Poised Solutions Tech Library

WI-FOO

WI-FOO Author: Andrew A. Vladimirov Konstantin V. Gavrilenko Andrei A. Mikhailovsky Publisher: Addison-Wesley Published: 2004 Pages: 553

WI-FOO

WI-FOO Chapters

WI-FOO Chapters

1. Real World Wireless Security
   • Why Do We Concentrate on 802.11 Security?
   • Getting a Grip on Reality: Wide Open 802.11 Networks Around Us
   • The Future of 802.11 Security: Is it as Bright as It Seems?
   • Summary
2. Under Siege
   • Why Are 'They' After Your Wireless Network?
   • Wireless Crackers: Who Are They?
   • Corporations, Small Companies, and Home users: Targets Acquired
   • Target Yourself: Penetration Testing as Your First Line of Defense
   • Summary
3. Putting the Gear Together: 802.11 Hardware
   • PDAs Versus Laptops
   • PCMCIA and CF Wireless Cards
   • Antennas
   • RF Amplifiers
   • RF Cables and Connectors
   • Summary
4. Making the Engine Run: 802.11 Drivers and Utilities
   • Operating System, Open Source and Close Source
   • The Engine: Chipsets, Drivers, and Commands
   • Getting Used to efficient Wireless Interface Configuration
   • Summary
5. Learning to WarDrive: Network Mapping and Site Surveying
   • Active Scanning in Wireless Network Discovery
   • Monitor Mode Network Discovery and traffic Analysis Tools
   • Tools That Use the iwlist scan Command
   • RF Signal Strength Monitoring Tools
   • Summary
6. Assembling the Arsenal: Tools of the Trade
   • Encryption Cracking Tools
   • Wireless Frame-Generating Tools
   • Wireless Encrypted Traffic Injection Tools: Wepwedgie
   • Access Point Management Utilities
   • Summary
7. Planning the Attack
   • The 'Rig'
   • Network Footprinting
   • Site Survey Considerations and Planning
   • Proper Attack Timing and Battery Power Preservation
   • Stealth Issues in Wireless Penetration testing
   • An Attack Sequence Walk Through
   • Summary
8. Breaking Through
   • The Easiest Way to Get in
   • A Short Fence to Climb: Bypassing Closed ESSIDs
   • Picking a Trivial Lock: Various Means of Cracking WEP
   • Picking the Trivial Lock in a Less Trivial Way
   • Field Observations in WEP Cracking
   • Cracking TKIP: The New Menace
   • The Frame of Deception: Wireless Main-in-the-Middle Attacks and Rogue Access Points Deployment
   • Breaking the Secure Safe
   • The Last resort: Wireless DoS Attacks
   • Summary
9. Looting and Pillage: The Enemy Inside
   • Step 1: Analyze the Network traffic
   • Step 2: Associate to WLAN and Detect Sniffers
   • Step 3: Identify the Hosts Present and Perform Passive Operating System Fingerprinting
   • step 4: Scan and Exploit Vulnerable hosts on WLAN
   • Step 5: Take the Attack to the Wired Side
   • Step 6: Check Wireless-to-Wired Gateway Egress Filtering Rules
   • Summary
10. Building the Citadel: An Introduction to Wireless LAN Defense
    • Wireless Security Policy: The Cornerstone
    • Layer 1 Wireless Security Basics
    • The Usefulness of WEP, Closed ESSIDs, MAC Filtering, and SSH Port Forwarding
    • Secure Wireless Network Positioning and VLANs
    • Developing a Linux-Based, Custom-Built Hardened Wireless Gateway
    • Proprietary Improvements to WEP and WEP Usage
    • 802.11i Wireless Security Standard and WPA: The New Hope
11. Introduction to Applied Cryptography and Symmetric Ciphers
    • Introduction to Applied Cryptography and Steganography
    • Modern-Day Cipher Structure and Operation Modes
    • Bit by Bit: Streaming Ciphers and Wireless Security
    • The Quest for AES
    • Between DES and AES: Common Ciphers of the Transition Period
    • Selecting a Symmetric Cipher for Your Networking or Programming Needs
    • Summary
12. Cryptographic Data Integrity Protection, Key Exchange and User Authentication Mechanisms
    • Cryptographic Hash Functions
    • Dissecting an Example Standard One-Way Hash Function
    • Hash Functions, Their Performance, and HMACs
    • Asymmetric Cryptography: A Different Animal
    • Summary
13. The Fortress Gates: User Authentication in Wireless Security
    • RADIUS
    • Installation of FreeRADIUS
    • User Accounting
    • RADIUS Vulnerabilities
    • RADIUS Related Tools
    • 802.1x: The Gates to Your Wireless Fortress
    • LDAP
    • NoCat: an Alternative Method of Wireless
    • Summary
14. Guarding the Airwaves: Deploying Higher-Layer Wireless VPNS
    • Why You Might Want to Deploy a VPN
    • VPN Topologies Review: The Wireless Perspective
    • Common VPN and Tunneling Protocols
    • Alternative VPN Implementations
    • The Main Player in the Field: IPSec Protocols
    • Deploying Affordable IPsec VPNs with FreeS/WAN
    • Summary
15. Counterintelligence: Wireless IDS Systems
    • Categorizing Suspicious Events on WLANs
    • Examples and Analysis of Common Wireless Attack Signatures
    • Radars Up! Deploying a Wireless IDS Solution for Your WLAN
    • Summary
    • Afterword

WI-FOO Appendices

1. Decibel-Watts Conversion Table
2. 802.11 Wireless Equipment
3. Antenna Irradiation Patterns
   • Omni-Directionals
   • Semi-Directionals
   • Highly-Directionals
4. Wireless Utilities Manpages
   • Iwconfig
   • Iwpriv
   • Iwlist
   • Wicontrol
   • Ancontrol
5. Signal Loss for Obstacle Types
6. Warchalking Signs
   • Original Signs
   • Proposed New Signs
7. Wireless Penetration Testing Template
   • Arhont Ltd Wireless Network Security and Stability Audit Checklist Template
   • 1 Reasons for an audit
   • 2 Preliminary investigations
   • 3 Wireless site survey
   • 4 Network security features present
   • 5 Network problems / anomalies detected
   • 6 Wireless penetration testing procedure
   • 7 Final recommendations
8. Default SSIDs for Several Common 802.11 Products
9. Glossary
10. Index