Why Does Wi-Foo Exist and for Whom Did We Write It?
Chapter 1. Real World Wireless Security
Why Do We Concentrate on 802.11 Security?
Getting a Grip on Reality: Wide Open 802.11 Networks Around Us
The Future of 802.11 Security: Is It as Bright as It Seems?
Why Are "They" After Your Wireless Network?
Wireless Crackers: Who Are They?
Corporations, Small Companies, and Home Users: Targets Acquired
Target Yourself: Penetration Testing as Your First Line of Defense
Chapter 3. Putting the Gear Together: 802.11 Hardware
Chapter 4. Making the Engine Run: 802.11 Drivers and Utilities
Operating System, Open Source, and Closed Source
The Engine: Chipsets, Drivers, and Commands
Getting Used to Efficient Wireless Interface Configuration
Chapter 5. Learning to WarDrive: Network Mapping and Site Surveying
Active Scanning in Wireless Network Discovery
Monitor Mode Network Discovery and Traffic Analysis Tools
Tools That Use the iwlist scan Command
RF Signal Strength Monitoring Tools
Chapter 6. Assembling the Arsenal: Tools of the Trade
Wireless Frame-Generating Tools
Wireless Encrypted Traffic Injection Tools: Wepwedgie
Access Point Management Utilities
Chapter 7. Planning the Attack
Site Survey Considerations and Planning
Proper Attack Timing and Battery Power Preservation
Stealth Issues in Wireless Penetration Testing
An Attack Sequence Walk-Through
A Short Fence to Climb: Bypassing Closed ESSIDs, MAC, and Protocols Filtering
Picking a Trivial Lock: Various Means of Cracking WEP
Picking the Trivial Lock in a Less Trivial Way: Injecting Traffic to Accelerate WEP Cracking
Field Observations in WEP Cracking
The Frame of Deception: Wireless Man-in-the-Middle Attacks and Rogue Access Points Deployment
The Last Resort: Wireless DoS Attacks
Chapter 9. Looting and Pillaging: The Enemy Inside
Step 1: Analyze the Network Traffic
Step 2: Associate to WLAN and Detect Sniffers
Step 3: Identify the Hosts Present and Perform Passive Operating System Fingerprinting
Step 4: Scan and Exploit Vulnerable Hosts on WLAN
Step 5: Take the Attack to the Wired Side
Step 6: Check Wireless-to-Wired Gateway Egress Filtering Rules
Chapter 10. Building the Citadel: An Introduction to Wireless LAN Defense
Wireless Security Policy: The Cornerstone
Layer 1 Wireless Security Basics
The Usefulness of WEP, Closed ESSIDs, MAC Filtering, and SSH Port Forwarding
Secure Wireless Network Positioning and VLANs
Deploying a Linux-Based, Custom-Built Hardened Wireless Gateway
Proprietary Improvements to WEP and WEP Usage
802.11i Wireless Security Standard and WPA: The New Hope
Chapter 11. Introduction to Applied Cryptography: Symmetric Ciphers
Introduction to Applied Cryptography and Steganography
Modern-Day Cipher Structure and Operation Modes
Bit by Bit: Streaming Ciphers and Wireless Security
Between DES and AES: Common Ciphers of the Transition Period
Selecting a Symmetric Cipher for Your Networking or Programming Needs
Dissecting an Example Standard One-Way Hash Function
Hash Functions, Their Performance, and HMACs
Asymmetric Cryptography: A Different Animal
Chapter 13. The Fortress Gates: User Authentication in Wireless Security
802.1x: The Gates to Your Wireless Fortress
NoCat: An Alternative Method of Wireless User Authentication
Chapter 14. Guarding the Airwaves: Deploying Higher-Layer Wireless VPNs
Why You Might Want to Deploy a VPN
VPN Topologies Review: The Wireless Perspective
Common VPN and Tunneling Protocols
Alternative VPN Implementations
The Main Player in the Field: IPSec Protocols, Operations, and Modes Overview
Deploying Affordable IPSec VPNs with FreeS/WAN
Chapter 15. Counterintelligence: Wireless IDS Systems
Categorizing Suspicious Events on WLANs
Examples and Analysis of Common Wireless Attack Signatures
Radars Up! Deploying a Wireless IDS Solution for Your WLAN
Appendix A. Decibel-Watts Conversion Table
Appendix B. 802.11 Wireless Equipment
Appendix C. Antenna Irradiation Patterns
Appendix D. Wireless Utilities Manpages
Appendix E. Signal Loss for Obstacle Types
Appendix G. Wireless Penetration Testing Template
Arhont Ltd Wireless Network Security and Stability Audit Checklist Template
4 Network security features present
5 Network problems / anomalies detected
6 Wireless penetration testing procedure
Appendix H. Default SSIDs for Several Common 802.11 Products