Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: [Ring-of-Fire] Wireless Scanning
From: Joey Peloquin <joeyp () voteprivacy com>
Date: Fri, 24 Sep 2004 07:36:07 -0500

Chuck Fullerton wrote:
Everyone,

I'm currently looking for a tool (or compliment of tools) to perform
Wireless Scanning during a Pen test.  My plan is to Scan first for the
presence of 802.11(whatever), bluetooth, spycams, bugs, etc. Once these are
detected, then each of the items found can have their security tested.  My
goal of being able to do this is to Take a good security audit methodology
(such as the OSSTMM) and scale it down for small to medium business
effectively.

Can any one recommend tools that they have used to detect these items?

Chuck Fullerton
CEH,OPST,CISSP,CSS1,CCNP,CCDA,CNA,A+

Great idea, Chuck. In my experience, that market is virtually wide-open. As you suspect, no one tool can accomplish your goals, so with that in mind, here's a few suggestions to get you started.

Naturally, your laptop is your friend, and generally speaking, will be your primary tool. That said, grab the following scanner for bluetooth:

http://www.pentest.co.uk/cgi-bin/viewcat.cgi?cat=downloads&section=01_bluetooth

@stake has done a lot of stuff with bluetooth in the not-so distant past, so a little googling may turn up some tools and what-not they created for their research.

Microwave Detector (electronic bugs)
http://www.eaprotection.com/counter/microbugdetector.htm

WiFi Signal Finder
WFS-1 (the king; this was one of the first out, and I love it)
http://www.smartid.com.sg/prod01.htm

Mobile Edge
http://www.meritline.com/wifi-finder-wireless-internet.html
My boss just ordered this one for me yesterday, so I can't pass judgement on it yet.

I don't think I've met all of your requirements, but I'm hoping at least the stuff I had laying around can point you (and google ;) in the right direction.

Cheers,
Joey Peloquin

------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.

http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault