WiFoo..The.Secrets.of.Wireless.Hacking [Electronic resources] نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

اصطلاحنامه مجموعه ها مرورالفبایی لغت نامه دهخدا

➟

جستجو در لغت نامه

بیشتر

کتابخانه شخصی پرسش از کتابدار ارسال منبع

WiFoo..The.Secrets.of.Wireless.Hacking [Electronic resources] - نسخه متنی

Andrew A. Vladimirov

| ،

افزودن به کتابخانه شخصی

میخواهم بخوانم

درحال خواندن

خوانده شده

ارسال به دوستان

آدرس پست الکترونیک گیرنده :

آدرس پست الکترونیک فرستنده :

نام و نام خانوارگی فرستنده :

پیغام برای گیرنده ( حداکثر 250 حرف ) :

کد امنیتی را وارد نمایید

ارسال

جستجو در متن کتاب

بیشتر

تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب

➟

جستجو در لغت نامه

بیشتر

لیست موضوعات

Sitemap

Table of Contents

Acknowledgments

About the Authors

Why Does Wi-Foo Exist and for Whom Did We Write It?

What About the Funky Name?

How This Book Is Organized

Chapter 1. Real World Wireless Security

Why Do We Concentrate on 802.11 Security?

Getting a Grip on Reality: Wide Open 802.11 Networks Around Us

The Future of 802.11 Security: Is It as Bright as It Seems?

Chapter 2. Under Siege

Why Are "They" After Your Wireless Network?

Wireless Crackers: Who Are They?

Corporations, Small Companies, and Home Users: Targets Acquired

Target Yourself: Penetration Testing as Your First Line of Defense

Chapter 3. Putting the Gear Together: 802.11 Hardware

PDAs Versus Laptops

PCMCIA and CF Wireless Cards

RF Cables and Connectors

Chapter 4. Making the Engine Run: 802.11 Drivers and Utilities

Operating System, Open Source, and Closed Source

The Engine: Chipsets, Drivers, and Commands

Getting Used to Efficient Wireless Interface Configuration

Chapter 5. Learning to WarDrive: Network Mapping and Site Surveying

Active Scanning in Wireless Network Discovery

Monitor Mode Network Discovery and Traffic Analysis Tools

Tools That Use the iwlist scan Command

RF Signal Strength Monitoring Tools

Chapter 6. Assembling the Arsenal: Tools of the Trade

Encryption Cracking Tools

Wireless Frame-Generating Tools

Wireless Encrypted Traffic Injection Tools: Wepwedgie

Access Point Management Utilities

Chapter 7. Planning the Attack

Network Footprinting

Site Survey Considerations and Planning

Proper Attack Timing and Battery Power Preservation

Stealth Issues in Wireless Penetration Testing

An Attack Sequence Walk-Through

Chapter 8. Breaking Through

The Easiest Way to Get in

A Short Fence to Climb: Bypassing Closed ESSIDs, MAC, and Protocols Filtering

Picking a Trivial Lock: Various Means of Cracking WEP

Picking the Trivial Lock in a Less Trivial Way: Injecting Traffic to Accelerate WEP Cracking

Field Observations in WEP Cracking

Cracking TKIP: The New Menace

The Frame of Deception: Wireless Man-in-the-Middle Attacks and Rogue Access Points Deployment

Breaking the Secure Safe

The Last Resort: Wireless DoS Attacks

Chapter 9. Looting and Pillaging: The Enemy Inside

Step 1: Analyze the Network Traffic

Step 2: Associate to WLAN and Detect Sniffers

Step 3: Identify the Hosts Present and Perform Passive Operating System Fingerprinting

Step 4: Scan and Exploit Vulnerable Hosts on WLAN

Step 5: Take the Attack to the Wired Side

Step 6: Check Wireless-to-Wired Gateway Egress Filtering Rules

Chapter 10. Building the Citadel: An Introduction to Wireless LAN Defense

Wireless Security Policy: The Cornerstone

Layer 1 Wireless Security Basics

The Usefulness of WEP, Closed ESSIDs, MAC Filtering, and SSH Port Forwarding

Secure Wireless Network Positioning and VLANs

Deploying a Linux-Based, Custom-Built Hardened Wireless Gateway

Proprietary Improvements to WEP and WEP Usage

802.11i Wireless Security Standard and WPA: The New Hope

Chapter 11. Introduction to Applied Cryptography: Symmetric Ciphers

Introduction to Applied Cryptography and Steganography

Modern-Day Cipher Structure and Operation Modes

Bit by Bit: Streaming Ciphers and Wireless Security

The Quest for AES

Between DES and AES: Common Ciphers of the Transition Period

Selecting a Symmetric Cipher for Your Networking or Programming Needs

Chapter 12. Cryptographic Data Integrity Protection, Key Exchange, and User Authentication Mechanisms

Cryptographic Hash Functions

Dissecting an Example Standard One-Way Hash Function

Hash Functions, Their Performance, and HMACs

Asymmetric Cryptography: A Different Animal

Chapter 13. The Fortress Gates: User Authentication in Wireless Security

Installation of FreeRADIUS

User Accounting

RADIUS Vulnerabilities

RADIUS-Related Tools

802.1x: The Gates to Your Wireless Fortress

NoCat: An Alternative Method of Wireless User Authentication

Chapter 14. Guarding the Airwaves: Deploying Higher-Layer Wireless VPNs

Why You Might Want to Deploy a VPN

VPN Topologies Review: The Wireless Perspective

Common VPN and Tunneling Protocols

Alternative VPN Implementations

The Main Player in the Field: IPSec Protocols, Operations, and Modes Overview

Deploying Affordable IPSec VPNs with FreeS/WAN

Chapter 15. Counterintelligence: Wireless IDS Systems

Categorizing Suspicious Events on WLANs

Examples and Analysis of Common Wireless Attack Signatures

Radars Up! Deploying a Wireless IDS Solution for Your WLAN

Appendix A. Decibel-Watts Conversion Table

Appendix B. 802.11 Wireless Equipment

Appendix C. Antenna Irradiation Patterns

Omni-Directionals:

Semi-Directionals:

Highly-directionals

Appendix D. Wireless Utilities Manpages

Appendix E. Signal Loss for Obstacle Types

Appendix F. Warchalking Signs

Proposed New Signs

Appendix G. Wireless Penetration Testing Template

Arhont Ltd Wireless Network Security and Stability Audit Checklist Template

1 Reasons for an audit

2 Preliminary investigations

3 Wireless site survey

4 Network security features present

5 Network problems / anomalies detected

6 Wireless penetration testing procedure

7 Final recommendations

Appendix H. Default SSIDs for Several Common 802.11 Products

توضیحات

افزودن یادداشت جدید

Summary

The available number of useful wireless security auditing tools is staggering. Even better, the majority of the most powerful tools are open source and free, which allows you to experiment with them as much as you like and modify the source to suit your specific requirements. If you are a software developer, you most likely won't need to write your new wireless security tool or library from scratch; there is a fair amount of great code you can use and learn from. Study, categorize, and update your wireless penetration-testing armory with great care and attention. Always remember that Black Hats can use the same tools and they do know why, when, and how to use them. Outlining the planning and sequence of a successful attack against an 802.11 network to understand the "why, when, and how" is the main aim of the next two chapters.