RE: HW/SW Rogue AP Wireless Detection

From: R. DuFresne (dufresneat_private)
Date: Fri Mar 14 2003 - 12:05:28 PST

Next message: MILES John M: "RE: HW/SW Rogue AP Wireless Detection"

Previous message: MILES John M: "RE: HW/SW Rogue AP Wireless Detection"
In reply to: MILES John M: "RE: HW/SW Rogue AP Wireless Detection"
Next in thread: Reyk Floeter: "Re: HW/SW Rogue AP Wireless Detection"
Next in thread: MILES John M: "RE: HW/SW Rogue AP Wireless Detection"
Reply: Reyk Floeter: "Re: HW/SW Rogue AP Wireless Detection"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

doesn't this  setiup though limit you to 802.11b scanning and thus leave
you open to rogue 802.11a AP's?

Thanks,

Ron DuFresne


On Fri, 14 Mar 2003, MILES John M wrote:

> Completely agreed, in our war-drives through our facilities to find rouge
> access points, the best combiniation we have found is an iPAQ, with the
> dual-pcmcia sleeve, a Lucent/Orinoco card, mini-stumbler, and a good
> external antenna.
> 
> -----Original Message-----
> From: Rob Shein [mailto:shotenat_private] 
> Sent: Friday, March 14, 2003 9:02 AM
> To: 'Dan Lynch'; pen-testat_private
> Subject: RE: HW/SW Rogue AP Wireless Detection
> 
> 
> Dan,
> 
> Your better choice is an iPAQ with the PC Card "expansion sleeve plus,"
> which adds a second battery to the equation.  This gives you longer life,
> and also allows you to use a Lucent/Cisco PC Card adapter that can accept an
> external antenna, which will give you better range.
> 
> > -----Original Message-----
> > From: Dan Lynch [mailto:dan.lynchat_private]
> > Sent: Thursday, March 13, 2003 7:43 PM
> > To: pen-testat_private
> > Subject: Re: HW/SW Rogue AP Wireless Detection
> > 
> > 
> > Gary,
> >  
> > I recently acquired a Toshiba e740 for that purpose. It's a
> > reasonably priced and perfectly competent little Windows CE 
> > device. But I've also found that its wireless capabilities 
> > are limited due to the small amount of power available. 
> > First, running with the built-in antenna enabled depletes a 
> > full battery in under an hour. Second, you need to be pretty 
> > danged close to an AP to detect it.
> >  
> > As for software, PocketWarrior (www.pocketwarrior.org), and
> > Cirond's Winc (www.cirond.com/site/products/wifispotter), 
> > along with the built-in Windows CE "Wireless LAN Utility" 
> > does the trick. 
> >  
> > Finding these limitations though has sent me in search of a
> > better solution. From NetStumbler.org I found reference to 
> > www.fab-corp.com, where they offer LinkSys and DLink "starter 
> > kits" (antennas and cables), as well as NICs, etc. I hear 
> > they offer special discounts for "net stumblers". But I 
> > haven't tried out any of those solutions or compared prices yet. 
> >  
> > Best of luck,
> >  
> > Dan Lynch
> > County of Placer
> > Auburn, CA
> > 
> > 
> > >>> Gary Nugent <garynugentat_private> 03/12/03 10:27AM >>>
> > Hello, there, I am looking for anyone who has had experience
> > with a combined (pref. PDA) device for signal 
> > detection/analysis.  I am familiar with the Fluke Ipaq-based 
> > product 
> > (http://www.flukenetworks.com/us/LAN/Handheld+Testers/WaveRunn
> er/Overview.htm),
> but it is quite expensive (app. $2500 US or more).  The rogue AP detection
> is a crucial part of this.  Any thoughts? 
> 
> Regards, 
> 
> Gary Nugent 
> E gary.nugentat_private 
> 
> 
> --------------------------------------------------------------------
> This message originated from a mobile.rogers.com webmail account. Ce message
> provient d'un compte de courriel web mobile.rogers.com.
> --------------------------------------------------------------------
> 
> ----------------------------------------------------------------------------
> 
> Are your vulnerability scans producing just another report? Manage the
> entire remediation process with StillSecure VAM's Vulnerability Repair
> Workflow. Download a free 15-day trial:
> http://www2.stillsecure.com/download/sf_vuln_list.html 
> 
> 
> 
> 
> 
> ----------------------------------------------------------------------------
> Did you know that you have VNC running on your network? 
> Your hacker does. Plug your security holes now! 
> Download a free 15-day trial of VAM:
> http://www2.stillsecure.com/download/sf_vuln_list.html
> 
> 
> ----------------------------------------------------------------------------
> Did you know that you have VNC running on your network? 
> Your hacker does. Plug your security holes now! 
> Download a free 15-day trial of VAM:
> http://www2.stillsecure.com/download/sf_vuln_list.html
> 
> ----------------------------------------------------------------------------
> Did you know that you have VNC running on your network? 
> Your hacker does. Plug your security holes now! 
> Download a free 15-day trial of VAM:
> http://www2.stillsecure.com/download/sf_vuln_list.html
> 

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior security consultant:  sysinfo.com
                        http://sysinfo.com

"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart

testing, only testing, and damn good at it too!


----------------------------------------------------------------------------
Did you know that you have VNC running on your network? 
Your hacker does. Plug your security holes now! 
Download a free 15-day trial of VAM:
http://www2.stillsecure.com/download/sf_vuln_list.html

Next message: MILES John M: "RE: HW/SW Rogue AP Wireless Detection"
Previous message: MILES John M: "RE: HW/SW Rogue AP Wireless Detection"
In reply to: MILES John M: "RE: HW/SW Rogue AP Wireless Detection"
Next in thread: Reyk Floeter: "Re: HW/SW Rogue AP Wireless Detection"
Next in thread: MILES John M: "RE: HW/SW Rogue AP Wireless Detection"
Reply: Reyk Floeter: "Re: HW/SW Rogue AP Wireless Detection"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Mar 14 2003 - 12:09:33 PST