Ordinary people see the means of victory but do not know the forms by which to ensure victory. -The Art of War Chapter 4: Formation

Am digging into my inner wireless geek this month as well. This means buying a little bit more hardware. Most of this stuff is best available on eBay and I plan to get my hands on some of these things soon.

Orinoco Classic Gold wireless PCMCIA card x2
Sharp Zaurus SL-6000
AmbiCom compact flash wireless card (or similar)

The Sharp Zaurus runs on Linux and has internal wireless. This means I can run Kismet on it. I already have an older Dell Axim X5 that I picked up at my old job and totally forgot I still had (and if I want another one for some reason, they seem dirt cheap on eBay). It has no internal wireless and runs Windows PocketPC, but I can put the compact flash wireless in this guy and get it to run. It also gives me the ability to run Ministumbler if I wanted to. I’d rather use Kismet and the Zaurus, but I got lucky in already possessing a little-used Axim.

Now, why would I want both Kismet and Ministumbler? First, some people simply respond better or worse to Linux or Windows. If I don’t want to show someone how to do wireless tricks, I’ll glaze their eyes over with Linux. If I’m looking to impress a gir…err…a manager with pretty colors and graphs so they spend money on or for me, I may get better results on Windows and Ministumbler. Second, Ministumbler is an active recon tool, so it will only see networks that have the SSID broadcast. Kismet is passive. While it will see non-broadcast SSID networks, I’m not yet sure how it sees them if there is no traffic on them..

Now I just need to pick out a GPS unit (I don’t want to spend much, I’m not an extreme outdoorsman who needs something amazing) and possibly decide if I want to explore an external antenna or hold off on that. All told, I don’t expect to spend more than $60 on the wireless cards and maybe $200 on the Zaurus.

Also just saw this 2-part article on SecurityFocus about wireless forensics.