my experience any laptop that is capable of
running backtrack (http://www.remote-exploit.org/index.php/BackTrack)
is more than ok...
regarding the tools, there is nothing better than aircrack (aircrack,
aireplay, airodump) and kismet...(personal taste)...in fact, depending
on the scope of your assesment (going beyond wep cracking) you should
also need a lot of "the other more traditional" security tools...my
own personal recommendation is that you should use a live distro like
BackTrack...
this is a very frequently asked question and there are a lot of info
regarding this on the remote-exploit.org forums...
regards
javier
On 5/31/06, Campbell Murray <campbell@encription.co.uk> wrote:
>
> Hi this thread has been very slow, I am interested in getting this info too,
> anyone have anything to contribute?
>
> Campbell
>
>
> -----Original Message-----
> From: john.holmes@securewired.com [mailto:john.holmes@securewired.com]
> Sent: 23 May 2006 01:17
> To: pen-test@securityfocus.com
> Subject: Wireless PenTesters Hardware
>
>
> Hello List,
>
>
>
> I have been contracted by my company to perform a wireless hack for a large
> company. I am trying to figure out what hardware I need for this..
>
>
>
> I have done this before but It has been a while..
>
>
>
> Questions:
>
> What type of wireless card(s) do I need to buy? I have used Orinoco 200Mw
> before but it was only 802.11B...
>
>
>
> I'm guessing I need a card that handles A/B/G?
>
>
>
> I am also interested in Evil-Twin attacks.. does this mean I need (2) cards
> or should I get one of those HOstAP cards that acts as an AP?
>
>
>
> I know the client is probably going to be using WPA or something similar..
> so my best bet may be to use the strongest signal and try to get some of the
> users machines to lock into my fake AP...
>
>
>
> But then how would you route them back into the network using another card
> if you can't associate..
>
>
>
> SO do I need a 802.11A/B/G card to do wireless hacks?
>
>
>
> Thanks,
>
>
>
> JH
>
> ----------------------------------------------------------------------------
> --
> This List Sponsored by: Cenzic
>
> Concerned about Web Application Security?
> Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
> Choice Award from eWeek. As attacks through web applications continue to
> rise,
> you need to proactively protect your applications from hackers. Cenzic has
> the
> most comprehensive solutions to meet your application security penetration
> testing and vulnerability management needs. You have an option to go with a
> managed service (Cenzic ClickToSecure) or an enterprise software
> (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
> help you: http://www.cenzic.com/news_events/wpappsec.php
> And, now for a limited time we can do a FREE audit for you to confirm your
> results from other product. Contact us at request@cenzic.com for details.
> ----------------------------------------------------------------------------
> --
>
>
>
>
> ------------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Concerned about Web Application Security?
> Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
> Choice Award from eWeek. As attacks through web applications continue to rise,
> you need to proactively protect your applications from hackers. Cenzic has the
> most comprehensive solutions to meet your application security penetration
> testing and vulnerability management needs. You have an option to go with a
> managed service (Cenzic ClickToSecure) or an enterprise software
> (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
> help you: http://www.cenzic.com/news_events/wpappsec.php
> And, now for a limited time we can do a FREE audit for you to confirm your
> results from other product. Contact us at request@cenzic.com for details.
> ------------------------------------------------------------------------------
>
>
------------------------------------------------------------------------------
This List Sponsored by: Cenzic
Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request@cenzic.com for details.
------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:56:01 EDT