OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Re: Wireless Cards for pen testing?

From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (sbradcpapacbell.net)
Date: Thu Aug 10 2006 - 21:18:56 CDT


Don't know if they still offer it.. but SANS used to sell them at their
conferences..
bet they still do since it's on their web site....
https://store.sans.org/store_category.php?category=merchandis
Scroll to the bottom and you can see the Orinoco there.

I have an old 'b' version that is still the best rock solid card around.

Sean Calista wrote:
> Hi,
>
> I would recommend getting a prism chipset or a Orinoco chipset. I have
> the SENAO NL-2511CD EXT2 (prism chipset) and a Cisco Aironet 350. Using
> Kismet and tools for wep cracking work great with my Cisco Aironet 350.
> However if you want to use a program such as void11 to perform
> de_authenication and use the HostAP drivers you need to have a prism
> chipset based card. Prism chipset based cards are an all around great
> chipset, It works well performing wep and wpa cracking and still has the
> ability to work with most penetration testing tools. Note : The Senao
> NL-2511cd does not have a internal antenna. I bought a small MMCX
> antenna that hooks into it. I also use a 7db and a 14db antenna(yagi) as
> well. My Senao works great with void 11,wep_crack,kismet,airdump, and
> other tools on backtrack and auditor.
>
> -----Original Message-----
> From: jpippin [mailto:jpippingmail.com]
> Sent: Thursday, August 10, 2006 2:56 AM
> To: nikhildasgmail.com; pen-testsecurityfocus.com
> Subject: RE: Wireless Cards for pen testing?
>
> Get an Orinoco Gold with the Hermes2 chipset. Then use the Backtrack
> LiveCD
> and you're set to pen-test.
>
> Joel Pippin
> President
> Secure Network Administration, Inc.
> 919.260.5759
>
>
>
> -----Original Message-----
> From: nikhildasgmail.com [mailto:nikhildasgmail.com]
> Sent: Wednesday, August 09, 2006 3:43 AM
> To: pen-testsecurityfocus.com
> Subject: Wireless Cards for pen testing?
>
> Hi,
>
> im jus starting out at a security firm and have been put in charge of
> getting my own kit because the person in charge is on leave. i will be
> starting out with wired network audits but i have been given a free run
> of
> the wireless section too.
>
>
>
> could u recommend some cards that are supported by all
> security
> test software? eg airsnort/kismet? will i need to purchase one of each
> chipset? ie prism2/atheros. i need windows and linux support. thanks
>
> ------------------------------------------------------------------------
> ----
> --
> This List Sponsored by: Cenzic
>
> Concerned about Web Application Security?
> Why not go with the #1 solution - Cenzic, the only one to win the
> Analyst's
> Choice Award from eWeek. As attacks through web applications continue to
> rise, you need to proactively protect your applications from hackers.
> Cenzic
> has the most comprehensive solutions to meet your application security
> penetration testing and vulnerability management needs. You have an
> option
> to go with a managed service (Cenzic ClickToSecure) or an enterprise
> software (Cenzic Hailstorm). Download FREE whitepaper on how a managed
> service can help you: http://www.cenzic.com/news_events/wpappsec.php
> And, now for a limited time we can do a FREE audit for you to confirm
> your
> results from other product. Contact us at requestcenzic.com for
> details.
> ------------------------------------------------------------------------
> ----
> --
>
>
> ------------------------------------------------------------------------
> ------
> This List Sponsored by: Cenzic
>
> Concerned about Web Application Security?
> Why not go with the #1 solution - Cenzic, the only one to win the
> Analyst's
> Choice Award from eWeek. As attacks through web applications continue to
> rise,
> you need to proactively protect your applications from hackers. Cenzic
> has the
> most comprehensive solutions to meet your application security
> penetration
> testing and vulnerability management needs. You have an option to go
> with a
> managed service (Cenzic ClickToSecure) or an enterprise software
> (Cenzic Hailstorm). Download FREE whitepaper on how a managed service
> can
> help you: http://www.cenzic.com/news_events/wpappsec.php
> And, now for a limited time we can do a FREE audit for you to confirm
> your
> results from other product. Contact us at requestcenzic.com for
> details.
> ------------------------------------------------------------------------
> ------
>
>
>
> ------------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Concerned about Web Application Security?
> Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
> Choice Award from eWeek. As attacks through web applications continue to rise,
> you need to proactively protect your applications from hackers. Cenzic has the
> most comprehensive solutions to meet your application security penetration
> testing and vulnerability management needs. You have an option to go with a
> managed service (Cenzic ClickToSecure) or an enterprise software
> (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
> help you: http://www.cenzic.com/news_events/wpappsec.php
> And, now for a limited time we can do a FREE audit for you to confirm your
> results from other product. Contact us at requestcenzic.com for details.
> ------------------------------------------------------------------------------
>
>
>

--
Letting your vendors set your risk analysis these days?
http://www.threatcode.com

If you are a SBSer and you don't subscribe to the SBS Blog... man ... I will hunt you down...
http://blogs.technet.com/sbs

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at requestcenzic.com for details.
------------------------------------------------------------------------------