Have recently aquired the recommended WAP and USB Wifi device for my attempt at Backtrack WiFU after easter.  My initial plans were to just run the WAP in various configurations and keep experimenting with aircrack as it's currently not connected to anything.

As well as my laptop that dual boots Ubuntu and Backtrack, I also have a reasonable spec PC (with 2 network cards) setup with just Backtrack on and sat on my home network/internet connection.

Have just had a thought that I could run a couple of VM's off my backtrack PC (dam vunerable linux and a poorly patched xp), tie them down to the 2nd network card and connect that to my new WAP so I have something to have a go at when I crack into the WAP.

Bearing in mind that my training WAP is going to be potentially vunerable, whats the best way to secure my backtrack system so I don't allow someone an easy way in. 

I plan to put the second network card, vm's and the wap on a class B network address and subnet compared with my class c address for my network but want to do everything else I can to keep the two networks separated on the PC???

Just put all your vulnerable VMs on a virtual network that isn't connected to anything else (as opposed to bridged, NAT, or host-only).


You need the handshake for WPA, but you can use something like fragmentation or chopchop for WEP.

When I did wifu, I had an Linksys WRT54GL with a xubuntu box connected to it via wireless, and another on connected to it via wire. The router itself was not connected to the internet.

I use the traffic between them for the labs where I needed to have traffic running (handshake, capture, etc). I also used being able to connect into those boxes as proof I had the right key when I connected to wireless from my laptop running backtrack.

Bit more advice required here if possible as my 'hacking' PC has two nics in and i'm having an issue with them

The 1st is a 100M onboard one (eth0) currently connected to my WAP and vunerable machines that has no external connection to the internet.  This gets a 10.0 address off my WAP (subnetted)

The 2nd is a 1G add in card (eth1) connected to my home network that has a connection to the internet.  This gets a 192 address off my internet router

With eth1 up, I am able to browse the internet and do all the good stuff.  The moment I bring eth 0 up, I lose my connection to the internet as it tries to route all my traffic through the WAP.

What would be the best way to get my system to route all external traffic through my home net? 
Should I swap the nic cables over so that eth1 connects to my WAP and eth0 my home network?
Do I just need to make modifications to the routing table on my PC?

My next question is re VMware and virtual networks.  I've currently got VMWare Player but could get my hands on a (legal) copy of Workstation if needed.
I'd like to bridge any virtual machines I create onto which ever NIC is attached to the WAP.  Is there any way to force which nic the VM binds to?

Thanks in advance

Set eth0 to a static address, but leave the default gateway blank

I've had this trouble in the past, multiple default gateway's can only lead to trouble