4 Other Essential Peripherals

4 Other Essential Peripherals


Weve discussed our laptop and how to install BackTrack, a Linux-based operating system thats geared towards Penetration Testing. Also this past week, weve discussed which wireless card best presents us with an easy, plug-and-play experience when it comes to working with BackTrack and the aircrack-ng suite.


Now, were going to take a look at the other components of our Essential Toolkit. Were going to need the following extra tools:
  • A Network Hub (for sniffing wired networks with Wireshark)
  • A USB Bluetooth Adapter
  • Two or Three USB flash drives
  • Two or Three Ethernet cables
So, Bertha is all dressed up for a night on the town with a nice, sleek, black number called BackTrack. Now its time to accesorize her with a few nice baubles.

THE NETWORK HUB
There are plenty of devices out there that say theyre a network hub. However, if you look carefully at how they actually work, the devices are not network hubs. They act like network switches. 
Whats the difference you ask?
Im glad you asked. Every good hacker should know the difference between switches and hubs.
HUBS vs SWITCHES
Hubs are dumb network devices. Hubs take data in and send it back out to every single port on the device. They do not sort the data coming in or going out in any way. Switches do. Switches remember which MAC addresses are connected to which port and ONLY SEND THE DATA MEANT FOR THAT MAC ADDRESS TO THAT PORT. This ensures a much more efficient network environment.
But what we want for network traffic sniffing is not what a switch offers us. A switched environment defeats us, the hacker, from network traffic sniffing.
Think about it for a moment. If were sniffing network traffic, we want ALL the traffic, not just the traffic meant for us. A switch will only send us the data we are MEANT to have. So what do we do? We hook a network hub up at a central location, and we plug our laptop (remember Bertha?) up to the hub.
So, in order to do this, we must equip our Toolkit with a network hub. But weve got to be careful when making our decision. A lot of network devices out there claim to be hubs, but are, in fact, switches.
Theres a reference sheet located on Wiresharks web site that lists out suggested hubs for you. Personally, my Toolkit already contains a hub. But if I were in the market today to get a hub, Id first peruse the HubReference at Wiresharks web site (that you can find here: http://wiki.wireshark.org/HubReference ) and I would probably compare prices before buying.
For my money, the Linksys EFAH05W 5-Port 10/100 Workgroup Hub looks to be best, coming in around $40-$45 and can still be found new. While the Netgear DS104 is a good, solid, reliable network hub that can be found used for about $100. Depending on your circumstances and what you can find on the net, you should be fine with either hub.

Linksys EFAH05WNetgear DS104
A USB BLUETOOTH ADAPTER
One of the more interesting tasks that a Penetration Tester will have before them is to perform either Bluetooth �eavesdropping� or �remote administration� of a Bluetooth device.
In order for us to perform these tasks, we need some software tools and a Bluetooth adapter to run that software through.
Now, you could just do a search through Amazon.com and pick yourself up any USB Bluetooth adapter and youd be able to perform any of the lessons we are going to run through for Bluetooth.
However, if you were to do that, youd miss out on one of the more fundamental lessons of hacking: the actual tearing apart and putting back together better than the original configuration.
When I was looking for a USB Bluetooth adapter, I ended up finding a handful of them available for about $2.99 and I picked up 3 for the exact purpose of tearing the plastic dongle apart. Bluetooth, after all, is a radio technology and whats the ability to eavesdrop on a Bluetooth conversation without giving yourself the ability to do so from some decent yardage? So, Im planning on showing how to take a USB Bluetooth adapter apart and solder on an antenna to allow for better distance.
So, definitely go for something that looks like this:


Rather than this:



THE REST
Grab yourself a couple of Ethernet cables (youll need three for proper sniffing) and grab yourself a couple of USB flash drives, you may need them for files you find while snooping around networks.
Thats about it, folks. Our Essential Hackers Toolkit is just about complete. There may be other components well add in here and there but for the most part, our kit is ready and now its time to start hacking!
First, were going to take a look at the overall methodology of running a Penetration Test and then well start to get into the nuts and bolts.

Comments

Post a Comment

Popular posts from this blog

Shaun White Skateboarding Offline Fix SKIDROW MediaFire

Image
Shaun White Skateboarding Offline Fix SKIDROW MediaFire Shaun White Skateboarding + Offline Fix SKIDROW | 6.03 GB Game info : Shaun White Skateboarding , a game that puts an innovative twist on the action-sports genre, is the latest offering in the award-winning franchise developed in collaboration with dual-sport super-athlete, Shaun White. The most ambitious instalment yet, Shaun White Skateboarding brings all the sensations of skateboarding to a wide audience making skate dreams possible and allowing players to transform a dull, lifeless city into their own extraordinary skating utopia. As players skate, they add colour, life and brilliance to the city by extending handrails into endless grinds, carving alleys into half pipes, morphing streets into ramps and much more. Players can skate their way, any way they want, to create their own customized skating world that can also be shared with friends. Shaun White Skateboarding empowers skaters to push the limits of what�s possible. F
Keep reading

2015 2016 Kwara State University KWASU Post UTME Result is out

Image
2015 2016 Kwara State University KWASU Post UTME Result is out This is to inform the general public and especially those that took part in 2015/2016 Kwara State University (KWASU) post-UTME/Screening exercise that their result have been released. You can access your 2015/2016 kwara state university post-UTME result through the school official website below. http://www.kwasu.edu.ng/. NOTE: Accessing your  2015/2016 Kwara State University (KWASU) post-UTME result does not require any scratch card and also help to circulate this information to your friends that took part in the exercise while you are waiting for the admission list....... BEST OF LUCK............
Keep reading