WiFoo..The.Secrets.of.Wireless.Hacking [Electronic resources] نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

جستجو بر اساس ... همه عنوان پدیدآور موضوع یادداشت تمام متن
اصطلاحنامه مجموعه ها مرورالفبایی لغت نامه دهخدا
جستجو در لغت نامه
بیشتر
کتابخانه شخصی پرسش از کتابدار ارسال منبع

WiFoo..The.Secrets.of.Wireless.Hacking [Electronic resources] - نسخه متنی

Andrew A. Vladimirov

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
میخواهم بخوانم
درحال خواندن
خوانده شده
ارسال به دوستان

آدرس پست الکترونیک گیرنده :

آدرس پست الکترونیک فرستنده :

نام و نام خانوارگی فرستنده :

پیغام برای گیرنده ( حداکثر 250 حرف ) :

کد امنیتی را وارد نمایید

ارسال
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
لیست موضوعات

Sitemap

Wi-Foo

Table of Contents

Copyright

Acknowledgments

About the Authors

Introduction

Why Does Wi-Foo Exist and for Whom Did We Write It?

What About the Funky Name?

How This Book Is Organized

Chapter 1. Real World Wireless Security

Why Do We Concentrate on 802.11 Security?

Getting a Grip on Reality: Wide Open 802.11 Networks Around Us

The Future of 802.11 Security: Is It as Bright as It Seems?

Summary

Chapter 2. Under Siege

Why Are "They" After Your Wireless Network?

Wireless Crackers: Who Are They?

Corporations, Small Companies, and Home Users: Targets Acquired

Target Yourself: Penetration Testing as Your First Line of Defense

Summary

Chapter 3. Putting the Gear Together: 802.11 Hardware

PDAs Versus Laptops

PCMCIA and CF Wireless Cards

Antennas

RF Amplifiers

RF Cables and Connectors

Summary

Chapter 4. Making the Engine Run: 802.11 Drivers and Utilities

Operating System, Open Source, and Closed Source

The Engine: Chipsets, Drivers, and Commands

Getting Used to Efficient Wireless Interface Configuration

Summary

Chapter 5. Learning to WarDrive: Network Mapping and Site Surveying

Active Scanning in Wireless Network Discovery

Monitor Mode Network Discovery and Traffic Analysis Tools

Tools That Use the iwlist scan Command

RF Signal Strength Monitoring Tools

Summary

Chapter 6. Assembling the Arsenal: Tools of the Trade

Encryption Cracking Tools

Wireless Frame-Generating Tools

Wireless Encrypted Traffic Injection Tools: Wepwedgie

Access Point Management Utilities

Summary

Chapter 7. Planning the Attack

The "Rig"

Network Footprinting

Site Survey Considerations and Planning

Proper Attack Timing and Battery Power Preservation

Stealth Issues in Wireless Penetration Testing

An Attack Sequence Walk-Through

Summary

Chapter 8. Breaking Through

The Easiest Way to Get in

A Short Fence to Climb: Bypassing Closed ESSIDs, MAC, and Protocols Filtering

Picking a Trivial Lock: Various Means of Cracking WEP

Picking the Trivial Lock in a Less Trivial Way: Injecting Traffic to Accelerate WEP Cracking

Field Observations in WEP Cracking

Cracking TKIP: The New Menace

The Frame of Deception: Wireless Man-in-the-Middle Attacks and Rogue Access Points Deployment

Breaking the Secure Safe

The Last Resort: Wireless DoS Attacks

Summary

Chapter 9. Looting and Pillaging: The Enemy Inside

Step 1: Analyze the Network Traffic

Step 2: Associate to WLAN and Detect Sniffers

Step 3: Identify the Hosts Present and Perform Passive Operating System Fingerprinting

Step 4: Scan and Exploit Vulnerable Hosts on WLAN

Step 5: Take the Attack to the Wired Side

Step 6: Check Wireless-to-Wired Gateway Egress Filtering Rules

Summary

Chapter 10. Building the Citadel: An Introduction to Wireless LAN Defense

Wireless Security Policy: The Cornerstone

Layer 1 Wireless Security Basics

The Usefulness of WEP, Closed ESSIDs, MAC Filtering, and SSH Port Forwarding

Secure Wireless Network Positioning and VLANs

Deploying a Linux-Based, Custom-Built Hardened Wireless Gateway

Proprietary Improvements to WEP and WEP Usage

802.11i Wireless Security Standard and WPA: The New Hope

Summary

Chapter 11. Introduction to Applied Cryptography: Symmetric Ciphers

Introduction to Applied Cryptography and Steganography

Modern-Day Cipher Structure and Operation Modes

Bit by Bit: Streaming Ciphers and Wireless Security

The Quest for AES

Between DES and AES: Common Ciphers of the Transition Period

Selecting a Symmetric Cipher for Your Networking or Programming Needs

Summary

Chapter 12. Cryptographic Data Integrity Protection, Key Exchange, and User Authentication Mechanisms

Cryptographic Hash Functions

Dissecting an Example Standard One-Way Hash Function

Hash Functions, Their Performance, and HMACs

Asymmetric Cryptography: A Different Animal

Summary

Chapter 13. The Fortress Gates: User Authentication in Wireless Security

RADIUS

Installation of FreeRADIUS

User Accounting

RADIUS Vulnerabilities

RADIUS-Related Tools

802.1x: The Gates to Your Wireless Fortress

LDAP

NoCat: An Alternative Method of Wireless User Authentication

Summary

Chapter 14. Guarding the Airwaves: Deploying Higher-Layer Wireless VPNs

Why You Might Want to Deploy a VPN

VPN Topologies Review: The Wireless Perspective

Common VPN and Tunneling Protocols

Alternative VPN Implementations

The Main Player in the Field: IPSec Protocols, Operations, and Modes Overview

Deploying Affordable IPSec VPNs with FreeS/WAN

Summary

Chapter 15. Counterintelligence: Wireless IDS Systems

Categorizing Suspicious Events on WLANs

Examples and Analysis of Common Wireless Attack Signatures

Radars Up! Deploying a Wireless IDS Solution for Your WLAN

Summary

Afterword

Appendix A. Decibel-Watts Conversion Table

Appendix B. 802.11 Wireless Equipment

Appendix C. Antenna Irradiation Patterns

Omni-Directionals:

Semi-Directionals:

Highly-directionals

Appendix D. Wireless Utilities Manpages

1 Iwconfig

2 Iwpriv

3 Iwlist

4 Wicontrol

5 Ancontrol

Appendix E. Signal Loss for Obstacle Types

Appendix F. Warchalking Signs

Original Signs

Proposed New Signs

Appendix G. Wireless Penetration Testing Template

Arhont Ltd Wireless Network Security and Stability Audit Checklist Template

1 Reasons for an audit

2 Preliminary investigations

3 Wireless site survey

4 Network security features present

5 Network problems / anomalies detected

6 Wireless penetration testing procedure

7 Final recommendations

Appendix H. Default SSIDs for Several Common 802.11 Products

Glossary

Index

index_SYMBOL

index_A

index_B

index_C

index_D

index_E

index_F

index_G

index_H

index_I

index_J

index_K

index_L

index_M

index_N

index_O

index_P

index_Q

index_R

index_S

index_T

index_U

index_V

index_W

index_X

index_Y

index_Z
توضیحات
افزودن یادداشت جدید





















Table of Contents



Index





Wi-Foo



By
Andrew A. Vladimirov, Konstantin V. Gavrilenko, Andrei A. Mikhailovsky


Publisher: Addison Wesley



Pub Date: June 28, 2004



ISBN: 0-321-20217-1



Pages: 592








The definitive guide to penetrating and defending wireless networks.



Straight from the field, this is the definitive guide to hacking wireless networks. Authored by world-renowned wireless security auditors, this hands-on, practical guide covers everything you need to attack -- or protect -- any wireless network.



The authors introduce the 'battlefield,' exposing today's 'wide open' 802.11 wireless networks and their attackers. One step at a time, you'll master the attacker's entire arsenal of hardware and software tools: crucial knowledge for crackers and auditors alike. Next, you'll learn systematic countermeasures for building hardened wireless 'citadels''including cryptography-based techniques, authentication, wireless VPNs, intrusion detection, and more.



Coverage includes:



Step-by-step walkthroughs and explanations of typical attacks





Building wireless hacking/auditing toolkit: detailed recommendations, ranging from discovery tools to chipsets and antennas





Wardriving: network mapping and site surveying





Potential weaknesses in current and emerging standards, including 802.11i, PPTP, and IPSec





Implementing strong, multilayered defenses





Wireless IDS: why attackers aren't as untraceable as they think





Wireless hacking and the law: what's legal, what isn't






If you're a hacker or security auditor, this book will get you in. If you're a netadmin, sysadmin, consultant, or home user, it will keep everyone else out.






/ 174