RE: Building a 'security consultant' laptop

> be used for security testing purposes (penetration testing, forensics,
> etc). Also planning to add a pcmcia wireless card (any recommended?

Forensics work is going to require quite a bit more then your standard laptop setup. You are going to need a scsi bus, ide bus, cdrw, dvdr,
dvdrw, zip drive, etc. You need to be able to acquire the data from the suspects storage medium and create an exact bit by bit copy of it.

Usually forensic folks lug around a mini tower with all sorts of goodies (and more) plugged in to make data acquisition easier.

I have run firewire, usb, and scsi pcmcia cards off my laptop in the past to gather forensic data and analyze it. It worked okay, but a luggable PC would have been a much better solution IMHO.

Regarding penetration testing - I would go with the latest of everything.. Redhat 9.0, Windows XP pro, etc. If you are going to be scanning for rouge access points (your need for a wireless card) You are going to have to buy two
cards.. an 802.11b and 802.11g. I would actually recommend buying a handheld Ipaq for wireless scanning (needs a pcmcia card) since trying to scan a corporate campus walking around with a notebook is a real pain. Brand wise..
go for a Lucent card (excellent signal strength) and buy/make an external antenna for it.

Mike

--
Michael Cunningham (CISSP, SCNA, SCSA, CCSA)


-------------------------------------------------------------------
Is SPAM over-loading your e-mail server, disk space or bandwidth?
SurfControl E-Mail Filter is flexible, intelligent and policy-driven
protection.
http://www.securityfocus.com/SurfControl-security-basics2
Download your free fully functional trial, complete with 30-days of free technical support.
Stop SPAM before it stops you.
-------------------------------------------------------------------