Penetration Testing mailing list archives
RE: Wireless Scanning
From: Maliha Rashid <maliha.rashid () cyber-networks fr>
Date: Mon, 27 Sep 2004 16:14:10 +0200
Check out Yellowjacket for spectrum analysis. -----Message d'origine----- De : Rob Shein [mailto:shoten () starpower net] Envoyé : samedi 25 septembre 2004 21:19 À : 'Chuck Fullerton'; 'RoF@yahoo'; 'Pen-Test' Objet : RE: Wireless Scanning While the 802.11x, bluetooth, and generic spycam scanning components are easy enough, when you get into countermeasures against real, professional-grade bugs you're getting into a whole new world. For one, you're going to have to throw down thousands on gear, and then you're just getting started. The basic gist of a bug sweep...and mind you, this will only detect bugs that are transmitting...is to do a sweep, locate sources of RF noise, eliminate them, and then repeat until the area is clean. You'll be amazed at how hard this is to do; the average modern environment is insanely noisy in terms of RF emissions. And then it won't catch bugs that are wired to a more distant transmitter, laser mics being bounced off of the windows, or doppler radar being used to detect the modulation of an object in the room in response to sound waves. The later scenarios show increasingly funded and well-trained adversaries, but the technology and skills aren't restricted to the realm of governments anymore, either.
-----Original Message----- From: Chuck Fullerton [mailto:chuckf69 () ceinetworks com] Sent: Friday, September 24, 2004 4:59 AM To: RoF@yahoo; Pen-Test Subject: Wireless Scanning Everyone, I'm currently looking for a tool (or compliment of tools) to perform Wireless Scanning during a Pen test. My plan is to Scan first for the presence of 802.11(whatever), bluetooth, spycams, bugs, etc. Once these are detected, then each of the items found can have their security tested. My goal of being able to do this is to Take a good security audit methodology (such as the OSSTMM) and scale it down for small to medium business effectively. Can any one recommend tools that they have used to detect these items? Chuck Fullerton CEH,OPST,CISSP,CSS1,CCNP,CCDA,CNA,A+ -------------------------------------------------------------- ---------------- Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization.
http://www.infosecinstitute.com/courses/ethical_hacking_training.html ---------------------------------------------------------------------------- --- ---------------------------------------------------------------------------- -- Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. http://www.infosecinstitute.com/courses/ethical_hacking_training.html ---------------------------------------------------------------------------- --- ------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------------------------
Current thread:
- RE: Wireless Scanning, (continued)
- RE: Wireless Scanning Rob Shein (Sep 27)
- RE: Wireless Scanning Chuck Fullerton (Sep 27)
- RE: Wireless Scanning R. DuFresne (Sep 28)
- Re: Wireless Scanning Konstantin V. Gavrilenko (Sep 28)
- RE: Wireless Scanning Carney, Mark (Sep 24)
- RE: Wireless Scanning Clarke, Tyronne (Contractor) (Sep 24)
- RE: Wireless Scanning DeGennaro, Gregory (Sep 27)
- Re:Wireless Scanning Ghaith Nasrawi (Sep 27)
- Re: Wireless Scanning admin (Sep 27)
- RE: Wireless Scanning Ben Cook (Sep 27)
- RE: Wireless Scanning Maliha Rashid (Sep 27)
- RE: Wireless Scanning Lodin, Steven {D106~Indianapolis} (Sep 27)
- RE: Wireless Scanning Jason T (Sep 28)
- Re: Wireless Scanning Joshua Wright (Sep 30)
- Re: Wireless Scanning sam stover (Sep 30)
- RE: Wireless Scanning Jerry Shenk (Sep 30)
- Re: Wireless Scanning Max Moser (Sep 30)
- Re: Wireless Scanning Konstantin V. Gavrilenko (Sep 30)
- RE: Wireless Scanning Jason T (Sep 28)
- RE: Wireless Scanning Wozny, Scott (US - New York) (Sep 30)