On Mon, 2007-08-27 at 11:23 +0800, Drexx Laggui [personal] wrote:
> Any Linux "flavor" is good for security testing. What's more important
> for you, I presume, is just to get it running for now.
Generally I agree. However, for some things (e.g., cracking WEP
keys, etc), some tools will only work with some chipsets, e.g., per
AirSnort:
AirSnort 0.2.6 Requirements
AirSnort runs under Windows or Linux, and requires that your wireless
nic be capable of rf monitor mode, and that it pass monitor mode packets
up via the PF_PACKET interface. Cards known to do this are:
* Cisco Aironet
* Prism2 based cards using wlan-ng drivers or Host-AP drivers
* Orinoco cards and clones using patched orinoco_cs drivers
* Orinoc cards using the latest Orinoco drivers >= 0.15 with built
in monitor mode support
* And many others.
* Windows: Any(?) card supported by Airopeek.
AFAIK (but i haven't been keeping up with the state of the art),
some tools for scanning for available networks and scanning for
SSIDs are the same. I consider scanning for and cracking SSIDs
to be security testing. cracking WEP keys isn't because they're
just known to be weak and no amount of obfuscating the WEP
key (AFAIK) will make it much harder. so just knowing THAT WEP
keys are in use is enough to know how secure (or insecure, actually)
the wifi router is. but there's space for arguing that last point
(whether cracking WEP keys is security testing or just cracking with
no redeeming social value :-)
tiger
_________________________________________________
Philippine Linux Users' Group (PLUG) Mailing List
[email protected] (#PLUG @ irc.free.net.ph)
Read the Guidelines: http://linux.org.ph/lists
Searchable Archives: http://archives.free.net.ph
