Home page logo
/

pen-test logo Penetration Testing mailing list archives

RE: Wireless Scanning
From: "R. DuFresne" <dufresne () sysinfo com>
Date: Mon, 27 Sep 2004 14:49:08 -0400 (EDT)


Chuck,

Besides the fact, as has been laid out by many that there is no single
tools or set of tools for all the variable technologies you are trying to
track down, one of the biggest issues with a person tryin to tackle what
you are about to is determining your perimiter.  And that can be a big
area of variation, depending upon the tools of potential attackers and
intruders upon your perimiter.  How far does the noise travel from toys
not supposed to be present or poorly implimented.  It will require more
the trodding about from office and hallway to office and hallway, and more
then a few walks about the parkinglot, with each and every toolset for
each and ever possible technology you intend upon tracking.

Thanks,

Ron DuFresne


On Mon, 27 Sep 2004, Chuck Fullerton wrote:

Everyone,

I'd like to thank everyone for their responses.

However, please remember when replying that I'm trying to detect the
presence of these technologies first.  I can enumerate them later.  If we
can first detect the presence we can save time during a pen test by not
bothering to enumerate technologies that aren't present.  Once we are able
to do this we are able to take pentesting from the Enterprise level and
start helping out the Small and Medium businesses with a Quality Pen Test
that is just as thorough as the Enterprise level however without the cost
and time needed for the larger corporations.

Chuck Fullerton
CEH,OPST,CISSP,CSS1,CCNP,CCDA,CNA,A+

-----Original Message-----
From: Chuck Fullerton [mailto:chuckf69 () ceinetworks com]
Sent: Friday, September 24, 2004 4:59 AM
To: RoF () yahoo; Pen-Test
Subject: Wireless Scanning


Everyone,

I'm currently looking for a tool (or compliment of tools) to perform
Wireless Scanning during a Pen test.  My plan is to Scan first for the
presence of 802.11(whatever), bluetooth, spycams, bugs, etc. Once these are
detected, then each of the items found can have their security tested.  My
goal of being able to do this is to Take a good security audit methodology
(such as the OSSTMM) and scale it down for small to medium business
effectively.

Can any one recommend tools that they have used to detect these items?

Chuck Fullerton
CEH,OPST,CISSP,CSS1,CCNP,CCDA,CNA,A+



----------------------------------------------------------------------------
--
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.

http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
---



------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.

http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------


-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior security consultant:  sysinfo.com
                        http://sysinfo.com

"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart

testing, only testing, and damn good at it too!


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault