The iPAQ from Compaq is the leader among handheld devices with wireless functionality. The recommendations in this book are based on the iPAQ 3765, which will undoubtedly be updated regularly. The iPAQ runs Microsoft's Pocket PC 2002 operating system on a 206MHz Intel StrongArm 32-bit RISC processor. With up to 64MB of RAM, the iPAQ is formidable.
Although the base unit is more than adequate, you also have the capability to add expansion packs , or sleeves. These sleeves, shown in Figure 1.15, are add-ons that enhance the overall functionality of the iPAQ. There are many different sleeves available on the market today, which allows the iPAQ to make use of everything from PCMCIA and Compact Flash cards to IBM Micro drives and GPS devices. By using a sleeve, you can take the standard iPAQ and turn it into a wireless workstation. Because many devices use the PCMCIA standard, the PCMCIA sleeve (part number 173396-001) is probably the most functional one to own.
Figure 1.15. Expansion pack used by the Compaq iPAQ.
Figure 1.16 shows the Compaq iPAQ with the PCMCIA sleeve connected and a wireless card inserted into the sleeve. This setup will allow you to connect to various 802.11b networks and perform many functions, such as browsing Web pages (using the built-in version of Internet Explorer) or managing your remote network (using the Terminal Server application). With the addition of software such as NetForce by Ruksun or CENiffer by Epiphan Consulting (discussed in Chapter 10, "Pocket PC Hacking"), you can dramatically increase the overall functionality and usefulness of your iPAQ. Other software developers such as NetStumbler and Network Associates have created products with the iPAQ in mind. With its growing base of hardware and software add-ons, along with the increasing availability of wireless networks, the Compaq iPAQ will be a dominant force well into the future.
Figure 1.16. Compaq iPAQ with the PCMCIA Expansion Pack and wireless card.
Constructing Your Test Lab
Prior to deploying any live wireless equipment in your enterprise, we recommend that you create a lab and test everything. Similarly, a wireless security expert will need a test lab of her own for research and development. A wireless test lab is completely different from your ordinary computer lab. Your wireless lab cannot be confined to a specific space. It needs to be mobile, just like your users will be.
When testing for access point placement in your environment, there are several factors you need to consider. These factors are as follows :
Testing for coverage areas and deciding on placement locations can be a bit difficult, as it is difficult to bolt an access point to the ceiling and then constantly move it. Fortunately, we have come up with a better solution. Take a cart similar to those found in libraries and mount a telescoping pole to one of the sides. At the top of the pole, attach a flat piece of wood or plastic (not metal) that is big enough to hold the access point like a "ceiling," perpendicular to the ground. Offset the wood so that the access point can hang down without hitting the cart. Next, attach the access point upside down to the wood or plastic piece on the top of the pole. By raising the pole with the access point on top, you will place the access point at ceiling height and still be able to move it by pushing the cart.
On the cart should be a battery connected to an inverter, giving you a power source in which to plug the access point. By walking the floor with a laptop or PDA, you are able to test connectivity to the access point. We also recommended that you test not only the area you are attempting to cover, but also the surrounding areas. This will enable you to map wireless coverage that inadvertently "bleeds" beyond your perimeter.
Figure 1.17 shows an example of a lab that you might set up to test the performance and reliability of various pieces of hardware.
Figure 1.17. How to construct your wireless test lab.
The crosses in Figure 1.17 indicate optimal places to use a sniffer to monitor the network traffic. It is very important to know what is being sent ”and how it is being sent ”through the airwaves. Chapter 7, "Wireless Attacks," will go into more detail on wireless attack techniques.
The best type of lab configuration is one that will closely resemble your production environment. In addition, the lab should be flexible enough to allow you to test new products, and allow for future network expansions. And remember ”test everything!