Sponsored By:


www.tenablesecurity.com


http://twitter.com/pauldotcom


http://www.facebook.com/group.php?gid=6678027341


www.youtube.com/pauldotcom




PaulDotCom Security Weekly - Episode 48 - October 12, 2006

By
Larry Pesce
on October 13, 2006 10:58 AM | | Comments (2)
Live from the PaulDotCom Security Weekly Studio....
  • Sponsored by Core Security, listen for the discount code at the end of the show
  • Sponsored by Syngress, be the first to post the answer to the question at the end of the show and win a free book!
  • Sponsored by Astaro, Astaro Security Gateway line of network security appliances. Listen to the show for a special offer!
  • Please go update our frapper map!
  • Want some cool PaulDotCom Gear? Do you hack naked? Check out our Cafepress Store!
  • Full Show Notes
Hosts: Larry "Uncle Larry" Pesce, Paul "PaulDotCom" Asadoorian, Nick "Twitchy" Depetrillo, Joe "Mr. C" Conlin
Email: psw@pauldotcom.com

Direct Audio Download

(Bandwidth provided by OSHEAN)

Audio Feeds:

Categories:

2 Comments

By Mike Loven on October 13, 2006 9:51 PM

The newer version of tcpreplay (>= 1.5beta6) can fake the conversion of a 802.11 packet dump to libpcap. more info here:
http://seclists.org/pen-test/2004/Jan/0089.html

By Jason Thacker on October 21, 2006 9:26 PM

There is a tool included with aircrack called airdecap:

http://www.aircrack-ng.org/doku.php?id=airdecap-ng

I believe its main purpose is to decrypt encrypted captures, but I believe it outputs them in a standard 802.1 pcap format. I have used it (at least the older one for Windows) and was able to read and filter the results in Ethereal.