lower your power, set the ssid to one of the target's closest neighboring access points and then change to mac to closely match the neighbor's bssid
On Wed, Aug 25, 2010 at 5:40 PM, Chris Merkel <[email protected]> wrote: > Yeah, that does just about everything I need. I'm still going to drop a big > ugly pix and ghetto AP for the fun of it. > Aside from this all-in-wonderful pwnage device, anyone else have tips for > stealthy AP usage? > - Chris > > On Wed, Aug 25, 2010 at 2:19 PM, Andrew Johnson <[email protected]> > wrote: >> >> Have you seen >> this? http://grep8000.blogspot.com/2010/07/introducing-pwn-plug.html >> -A >> >> On Wed, Aug 25, 2010 at 10:54 AM, Chris Merkel <[email protected]> wrote: >>> >>> Question directed to fellow pen-test / red-teaming ninjas: >>> Have a test coming up, and want to place a rogue AP. I fully expect that >>> a vanilla AP/router will be detected. I'm thinking about dropping a Cisco >>> PIX 501 with the rogue AP sitting on the other side of the NAT gateway, and >>> turning off all remote PIX management as well (if possible, it's been awhile >>> since I admin'ed these.), maybe even turn off ICMP echo replies. >>> My guess is that this isn't going to be detected... My question is: >>> anyone gone to that level of evil to evade detection on a network? If so, >>> could you share any tips or gotchas you encountered along the way? >>> (BTW, you can get a PIX 501 on ebay for under 100 bucks... so well within >>> the reach of an attacker...) >>> >>> -- >>> - Chris Merkel >>> >>> _______________________________________________ >>> Pauldotcom mailing list >>> [email protected] >>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>> Main Web Site: http://pauldotcom.com >> >> >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com > > > > -- > - Chris Merkel > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
