لطفا منتظر باشید ...
• Table of Contents• IndexWi-FooBy Andrew A. Vladimirov, Konstantin V. Gavrilenko, Andrei A. Mikhailovsky Publisher: Addison WesleyPub Date: June 28, 2004ISBN: 0-321-20217-1Pages: 592
Copyright Acknowledgments About the Authors Introduction Why Does Wi-Foo Exist and for Whom Did We Write It? What About the Funky Name? How This Book Is Organized Chapter 1.
Real World Wireless Security
Why Do We Concentrate on 802.11 Security? Getting a Grip on Reality: Wide Open 802.11 Networks Around Us The Future of 802.11 Security: Is It as Bright as It Seems? Summary Chapter 2.
Under Siege
Why Are "They" After Your Wireless Network? Wireless Crackers: Who Are They? Corporations, Small Companies, and Home Users: Targets Acquired Target Yourself: Penetration Testing as Your First Line of Defense Summary Chapter 3.
Putting the Gear Together: 802.11 Hardware
PDAs Versus Laptops PCMCIA and CF Wireless Cards Antennas RF Amplifiers RF Cables and Connectors Summary Chapter 4.
Making the Engine Run: 802.11 Drivers and Utilities
Operating System, Open Source, and Closed Source The Engine: Chipsets, Drivers, and Commands Getting Used to Efficient Wireless Interface Configuration Summary Chapter 5.
Learning to WarDrive: Network Mapping and Site Surveying
Active Scanning in Wireless Network Discovery Monitor Mode Network Discovery and Traffic Analysis Tools Tools That Use the iwlist scan Command RF Signal Strength Monitoring Tools Summary Chapter 6.
Assembling the Arsenal: Tools of the Trade
Encryption Cracking Tools Wireless Frame-Generating Tools Wireless Encrypted Traffic Injection Tools: Wepwedgie Access Point Management Utilities Summary Chapter 7.
Planning the Attack
The "Rig" Network Footprinting Site Survey Considerations and Planning Proper Attack Timing and Battery Power Preservation Stealth Issues in Wireless Penetration Testing An Attack Sequence Walk-Through Summary Chapter 8.
Breaking Through
The Easiest Way to Get in A Short Fence to Climb: Bypassing Closed ESSIDs, MAC, and Protocols Filtering Picking a Trivial Lock: Various Means of Cracking WEP Picking the Trivial Lock in a Less Trivial Way: Injecting Traffic to Accelerate WEP Cracking Field Observations in WEP Cracking Cracking TKIP: The New Menace The Frame of Deception: Wireless Man-in-the-Middle Attacks and Rogue Access Points Deployment Breaking the Secure Safe The Last Resort: Wireless DoS Attacks Summary Chapter 9.
Looting and Pillaging: The Enemy Inside
Step 1: Analyze the Network Traffic Step 2: Associate to WLAN and Detect Sniffers Step 3: Identify the Hosts Present and Perform Passive Operating System Fingerprinting Step 4: Scan and Exploit Vulnerable Hosts on WLAN Step 5: Take the Attack to the Wired Side Step 6: Check Wireless-to-Wired Gateway Egress Filtering Rules Summary Chapter 10.
Building the Citadel: An Introduction to Wireless LAN Defense
Wireless Security Policy: The Cornerstone Layer 1 Wireless Security Basics The Usefulness of WEP, Closed ESSIDs, MAC Filtering, and SSH Port Forwarding Secure Wireless Network Positioning and VLANs Deploying a Linux-Based, Custom-Built Hardened Wireless Gateway Proprietary Improvements to WEP and WEP Usage 802.11i Wireless Security Standard and WPA: The New Hope Summary Chapter 11.
Introduction to Applied Cryptography: Symmetric Ciphers
Introduction to Applied Cryptography and Steganography Modern-Day Cipher Structure and Operation Modes Bit by Bit: Streaming Ciphers and Wireless Security The Quest for AES Between DES and AES: Common Ciphers of the Transition Period Selecting a Symmetric Cipher for Your Networking or Programming Needs Summary Chapter 12.
Cryptographic Data Integrity Protection, Key Exchange, and User Authentication Mechanisms
Cryptographic Hash Functions Dissecting an Example Standard One-Way Hash Function Hash Functions, Their Performance, and HMACs Asymmetric Cryptography: A Different Animal Summary Chapter 13.
The Fortress Gates: User Authentication in Wireless Security
RADIUS Installation of FreeRADIUS User Accounting RADIUS Vulnerabilities RADIUS-Related Tools 802.1x: The Gates to Your Wireless Fortress LDAP NoCat: An Alternative Method of Wireless User Authentication Summary Chapter 14.
Guarding the Airwaves: Deploying Higher-Layer Wireless VPNs
Why You Might Want to Deploy a VPN VPN Topologies Review: The Wireless Perspective Common VPN and Tunneling Protocols Alternative VPN Implementations The Main Player in the Field: IPSec Protocols, Operations, and Modes Overview Deploying Affordable IPSec VPNs with FreeS/WAN Summary Chapter 15.
Counterintelligence: Wireless IDS Systems
Categorizing Suspicious Events on WLANs Examples and Analysis of Common Wireless Attack Signatures Radars Up! Deploying a Wireless IDS Solution for Your WLAN Summary Afterword Appendix A.
DecibelWatts Conversion Table
Appendix B.
802.11 Wireless Equipment
Appendix C.
Antenna Irradiation Patterns
Omni-Directionals: Semi-Directionals: Highly-directionals Appendix D.
Wireless Utilities Manpages
Section 1.
Iwconfig
Section 2.
Iwpriv
Section 3.
Iwlist
Section 4.
Wicontrol
Section 5.
Ancontrol
Appendix E.
Signal Loss for Obstacle Types
Appendix F.
Warchalking Signs
Original Signs Proposed New Signs Appendix G.
Wireless Penetration Testing Template
Arhont Ltd Wireless Network Security and Stability Audit Checklist Template Section 1.
Reasons for an audit
Section 2.
Preliminary investigations
Section 3.
Wireless site survey
Section 4.
Network security features present
Section 5.
Network problems / anomalies detected
Section 6.
Wireless penetration testing procedure
Section 7.
Final recommendations
Appendix H.
Default SSIDs for Several Common 802.11 Products
Glossary
Index