The third very common 802.11 client card chipset is the Hermes chipset developed by Lucent. These cards have been on the market for years and are well-developed products boasting good receiving sensitivity and user-friendliness. Even though they do not provide firmware hopping on all ISM band channels like Cisco Aironet, they tend to identify the transmitting access point and assume the correct network ESSID and frequency automatically as soon as the wireless interface is up. Most Hermes chipset cards boast an external antenna connector, but they rarely come in pairs. These connectors seem to be superior to the MMCX connectors on Prism and Cisco Aironet cards; they are tighter and less prone to damage. A pigtail slipping out of the wireless card is highly annoying; we have never seen it with Hermes chipset card connectors and pigtails. Although Hermes chipset specifications are closed source and proprietary, Lucent did publish a piece of source code for controlling the basic functions of their WaveLAN/ORiNOCO cards. It is a pared-down version of the HCF library used in their Windows driver and their binary-only Linux driver. The code was not easy to read and integrated poorly into the Linux kernel, but proved to be useful when the old wvlan_cs driver was written. The currently used orinoco_cs driver is an improvement over the original wvlan_cs, but it still uses its higher level functions, whereas the low-level function support partially originates from the BSD wi driver for both Prism and Hermes chipset cards. A patch released by The Shmoo Group (http://airsnort.shmoo.com/orinocoinfo.html) enables you to put Hermes chipset cards into a monitoring mode for proper second layer 802.11 frames analysis. Although HostAP drivers do not work with the Hermes chipset cards, there is currently a HermesAP project that is still in an early development stage, but looks very promising. You can find more information about it at http://www.hunz.org/hermesap.html.
The bottom line is that with a little bit of driver patching, Hermes chipset cards are fine for full 802.11 penetration testing and might even have an advantage over their counterparts (except Cisco Aironet) when it comes to ease of use and configuration. Hermes chipset PCMCIA and CF cards include Buffalo PCMCIA, Dell Truemobile, IBM High Rate Wireless LAN card, Intel AnyPoint 802.11b, Lucent/Orinoco Silver and Gold, Lucent WaveACCESS, and Sony PCWA-C100.