Musings of an infosec nerd

Wireless auditing shopping list

  •   Thu 13 January 2011
  •   InfoSec

I took the 617 class in 2009 and my GAWN cert has landed me with the lovely job of auditing our in-scope PCI sites for wireless activity. I have the kit supplied with 617 and that was fine for a quick and dirty scan to satisfy the QSA, but I am keen that we do this properly, and have the capability to do other activities in relation to wireless auditing and site planning etc.

To this end I have been given a budget to obtain the necessary equipment and I would appreciate any advise anyone is willing to give on the current state of the art to make sure we can catch everything. I need to get the following, but if I have missed something or I have included something that is superfluous then please call me a n00b and tell me what I'm doing wrong.

1 Netbook
1 USB wireless card that can capture 802.11 a/b/g/n at 2.4 and 5 GHz
1 (or many?) 2.4 GHZ omni directional antennas
1 (or many?) 5GHz omni directional antennas
1 2.4GHz directional (YAGI?) antenna.
1 5GHz directional (YAGI?) antenna.

I assume I need antennas specific to each frequency that I need to audit, my understanding of the physics involved suggests that they needed to be the correct length for a particular wavelength.

I was thinking as well that a tri- or mono- pod would be handy for the directional stuff, are there any antenna to camera ISO mounting kits out there?

Assuming the above isn't fantastically expensive I may have room in my budget for a frequency analyser, is there one that would be recommend by anyone? Also, details of any reliable suppliers, preferably UK based would be welcome as well.

I will happily share the outcome of the responses I get, along with the final shopping list any my experience setting up and using it. Hopefully it will be a useful resource for other auditors.

Thanks to everyone in advance for this, and many thanks to SANS, Josh Wright and Steve Armstrong for delivering a fantastic course. There was some hard core material in there that I never would have though would be within my ability to understand, but according to GIAC it all went in and most of it stuck!

The personal blog of a UK based penetration tester