From Security Weekly Wiki
Jump to navigationJump to search
725 bytes added ,  22:55, 5 July 2007
no edit summary
[PaulDotCom] - Broadcom drivers suck and don't give you the RSSI info. However, using Kamikaze and the 2.6 kernel you can get Atheros drivers to work on your platform. No configuration in /etc/config, however you can use the wlanconfig commands to configure. You will then need to compile Kismet drone with atheros support, which I just haven't gotten around to. [Larry] - This requires you to have a device with an Atheros chipset! An ASUS WL500g Premium will work nicely with a swap out on the mini-pci card. On WRT, you are hosed for Signal strenght - which was part of my problems while writing my GAWN Gold Paper (in the SANS RR). The other problem is with multiple Kismet Drones - unable to determine which drone spotted the AP. Allegedly there is a fix in newcore for this one.
== WEP & WRT54G Models (Andy) ==
[PaulDotCom] - <Shameless Book Plug>There is a hack in the book that shows you how to get WPA-Enterprise working on a standalone WRT54G. This is the most secure option, and does not have the vulnerabilities that are contained within WEP or WPA-PSK. The WRT54GL router is the one recommended in the book and is still produced by Linksys for hacking. The WRTSL54GS is great too and used in the book too, its $99 if that fits into your budget. With respects to war driving, the book has an awesome hack, poineered by renderman and improved upon by Larry, called war-driving in a box!</Shameless Book Plug>[Larry] - As a future update, I'm going to port the Wardriving-in-a-Box to the WRTSL54GS. This will make it easier for even n00bs to complete the hack (and by n00bs, I mean those with out soldering skillz).
== Secure Web Development (d4ncingd4n) ==
D4ncingD4n </pre>
[PaulDotCom] - I would suggest using whatever web application platform you are most comfortable with, take SANS Secure coding courses and web application courses, and regularly audit your code and application. [Larry] - Mmmm, beer. Good idea on list of beers, and for a list of education resources.


Navigation menu