لطفا منتظر باشید ...
Operating System, Open Source, and Closed Source
It is no secret that the majority of the techniques and methodologies we describe are based on open source (both GPL and Berkeley-licensed) software. There are several reasons for this. When doing anything related to wireless hacking (see the Introduction for our definition of hacking), you want to operate with "hackable" software you can modify and optimize for your specific needs and hardware at hand. This book is oriented toward wireless community activists and enthusiastic users as well as corporate professionals and security consultants, so we want to describe affordable techniques and solutions. Finally, as long as penetration testing is supposed to be looking at the network through the cracker's eyes, we should stick to the same methodology used by Black Hats. Do you really expect a cracker to use a copy of the latest $5,000 closed source wireless protocol analyzer? In addition, many of the "underground" attacking tools we describe have features no commercial product possesses; never underestimate the power of the Black Hat community. For example, there isn't a commercial wireless security auditingChapter 5. There are some brilliant exemptions, such as the Packetyzer/Ethereal for Windows combination. Somehow, these exemptions happen to be released under the GPL.
However, the approach taken in the "Defense" part of this book is different. As a security consultant or enthusiast, you might have the freedom and opportunity to select wireless security auditing hardware and software that suits you the best. As a system administrator or network manager, you have to defend what your company has by using existing resources, possibly without significant additional funds or available time. Thus, the defensive countermeasures are platform-independent and range from using free open source tools to deploying high-end commercial wireless gateways and IDS systems. For now, we review 802.11 configuration utilities and drivers from a Linux, and partially BSD, perspective with penetration testing in mind. If you are not a part of the UNIX world, don't worry. We tried to simplify the described methodologies as much as possible. Our apologies to seasoned UNIX hackers; you know which bits and pieces you can safely skip. We have aimed to provide an easy step-by-step installation, configuration, and usage instructions for all utilized tools and utilities.
