Wireless Hacks. 1917 IndustrialStrength Tips and Tools [Electronic resources] نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

جستجو بر اساس ... همه عنوان پدیدآور موضوع یادداشت تمام متن
اصطلاحنامه مجموعه ها مرورالفبایی لغت نامه دهخدا
جستجو در لغت نامه
بیشتر
کتابخانه شخصی پرسش از کتابدار ارسال منبع

Wireless Hacks. 1917 IndustrialStrength Tips and Tools [Electronic resources] - نسخه متنی

Rob Flickenger

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
میخواهم بخوانم
درحال خواندن
خوانده شده
ارسال به دوستان

آدرس پست الکترونیک گیرنده :

آدرس پست الکترونیک فرستنده :

نام و نام خانوارگی فرستنده :

پیغام برای گیرنده ( حداکثر 250 حرف ) :

کد امنیتی را وارد نمایید

ارسال
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
لیست موضوعات

Sitemap

Main Page

Table of content

Copyright

Credits

About the Author

Contributors

Acknowledgments

Foreword

Preface

Why Wireless Hacks?

How to Use This Book

How This Book Is Organized

Conventions Used in This Book

How to Contact Us

Chapter 1. The Standards

1.1 Hacks #1-12

Hack 1 802.11: The Mother of All IEEE Wireless Ethernet

Hack 2 802.11a: The Betamax of the 802.11 Family

Hack 3 802.11b: The De Facto Standard

Hack 4 802.11g: Like 802.11b, only Faster

Hack 5 802.16: Long Distance Wireless Infrastructure

Hack 6 Bluetooth: Cable Replacement for Devices

Hack 7 900 MHz: Low Speed, Better Coverage

Hack 8 CDPD, 1xRTT, and GPRS: Cellular Data Networks

Hack 9 FRS and GMRS: Super Walkie-Talkies

Hack 10 802.1x: Port Security for Network Communications

Hack 11 HPNA and Powerline Ethernet

Hack 12 BSS Versus IBSS

Chapter 2. Bluetooth and Mobile Data

2.1 Hacks #13-19

Hack 13 Remote Control OS X with a Sony Ericsson Phone

Hack 14 SMS with a Real Keyboard

Hack 15 Photo Blog Automatically with the Nokia 3650

Hack 16 Using Bluetooth with Linux

Hack 17 Bluetooth to GPRS in Linux

Hack 18 Bluetooth File Transfers in Linux

Hack 19 Controlling XMMS with Bluetooth

Chapter 3. Network Monitoring

3.1 Hacks #20-42

Hack 20 Find All Available Wireless Networks

Hack 21 Network Discovery Using NetStumbler

Hack 22 Network Detection on Mac OS X

Hack 23 Detecting Networks Using Handheld PCs

Hack 24 Passive Scanning with KisMAC

Hack 25 Establishing Connectivity

Hack 26 Quickly Poll Wireless Clients with ping

Hack 27 Finding Radio Manufacturers by MAC Address

Hack 28 Rendezvous Service Advertisements in Linux

Hack 29 Advertising Arbitrary Rendezvous Services in OS X

Hack 30 'Brought to you by' Rendezvous Ad Redirector

Hack 31 Detecting Networks with Kismet

Hack 32 Running Kismet on Mac OS X

Hack 33 Link Monitoring in Linux with Wavemon

Hack 34 Historical Link State Monitoring

Hack 35 EtherPEG and DriftNet

Hack 36 Estimating Network Performance

Hack 37 Watching Traffic with tcpdump

Hack 38 Visual Traffic Analysis with Ethereal

Hack 39 Tracking 802.11 Frames in Ethereal

Hack 40 Interrogating the Network with nmap

Hack 41 Network Monitoring with ngrep

Hack 42 Running ntop for Real-Time Network Stats

Chapter 4. Hardware Hacks

4.1 Hacks #43-69

Hack 43 Add-on Laptop Antennas

Hack 44 Increasing the Range of a Titanium PowerBook

Hack 45 WET11 Upgrades

Hack 46 AirPort Linux

Hack 47 Java Configurator for AirPort APs

Hack 48 Apple Software Base Station

Hack 49 Adding an Antenna to the AirPort

Hack 50 The NoCat Night Light

Hack 51 Do-It-Yourself Access Point Hardware

Hack 52 Compact Flash Hard Drive

Hack 53 Pebble

Hack 54 Tunneling: IPIP Encapsulation

Hack 55 Tunneling: GRE Encapsulation

Hack 56 Running Your Own Top-Level Domain

Hack 57 Getting Started with Host AP

Hack 58 Make Host AP a Layer 2 Bridge

Hack 59 Bridging with a Firewall

Hack 60 MAC Filtering with Host AP

Hack 61 Hermes AP

Hack 62 Microwave Cabling Guide

Hack 63 Microwave Connector Reference

Hack 64 Antenna Guide

Hack 65 Client Capability Reference Chart

Hack 66 Pigtails

Hack 67 802.11 Hardware Suppliers

Hack 68 Home-Brew Power over Ethernet

Hack 69 Cheap but Effective Roof Mounts

Chapter 5. Do-It-Yourself Antennas

5.1 Hacks #70-79

Hack 70 Deep Dish Cylindrical Parabolic Reflector

Hack 71 'Spider' Omni

Hack 72 Pringles Can Waveguide

Hack 73 Pirouette Can Waveguide

Hack 74 Primestar Dish with Waveguide Feed

Hack 75 BiQuad Feed for Primestar Dish

Hack 76 Cut Cable Omni Antenna

Hack 77 Slotted Waveguides

Hack 78 The Passive Repeater

Hack 79 Determining Antenna Gain

Chapter 6. Long Distance Links

6.1 Hacks #80-85

Hack 80 Establishing Line of Sight

Hack 81 Calculating the Link Budget

Hack 82 Aligning Antennas at Long Distances

Hack 83 Slow Down to Speed Up

Hack 84 Taking Advantage of Antenna Polarization

Hack 85 Map the Wireless Landscape with NoCat Maps

Chapter 7. Wireless Security

7.1 Hacks #86-100

Hack 86 Making the Best of WEP

Hack 87 Dispel the Myth of Wireless Security

Hack 88 Cracking WEP with AirSnort: The Easy Way

Hack 89 NoCatAuth Captive Portal

Hack 90 NoCatSplash and Cheshire

Hack 91 Squid Proxy over SSH

Hack 92 SSH SOCKS 4 Proxy

Hack 93 Forwarding Ports over SSH

Hack 94 Quick Logins with SSH Client Keys

Hack 95 'Turbo-Mode' SSH Logins

Hack 96 OpenSSH on Windows Using Cygwin

Hack 97 Location Support for Tunnels in OS X

Hack 98 Using vtun over SSH

Hack 99 Automatic vtund.conf Generator

Hack 100 Tracking Wireless Users with arpwatch

Appendix A. Deep Dish Parabolic Reflector Template

Colophon

Index

Index SYMBOL

Index A

Index B

Index C

Index D

Index E

Index F

Index G

Index H

Index I

Index J

Index K

Index L

Index M

Index N

Index O

Index P

Index R

Index S

Index T

Index U

Index V

Index W

Index X

Index Y

Index Z

توضیحات
افزودن یادداشت جدید












Hack 88 Cracking WEP with AirSnort: The Easy Way




Use a dictionary attack to test the security of
your WEP key.



While widely publicized for its
ability to crack a WEP key in real time by attacking weaknesses in
the implementation, AirSnort requires a potentially large amount of
data to be gathered before the attack is successful. AirSnort also
comes with a largely unknown utility that will perform a dictionary
attack on a relatively tiny sampling of network traffic.


Using the aptly named
decrypt utility, you can attempt to decrypt a
WEP stream by trying a list of potential candidates from a word list.
This attack can be carried out in a matter of minutes, rather than
the hours that would be required to collect the large traffic samples
needed to interpolate a WEP key.


To use the decrypt utility, you first need a
packet dump from a utility that can capture raw 802.11 frames (such
as Kismet [Hack #31]). You will also
need a list of suitable candidates, namely words that are either 5 or
13 characters long (for 40-bit or 104-bit WEP respectively). Invoke
the utility like this:


# decrypt -f /usr/dict/words -m 00:02:2D:27:D9:22 -e encrypted.dump -d [RETURN]
out.dump
Found key: Hex - 61:6c:6f:68:61, ASCII - "aloha"


Notice that you also need to specify the BSSID of the network you
wish to attempt to decrypt. In this case, the BSSID is the same as
the MAC address of the AP, but can be set to virtually anything. You
can obtain this field from the Info pane inside Kismet when capturing
the data [Hack #31]. If successful,
the decrypt utility displays the WEP key, decrypts the entire stream
(specified by the -e switch), and saves it to a
file of your choice (specified by the -d switch).


This output file is suitable for import into any standard
packet-analysis tool, such as tcpdump ([Hack #37]) or Etherereal [Hack #39].


Of course, this attack succeeds only if the WEP key actually appears
in your list of words to try. Unix password crackers have
developed utilities over the years that will not only try words from
the dictionary, but will try common (and even unusual) variations on
these words until a match is found. The use of these tools is left as
an exercise to whatever demented individuals find it worth their
while to do so.


Again, the point of this hack isn't to encourage you
to go around breaking into people's networks, but to
stress the importance of strong encryption and proper network
configuration. It is just plain foolish to expect WEP to answer all
of your security needs when tools like AirSnort so easily demonstrate
its inherent weaknesses.


You can download AirSnort
from http://airsnort.shmoo.com/.
There is also a wealth of information there about passive monitoring,
WEP implementations, and wireless security in general.



/ 158