Home page logo
/

pen-test logo Penetration Testing mailing list archives

RE: Wireless Scanning
From: Maliha Rashid <maliha.rashid () cyber-networks fr>
Date: Mon, 27 Sep 2004 16:14:10 +0200

Check out Yellowjacket for spectrum analysis.


-----Message d'origine-----
De : Rob Shein [mailto:shoten () starpower net]
Envoyé : samedi 25 septembre 2004 21:19
À : 'Chuck Fullerton'; 'RoF () yahoo'; 'Pen-Test'
Objet : RE: Wireless Scanning


While the 802.11x, bluetooth, and generic spycam scanning components are
easy enough, when you get into countermeasures against real,
professional-grade bugs you're getting into a whole new world.  For one,
you're going to have to throw down thousands on gear, and then you're just
getting started.  The basic gist of a bug sweep...and mind you, this will
only detect bugs that are transmitting...is to do a sweep, locate sources of
RF noise, eliminate them, and then repeat until the area is clean.  You'll
be amazed at how hard this is to do; the average modern environment is
insanely noisy in terms of RF emissions.  And then it won't catch bugs that
are wired to a more distant transmitter, laser mics being bounced off of the
windows, or doppler radar being used to detect the modulation of an object
in the room in response to sound waves.  The later scenarios show
increasingly funded and well-trained adversaries, but the technology and
skills aren't restricted to the realm of governments anymore, either.

-----Original Message-----
From: Chuck Fullerton [mailto:chuckf69 () ceinetworks com] 
Sent: Friday, September 24, 2004 4:59 AM
To: RoF () yahoo; Pen-Test
Subject: Wireless Scanning


Everyone,

I'm currently looking for a tool (or compliment of tools) to 
perform Wireless Scanning during a Pen test.  My plan is to 
Scan first for the presence of 802.11(whatever), bluetooth, 
spycams, bugs, etc. Once these are detected, then each of the 
items found can have their security tested.  My goal of being 
able to do this is to Take a good security audit methodology 
(such as the OSSTMM) and scale it down for small to medium 
business effectively.

Can any one recommend tools that they have used to detect these items?

Chuck Fullerton
CEH,OPST,CISSP,CSS1,CCNP,CCDA,CNA,A+



--------------------------------------------------------------
----------------
Ethical Hacking at the InfoSec Institute. All of our class 
sizes are guaranteed to be 12 students or less to facilitate 
one-on-one interaction with one of our expert instructors. 
Check out our Advanced Hacking course, learn to write 
exploits and attack security infrastructure. Attend a course 
taught by an expert instructor with years of in-the-field pen 
testing experience in our state of the art hacking lab. 
Master the skills of an Ethical Hacker to better assess the 
security of your organization.

http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
---




----------------------------------------------------------------------------
--
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.

http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
---


------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.

http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault