.

Wireless Pen Testing Cards

<<

det_security08

Newbie
Newbie

Posts: 8

Joined: Mon Jun 23, 2008 7:29 pm

Post Tue Oct 14, 2008 10:34 am

Wireless Pen Testing Cards

Can anyone suggest a wireless network card for a mobile laptop for wireless pen testing (including capture and cracking)?  There are several chipsets/cards available that work with most of the free tools out there, but just curious if a few stood above the rest?
<<

KrisTeason

User avatar

Hero Member
Hero Member

Posts: 515

Joined: Sat Sep 08, 2007 7:48 pm

Location: /dev/null

Post Tue Oct 14, 2008 11:23 am

Re: Wireless Pen Testing Cards

I'd personally go with the Alfa AWUS036H as suggested below:
http://www.ethicalhacker.net/component/ ... ic,2649.0/

I managed to purchase it a few months and the range on this bad boy is mad bitchen.
eCPPT (Silver/Gold), eWPT, GSEC, GISP, GCIH, OSCP, OSWP
<<

joswr1ght

Newbie
Newbie

Posts: 11

Joined: Wed Oct 15, 2008 12:55 pm

Post Wed Oct 15, 2008 2:39 pm

Re: Wireless Pen Testing Cards

KrisTeason wrote:I'd personally go with the Alfa AWUS036H as suggested below:
http://www.ethicalhacker.net/component/ ... ic,2649.0/


I second that recommendation, also available at http://www.netgate.com/product_info.php?products_id=665 (no affiliation).

-Josh
<<

izman70

User avatar

Newbie
Newbie

Posts: 8

Joined: Wed May 07, 2008 6:09 am

Post Tue Jan 06, 2009 11:32 am

Re: Wireless Pen Testing Cards

I ve used the Proxim Orinoco Gold b/g cards with the external pigtail connection which was good for its time. But I totally recommend the Ubiquiti SRC 300mW 802.11 a/b/g MMCX. Its a little pricey but none the less I believe the best card I ve used so far.

www.ubnt.com

Thanks
<<

izman70

User avatar

Newbie
Newbie

Posts: 8

Joined: Wed May 07, 2008 6:09 am

Post Tue Jan 06, 2009 11:36 am

Re: Wireless Pen Testing Cards

One more note...I have to say...I do like the Alpha...I ve used it too but I hate trying to wardrive with that clunker sticking from the side of my laptop...but I have used it for wireless pentesting in a VM... but thats another thread!! Long story short... they are both very good cards...depends on what you want to use them for.
<<

charlottebandit

Newbie
Newbie

Posts: 49

Joined: Sat Jun 10, 2006 4:26 pm

Post Wed Jan 07, 2009 2:02 pm

Re: Wireless Pen Testing Cards

Not to say that wlan pen-testing is a dead subject however the enterprise-class wireless manufacturers have already migrated to 802.11n (draft-n) over G-networks.  For the most part, b-band is rarely seen because of the security implications.

Having said that, more 802.11n enterprise-class APs are integrating security features to provide an incredible amount of security that wasn't seen in the past two years.  You have APs that do:

- onboard Layer 1/2 IPS
- integration with Layer 3-7 network IPS
- AAA backend authentication
- integration with Network Admission Control (NAC) for posture assessment and compliance
- rogue AP detection
- management frame protection (beacon frame integrity)
- AES encryption to the AP (client association)
- and much, much more

Many customers are buying APs solely for their ability to detect (and mitigate) rogue APs either by careless individuals violating the security policy or by malicious attackers.  Now wireless network analysis is a growing field with tons of potential and part of the new CCIE Wireless roadmap. 
MS, CCSP, CCNP, CCDP, CEH, CHFI, CPTS
<<

jason

User avatar

Hero Member
Hero Member

Posts: 1013

Joined: Sat Jun 21, 2008 6:23 pm

Location: USA

Post Thu Jan 08, 2009 12:25 am

Re: Wireless Pen Testing Cards

Yup, and gobs of outdated and insecure equipment still in use. Just take a look at TJX.
<<

Vertigo

Newbie
Newbie

Posts: 13

Joined: Thu Oct 16, 2008 10:34 am

Post Mon Jan 12, 2009 5:23 am

Re: Wireless Pen Testing Cards

I'm using high power 500mW Alfa AWUS036H  card with 5dB omni-directional antena for pentesting and Linksys WPC55AG pcmcia card (a+b+g standards support) with atheros chipset for research and studying purposes - due great wirelesss extensions support. Unfortunately, BT3F dosn't support AWUS036H  wireless driver for wpa/wpa2 supplicant , for this I'm using Windows XP driver. How to emulate windows drivers http://forums.remote-exploit.org/showthread.php?t=15497
<<

jakx

Newbie
Newbie

Posts: 14

Joined: Mon Aug 11, 2008 9:20 am

Post Fri Jan 16, 2009 12:18 am

Re: Wireless Pen Testing Cards

I am going to have to agree. I just got the Alfa about a week ago and it amazing. Fully supports injection, monitor mode, etc.. Highly recommended!
<<

RoleReversal

User avatar

Hero Member
Hero Member

Posts: 928

Joined: Fri Jan 04, 2008 8:54 am

Location: UK

Post Sun Apr 12, 2009 11:42 am

Re: Wireless Pen Testing Cards

Sorry to all for re-opening an old post.

I've had my eye on one of the Alfas for a whilst thanks to this and other positive reviews on EH-net. Someone was smiling on me when my new toys arrived the day before the holiday weekend, perfect timing :D.

First off I'll agree with everyone else, the Alfa AWUS036H is a wonderful bit of kit. It's handled everything I've thrown at it so far with exceptional results, equally effective under either Windows (Vista) or 'nix (Kubuntu and Backtrack).

I got the wireless bug after reading through the CWNA resources (thanks again Don) and I'm now looking to beef up my wireless arsenal with a GPS receiver. I've looked at the TripNav TN-200 devices and they seem to do what I require, but I've got little to no experience in this area so was hoping I could enlist the collective insights of EH-net to point me in the right direction.

Thanks in advance.
<<

Otter

Newbie
Newbie

Posts: 41

Joined: Tue Jul 03, 2007 1:03 pm

Post Sun Apr 19, 2009 3:05 am

Re: Wireless Pen Testing Cards

RoleReversal wrote:I got the wireless bug after reading through the CWNA resources (thanks again Don) and I'm now looking to beef up my wireless arsenal with a GPS receiver. I've looked at the TripNav TN-200 devices and they seem to do what I require, but I've got little to no experience in this area so was hoping I could enlist the collective insights of EH-net to point me in the right direction.

Thanks in advance.



I have a Garmin GPS18 usb puck.   It works very well with gpsd with BAcktrack 3.  OWSA Assistant identifies it just fine, though for some mystifying reason, that live distro seems to lack gpsd.     This unit, however is borked under Backtrack 4 beta, as that distro (and its parent distro, apparently) have omitted the garmin_gps kernel driver from the distro due to some concerns over the security by which that driver leverages the USB bus, or some such.   

Edit:  It's in there.  you just need to do the following post-insertion:
modprobe garmin_gps
mount -t usbfs none /proc/bus/usb


If you're buying a new GPS receiver for your laptop, one that connects via bluetooth might be worth considering, as with wireless testing, you seem to be plenty tethered already between antennae and power cords for the laptop.  One less just makes it easier to be nimble, or less of a pain in the butt working in the confines of a car.  I can get a specific recommendation out of a coworker who has a deliciously small bluetooth gps receiver that reportedly works well with gpsd under Linux. 

As for my rig, I have a ubiquity SRC http://ubnt.com/products/src.php&nbsp; (300mW, b/g/a, dual mmcx connectors with diversity tuners) but that Alfa  usb card looks like something to have for sure.  500mW plus the ability to run under vmware is certainly handy.   I have an Elcom 15dbi radome enclosed yaggi that fits in checked luggage easily, and as an 18" white cylinder is not terribly suspicious looking in a car (particularly in the cardboard box it comes in) versus something that looks very plainly like an antenna.  Elcom also has a 15dBi omni that's worth considering. 

One other neat idea for wireless pentesting I recently picked up was to have a trio of identitical USB connected cards tuned to channels 1, 6, and 11.    This makes channel hopping largely something you don't have to deal with, as with the overlapping of other channels, you pick up the stuff in the middle, yet converge faster in a drive around since you're not having to hop.  kismet has no trouble keeping up with the 3 sources.   Hawking makes a USB card that uses ralink drivers and has an external antenna (rp-sma I think), costs about $40 and is sold at Microcenter.    You'd still want, however, a high powered card for injection and deauth attacking, but a trio of those low costs things does make the passive sniffing part a bit quicker if you like.   

 
Last edited by Otter on Tue May 12, 2009 3:16 am, edited 1 time in total.
<<

RoleReversal

User avatar

Hero Member
Hero Member

Posts: 928

Joined: Fri Jan 04, 2008 8:54 am

Location: UK

Post Sun Apr 19, 2009 4:13 am

Re: Wireless Pen Testing Cards

Thanks for the advice Otter, that Garmin unit looks rather nice, but the lack of BT4 support may be a deal-breaker (although as BT4 is ubuntu based I would expect it wouldn't take too much work to get the required drivers integrated).

From my (currently limited) wardriving experience I haven't had too much of an issue with getting tied into a knot too many cables, but I take your meaning with bluetooth connections, should hopefully reduce some of the eye-brow raising as a connect and dismantle my car rig :) If you're able to get a part/model number for the device I'll give it a look, still doing my homework for a couple of weeks before making a purchase.

I actually tried playing with the multi-card split capabilities within Kismet yesterday. So far I've found I gain better performance running with a single card, but this is likely due to my limited kit meaning I'm mixing an internal card with my Alfa rig. If you manage to have better success with multiple higher-end interfaces I'd be interested in your results as the costs of the Hawking card you reference makes a multi card rig quite affordable.
<<

Kev

Sr. Member
Sr. Member

Posts: 428

Joined: Sat Sep 29, 2007 12:26 pm

Post Sun Apr 19, 2009 10:55 am

Re: Wireless Pen Testing Cards

RoleReversal wrote: but the lack of BT4 support may be a deal-breaker


I am writing an article that I hope will change that. Believe it or not most "advanced" hackers I talk to don't even use Backtrack. 
<<

RoleReversal

User avatar

Hero Member
Hero Member

Posts: 928

Joined: Fri Jan 04, 2008 8:54 am

Location: UK

Post Sun Apr 19, 2009 1:38 pm

Re: Wireless Pen Testing Cards

Kev,

I know this seems to be a familiar theme and bugbear on the forum when ever BackTrack is discussed. For the most part I agree with the sentiment, but the ability for hardware and tools to 'just work' under a live boot environment can be invaluable, especially when used under incident response engagement. Look forward to reading the article, shout when it's ready for public consumption.
Last edited by RoleReversal on Sun Apr 19, 2009 1:40 pm, edited 1 time in total.
<<

TTewell

Newbie
Newbie

Posts: 21

Joined: Mon Apr 20, 2009 7:09 pm

Post Wed Apr 22, 2009 7:50 am

Re: Wireless Pen Testing Cards

xXxKrisxXx wrote:I'd personally go with the Alfa AWUS036H as suggested below:
http://www.ethicalhacker.net/component/ ... ic,2649.0/

I managed to purchase it a few months and the range on this bad boy is mad bitchen.

I know Cain & Abel suggest AirPcap but can this device be used with it as well?
Next

Return to Wireless

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software