Discovery
In this phase, the aim is to identify and apply characteristics to the wireless devices and wireless networks within the scope.
All the techniques to perform these have been laid out in the previous chapters but, in brief, the aim is to:
Enumerate visible and hidden wireless networks in the area
Enumerate devices in the area, along with those connected to the targeted networks
Map the range of the networks, where they are reachable from and whether there are places a malicious individual could operate from to perform an attack, for example, a cafe.
All of this information should be recorded. If the test is limited to the performance of reconnaissance only, the test will end here, and the tester will attempt to draw conclusions based on this information. Some statements that would be useful to a client are be as follows:
The number of devices that have associations with open networks and the corporate network
The number of devices that have networks that can be linked to locations through...