Volker Tanger <volker.tanger_at_discon.de> said:
> Why a "mini" version? The usual SOHO versions come with a 4port switch.
> Just choose one with an "uplink" port - and without external antennaes,
> if possible. For your attack choose an office where the network printer
> server is tucked away under a table - antennaes are simply too
> suspicious.
I agree with this approach. Assuming that you have the ability to power the
device, my best idea for this would be to use a Linksys WRT54G AP (or
something similar) and a small hub. The Linksys runs an embedded version of
Linux that can be customized as needed. Instructions can be found at:
http://www.batbox.org/wrt54g-linux.html
or
http://www.batbox.org/wrt54g.html
The URLs above provide a modification to the device that includes snort.
Assuming your intent is to passively capture traffic, you could deploy the
hub and access point to collect your sniffed information. It's a bit larger
than the form factor you were looking for but it's easy to use and cheaper
than building a dedicated mini PC for the task.
-Robert
--
Robert J. Brown
Email: rjb_at_robertjbrown.com
Web: http://www.robertjbrown.com
PGP Key: http://www.robertjbrown.com/rjbpgp.asc
---------------------------------------------------------------------------
FREE Whitepaper: Better Management for Network Security
Looking for a better way to manage your IP security?
Learn how Solsoft can help you:
- Ensure robust IP security through policy-based management
- Make firewall, VPN, and NAT rules interoperable across heterogeneous
networks
- Quickly respond to network events from a central console
Download our FREE whitepaper at:
http://www.securityfocus.com/sponsor/Solsoft_pen-test_031015
----------------------------------------------------------------------------
Received on Oct 21 2003
Intro
