Have you seen this? http://grep8000.blogspot.com/2010/07/introducing-pwn-plug.html
<http://grep8000.blogspot.com/2010/07/introducing-pwn-plug.html>-A On Wed, Aug 25, 2010 at 10:54 AM, Chris Merkel <[email protected]> wrote: > Question directed to fellow pen-test / red-teaming ninjas: > > Have a test coming up, and want to place a rogue AP. I fully expect that a > vanilla AP/router will be detected. I'm thinking about dropping a Cisco PIX > 501 with the rogue AP sitting on the other side of the NAT gateway, and > turning off all remote PIX management as well (if possible, it's been awhile > since I admin'ed these.), maybe even turn off ICMP echo replies. > > My guess is that this isn't going to be detected... My question is: anyone > gone to that level of evil to evade detection on a network? If so, could you > share any tips or gotchas you encountered along the way? > > (BTW, you can get a PIX 501 on ebay for under 100 bucks... so well within > the reach of an attacker...) > > -- > - Chris Merkel > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com >
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
