Hacking Wireless Networks For Dummies,9780764597305

Hacking Wireless Networks For Dummies

by ; ;
Edition: 1st
ISBN13: 9780764597305
ISBN10: 0764597302
Format: Paperback
Pub. Date: 2005-09-13
Publisher(s): For Dummies
List Price: $34.99

Buy New

Usually Ships in 8 - 10 Business Days.
$34.96
Add to Cart

Rent Book

Select for Price
Add to Cart
There was a problem. Please try again later.

Used Book

We're Sorry
Sold Out

eBook

We're Sorry
Not Available

Buy from our Marketplace starting at $2.83

How Marketplace Works:

  • This item is offered by an independent seller and not shipped from our warehouse
  • Item details like edition and cover design may differ from our description; see seller's comments before ordering.
  • Sellers much confirm and ship within two business days; otherwise, the order will be cancelled and refunded.
  • Marketplace purchases cannot be returned to eCampus.com. Contact the seller directly for inquiries; if no response within two days, contact customer service.
  • Additional shipping costs apply to Marketplace purchases. Review shipping costs at checkout.

Summary

Become a cyber-hero - know the common wireless weaknesses "Reading a book like this one is a worthy endeavor toward becoming an experienced wireless security professional." --Devin Akin - CTO, The Certified Wireless Network Professional (CWNP) Program Wireless networks are so convenient - not only for you, but also for those nefarious types who'd like to invade them. The only way to know if your system can be penetrated is to simulate an attack. This book shows you how, along with how to strengthen any weak spots you find in your network's armor. Discover how to: Perform ethical hacks without compromising a system Combat denial of service and WEP attacks Understand how invaders think Recognize the effects of different hacks Protect against war drivers and rogue devices

Author Biography

Kevin Beaver, CISSP, is a 16-year specialist in security assessments and incident response.

Peter T. Davis, CISSP, has worked with information systems audits and security for 24 years.

Table of Contents

Foreword xvii
Introduction 1(1)
Who Should Read This Book?
2(1)
About This Book
2(1)
How to Use This Book
2(1)
Foolish Assumptions
3(1)
How This Book Is Organized
3(2)
Part I: Building the Foundation for Testing Wireless Networks
4(1)
Part II: Getting Rolling with Common Wi-Fi Hacks
4(1)
Part III: Advanced Wi-Fi Hacks
4(1)
Part IV: The Part of Tens
5(1)
Part V: Appendixes
5(1)
Icons Used in This Book
5(1)
Where to Go from Here
6(1)
Part I: Building the Foundation for Testing Wireless Networks
7(58)
Introduction to Wireless Hacking
9(10)
Why You Need to Test Your Wireless Systems
10(5)
Knowing the dangers your systems face
11(1)
Understanding the enemy
12(2)
Wireless-network complexities
14(1)
Getting Your Ducks in a Row
15(1)
Gathering the Right Tools
16(1)
To Protect, You Must Inspect
17(2)
Non-technical attacks
17(1)
Network attacks
18(1)
Software attacks
18(1)
The Wireless Hacking Process
19(12)
Obeying the Ten Commandments of Ethical Hacking
19(7)
Thou shalt set thy goals
20(1)
Thou shalt plan thy work, lest thou go off course
21(1)
Thou shalt obtain permission
21(1)
Thou shalt work ethically
22(1)
Thou shalt keep records
22(1)
Thou shalt respect the privacy of others
23(1)
Thou shalt do no harm
23(1)
Thou shalt use a ``scientific'' process
24(1)
Thou shalt not covet thy neighbor's tools
24(1)
Thou shalt report all thy findings
25(1)
Understanding Standards
26(5)
Using ISO 17799
26(1)
Using CobiT
27(1)
Using SSE-CMM
27(1)
Using ISSAF
27(1)
Using OSSTMM
28(3)
Implementing a Testing Methodology
31(12)
Determining What Others Know
32(3)
What you should look for
32(1)
Footprinting: Gathering what's in the public eye
33(2)
Mapping Your Network
35(2)
Scanning Your Systems
37(2)
Determining More about What's Running
39(1)
Performing a Vulnerability Assessment
39(2)
Manual assessment
40(1)
Automatic assessment
40(1)
Finding more information
41(1)
Penetrating the System
41(2)
Amassing Your War Chest
43(22)
Choosing Your Hardware
44(1)
The personal digital assistant
44(1)
The portable or laptop
44(1)
Hacking Software
45(12)
Using software emulators
45(10)
Linux distributions on CD
55(1)
Stumbling tools
56(1)
You got the sniffers?
56(1)
Picking Your Transceiver
57(2)
Determining your chipset
57(2)
Buying a wireless NIC
59(1)
Extending Your Range
59(3)
Using GPS
62(1)
Signal Jamming
63(2)
Part II: Getting Rolling with Common Wi-Fi Hacks
65(88)
Human (In)Security
67(14)
What Can Happen
68(1)
Ignoring the Issues
69(1)
Social Engineering
70(4)
Passive tests
71(2)
Active tests
73(1)
Unauthorized Equipment
74(2)
Default Settings
76(1)
Weak Passwords
77(1)
Human (In)Security Countermeasures
78(3)
Enforce a wireless security policy
78(1)
Train and educate
79(1)
Keep people in the know
79(1)
Scan for unauthorized equipment
80(1)
Secure your systems from the start
80(1)
Containing the Airwaves
81(16)
Signal Strength
81(9)
Using Linux Wireless Extension and Wireless Tools
81(6)
Using Wavemon
87(1)
Using Wscan
88(1)
Using Wmap
88(1)
Using XNetworkStrength
88(1)
Using Wimon
88(1)
Other link monitors
88(2)
Network Physical Security Countermeasures
90(7)
Checking for unauthorized users
90(1)
Antenna type
91(3)
Adjusting your signal strength
94(3)
Hacking Wireless Clients
97(16)
What Can Happen
98(1)
Probing for Pleasure
99(4)
Port scanning
99(3)
Using VPNMonitor
102(1)
Looking for General Client Vulnerabilities
103(6)
Common AP weaknesses
104(1)
Linux application mapping
105(1)
Windows null sessions
106(3)
Ferreting Out WEP Keys
109(2)
Wireless Client Countermeasures
111(2)
Discovering Default Settings
113(18)
Collecting Information
113(7)
Are you for Ethereal?
113(1)
This is AirTraf control, you are cleared to sniff
114(1)
Let me AiroPeek at your data
114(1)
Another CommView of your data
115(2)
Gulpit
117(2)
That's Mognet not magnet
119(1)
Other analyzers
119(1)
Cracking Passwords
120(5)
Using Cain & Abel
120(4)
Using dsniff
124(1)
Gathering IP Addresses
125(1)
Gathering SSIDs
126(2)
Using essid_jack
127(1)
Using SSIDsniff
128(1)
Default-Setting Countermeasures
128(3)
Change SSIDs
128(1)
Don't broadcast SSIDs
129(1)
Using pong
129(1)
Detecting sniffers
129(2)
Wardriving
131(22)
Introducing Wardriving
131(2)
Installing and Running NetStumbler
133(1)
Setting Up NetStumbler
134(7)
Interpreting the Results
141(7)
Mapping Your Stumbling
148(5)
Using StumbVerter and MapPoint
149(1)
Using Microsoft Streets & Trips
150(1)
Using DiGLE
151(2)
Part III: Advanced Wi-Fi Hacks
153(148)
Still at War
155(22)
Using Advanced Wardriving Software
155(19)
Installing and using Kismet
156(11)
Installing and using Wellenreiter
167(1)
Using WarLinux
168(2)
Installing and using MiniStumbler
170(3)
Using other wardriving software
173(1)
Organization Wardriving Countermeasures
174(3)
Using Kismet
174(1)
Disabling probe responses
175(1)
Increasing beacon broadcast intervals
175(1)
Fake 'em out with a honeypot
175(2)
Unauthorized Wireless Devices
177(18)
What Can Happen
178(1)
Wireless System Configurations
179(2)
Characteristics of Unauthorized Systems
181(3)
Wireless Client Software
184(2)
Stumbling Software
186(2)
Network-Analysis Software
188(5)
Browsing the network
188(3)
Probing further
191(2)
Additional Software Options
193(1)
Online Databases
193(1)
Unauthorized System Countermeasures
193(2)
Network Attacks
195(30)
What Can Happen
196(1)
MAC-Address Spoofing
197(11)
Changing your MAC in Linux
198(1)
Tweaking your Windows settings
199(4)
SMAC'ing your address
203(1)
A walk down MAC-Spoofing Lane
204(4)
Who's that Man in the Middle?
208(5)
Management-frame attacks
209(2)
ARP-poisoning attacks
211(2)
SNMP: That's Why They Call It Simple
213(4)
All Hail the Queensland Attack
217(1)
Sniffing for Network Problems
218(4)
Network-analysis programs
218(1)
Network analyzer tips
219(1)
Weird stuff to look for
220(2)
Network Attack Countermeasures
222(3)
Denial-of-Service Attacks
225(30)
What Can Happen
227(2)
Types of DoS attacks
227(1)
It's so easy
228(1)
We Be Jamming
229(5)
Common signal interrupters
230(1)
What jamming looks like
230(2)
Fight the power generators
232(2)
AP Overloading
234(7)
Guilty by association
234(6)
Too much traffic
240(1)
Are You Dis'ing Me?
241(9)
Disassociations
242(1)
Deauthentications
242(7)
Invalid authentications via fata_jack
249(1)
Physical Insecurities
250(1)
DoS Countermeasures
251(4)
Know what's normal
251(1)
Contain your radio waves
251(2)
Limit bandwidth
253(1)
Use a Network Monitoring System
253(1)
Use a WIDS
253(1)
Attack back
254(1)
Demand fixes
254(1)
Cracking Encryption
255(26)
What Can Happen
255(1)
Protecting Message Privacy
256(1)
Protecting Message Integrity
256(1)
Using Encryption
257(2)
WEP Weaknesses
259(2)
Other WEP Problems to Look For
261(2)
Attacking WEP
263(1)
Active traffic injection
263(1)
Active attack from both sides
263(1)
Table-based attack
264(1)
Passive attack decryption
264(1)
Cracking Keys
264(10)
Using WEPcrack
265(2)
Using AirSnort
267(2)
Using aircrack
269(4)
Using WepLab
273(1)
Finding other tools
274(1)
Countermeasures Against Home Network-Encryption Attacks
274(3)
Rotating keys
275(1)
Using WPA
275(2)
Organization Encryption Attack Countermeasures
277(4)
Using WPA2
278(1)
Using a VPN
278(3)
Authenticating Users
281(20)
Three States of Authentication
281(2)
Authentication according to IEEE 802.11
282(1)
I Know Your Secret
283(1)
Have We Got EAP?
284(4)
This method seems easy to digest
285(1)
Not another PEAP out of you
286(1)
Another big LEAP for mankind
286(1)
That was EAP-FAST
287(1)
Beam me up, EAP-TLS
287(1)
EAP-TTLS: That's funky software
288(1)
Implementing 802.1X
288(2)
Cracking LEAP
290(3)
Using asleap
291(1)
Using THC-LEAPcracker
292(1)
Using anwrap
293(1)
Network Authentication Countermeasures
293(8)
WPA improves the 8021.1 picture
293(1)
Using WPA2
294(1)
Using a VPN
295(1)
WIDS
296(1)
Use the right EAP
297(1)
Setting up a WDMZ
297(1)
Using the Auditor Collection
297(4)
Part IV: The Part of Tens
301(24)
Ten Essential Tools for Hacking Wireless Networks
303(4)
Laptop Computer
303(1)
Wireless Network Card
304(1)
Antennas and Connecting Cables
304(1)
GPS Receiver
304(1)
Stumbling Software
304(1)
Wireless Network Analyzer
305(1)
Port Scanner
305(1)
Vulnerability Assessment Tool
305(1)
Google
305(1)
An 802.11 Reference Guide
305(2)
Ten Wireless Security-Testing Mistakes
307(14)
Skipping the Planning Process
307(1)
Not Involving Others in Testing
308(1)
Not Using a Methodology
308(1)
Forgetting to Unbind the NIC When Wardriving
309(3)
Failing to Get Written Permission to Test
312(1)
Failing to Equip Yourself with the Proper Tools
313(1)
Over-Penetrating Live Networks
314(1)
Using Data Improperly
314(1)
Failing to Report Results or Follow Up
314(2)
Breaking the Law
316(5)
Ten Tips for Following Up after Your Testing
321(4)
Organize and Prioritize Your Results
321(1)
Prepare a Professional Report
322(1)
Retest If Necessary
322(1)
Obtain Sign-Off
322(1)
Plug the Holes You Find
323(1)
Document the Lessons Learned
323(1)
Repeat Your Tests
323(1)
Monitor Your Airwaves
324(1)
Practice Using Your Wireless Tools
324(1)
Keep Up with Wireless Security Issues
324(1)
Part V: Appendixes
325(2)
Appendix A: Wireless Hacking Resources
327(14)
Certifications
327(1)
General Resources
327(1)
Hacker Stuff
328(1)
Wireless Organizations
328(1)
Institute of Electrical and Electronics Engineers (IEEE): www.ieee.org
328(1)
Wi-Fi Alliance (formerly WECA): www.wifialliance.com
329(1)
Local Wireless Groups
329(2)
Security Awareness and Training
331(1)
Wireless Tools
331(10)
General tools
331(1)
Vulnerability databases
332(1)
Linux distributions
332(1)
Software emulators
333(1)
RF prediction software
333(1)
RF monitoring
333(2)
Antennae
335(1)
Wardriving
335(1)
Wireless IDS/IPS vendors
336(1)
Wireless sniffers
337(1)
WEP/WPA cracking
338(1)
Cracking passwords
338(1)
Dictionary files and word lists
339(1)
Gathering IP addresses and SSIDs
339(1)
LEAP crackers
340(1)
Network mapping
340(1)
Network scanners
340(1)
Appendix B: Glossary of Acronyms
341(6)
Index 347

An electronic version of this book is available through VitalSource.

This book is viewable on PC, Mac, iPhone, iPad, iPod Touch, and most smartphones.

By purchasing, you will be able to view this book online, as well as download it, for the chosen number of days.

Digital License

You are licensing a digital product for a set duration. Durations are set forth in the product description, with "Lifetime" typically meaning five (5) years of online access and permanent download to a supported device. All licenses are non-transferable.

More details can be found here.

A downloadable version of this book is available through the eCampus Reader or compatible Adobe readers.

Applications are available on iOS, Android, PC, Mac, and Windows Mobile platforms.

Please view the compatibility matrix prior to purchase.