Yeah, that does just about everything I need. I'm still going to drop a big ugly pix and ghetto AP for the fun of it.
Aside from this all-in-wonderful pwnage device, anyone else have tips for stealthy AP usage? - Chris On Wed, Aug 25, 2010 at 2:19 PM, Andrew Johnson <[email protected]>wrote: > Have you seen this? > http://grep8000.blogspot.com/2010/07/introducing-pwn-plug.html > > <http://grep8000.blogspot.com/2010/07/introducing-pwn-plug.html>-A > > On Wed, Aug 25, 2010 at 10:54 AM, Chris Merkel <[email protected]> wrote: > >> Question directed to fellow pen-test / red-teaming ninjas: >> >> Have a test coming up, and want to place a rogue AP. I fully expect that a >> vanilla AP/router will be detected. I'm thinking about dropping a Cisco PIX >> 501 with the rogue AP sitting on the other side of the NAT gateway, and >> turning off all remote PIX management as well (if possible, it's been awhile >> since I admin'ed these.), maybe even turn off ICMP echo replies. >> >> My guess is that this isn't going to be detected... My question is: anyone >> gone to that level of evil to evade detection on a network? If so, could you >> share any tips or gotchas you encountered along the way? >> >> (BTW, you can get a PIX 501 on ebay for under 100 bucks... so well within >> the reach of an attacker...) >> >> -- >> - Chris Merkel >> >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com >> > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > -- - Chris Merkel
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
