Sign in
|
Register
|
Mobile
Home
Browse
About us
Help/FAQ
Advanced search
Home
>
Browse
>
Beginner's Guide
>
Wireless Network Security A Beginner's Guide
CITATION
Wrightson, Tyler
.
Wireless Network Security A Beginner's Guide
.
US
: McGraw-Hill Osborne Media, 2012.
Add to Favorites
Email to a Friend
Download Citation
Wireless Network Security A Beginner's Guide
Authors:
Tyler Wrightson
Published:
April 2012
eISBN:
9780071760959 0071760954
|
ISBN:
9780071760942
Open eBook
Book Description
Table of Contents
Wireless Network Security A Beginner’s Guide
About the Author
About the Technical Editor
Contents
Acknowledgments
Introduction
About the Series
Lingo
IMHO
Budget Note
In Actual Practice
Your Plan
Into Action
Part I: Wireless Foundations
Chapter 1: Introduction to the Wireless Security Mindset
We’ll Cover
What You Will Learn
Security 101: The 11 Security Principles
Principle 1: Security vs. Convenience
Principle 2: It Is Impossible to Eliminate All Risks
Principle 3: Rules of Risk Calculation and Mitigating Controls
Principle 4: Not All Risks Must Be Mitigated
Principle 5: Security Is Not Just Keeping the Bad Guys Out
Principle 6: ROI Doesn’t Work for Security
Principle 7: Defense In Depth
Principle 8: Least Privilege
Principle 9: CIA Triad
Principle 10: Prevention, Detection, Deterrents
Principle 11: Prevention Fails
Definition of Hacker
Wireless Networking Basics
802.11a/b/g/n
Access Points
Autonomous vs. Controller Based
SSID, BSSID, MAC Address
Beacons and Broadcasts
Associating and Authenticating
Encryption
We’ve Covered
The 11 security principles
Wireless networking basic concepts
Chapter 2: Wireless Tools and Gadgets
We’ll Cover
A Lab of Your Own
Client Devices
Phones
Printers
Access Points
DD-WRT
WRT54G
Apple Airport Express
Mini Access Points
Mobile Hotspots
Smartphones
Enterprise-Grade Access Points
Antennas
Types of Antennas
Gadgets
GPS
Smartphones and PDAs
Pocket Wireless Scanners
Spectrum Analyzer
Operating System of Choice
We’ve Covered
Creating a lab environment
Client devices
Access points
Antennas
Wireless gadgets
Choosing a wireless operating system
Part II: Know Thy Enemy
Chapter 3: Theory of Attacks on Wireless Networks
We’ll Cover
Setting the Stage
Wireless Reconnaissance
SSID Decloaking
Passive Packet Captures
Store and Crack at Your Convenience
Man-in-the-Middle Attacks
ARP Spoofing
Rogue DHCP
ICMP Redirects
MITM—OK, Now What?
Authentication
WEP Authentication
Encryption
Stream Ciphers vs. Block Ciphers
How WEP Works
History of Breaking WEP
Attacking WEP Encrypted Networks
How WPA Works
WPA-PSK
WPA-Enterprise
WPA2 Encryption Algorithms
Attacking WPA Protected Networks
Cracking the WPA Pre-Shared Key
WPA Deauthentication Spoofing
Wi-Fi Protected Setup (WPS) Brute Forcing
WPA Denial of Service
Attacks on TKIP
So What Should I Use?
We’ve Covered
How WEP works
How WPA works
Attacking WEP encrypted networks
Attacking WPA encrypted networks
Common network attack techniques
Chapter 4: Attacking Wireless Networks
We’ll Cover
Wireless Reconnaissance
The iwlist Command
Kismet
Kismac
Wardrive
Netstumbler
Actively Attacking Wireless Networks
Cracking WEP Encryption
Cracking a WPA Passphrase
We’ve Covered
Wireless network reconnaissance
Passive packet captures
Cracking WEP encryption
Cracking the WPA-PSK handshake
Spoofing deauthentication packets
Chapter 5: Attacking Wireless Clients
We’ll Cover
Wireless World
Wireless Client Vulnerabilities
Are the Client’s Existing Communications Secure?
Are There Default Configurations That We Can Exploit?
Can We Make the Client Talk to Us?
Factors That Exacerbate Wireless Client Vulnerabilities
Wireless Clients Are Everywhere
Wireless Clients Are Constantly Broadcasting Their Existence
Wireless Clients Are Not Monitored as Closely as Infrastructure Devices
Physical Security Is Often Completely Neglected
Wireless Reconnaissance
Kismet
Airodump
Sniffing Insecure Communications
Capturing Packets
Can We Force the Client to Talk to Us?
Creating a Linux Access Point
Forcing the Client to Talk to Us
Default Operations
Man-in-the-Middle Attacks
DNS Spoofing
Fake Webauth
SSL MITM
SSL Stripping
Fake AV Updates
We’ve Covered
Exotic wireless devices
Wireless client vulnerabilities
Wireless reconnaissance
Sniffing insecure communications
Can we force the client to talk to us?
Default operations
Man-in-the-middle attacks
Part III: Real-World Wireless Security Defenses
Chapter 6: Theory of Defense for Securing Wireless Networks
We’ll Cover
Setting the Stage
Context
Reality
The Attacker Has the Advantage
Phases of Wireless Deployment
New Deployments
Existing Wireless Networks
Dealing with Downtime
New Wireless Network in Parallel
Touch Every Wireless Client
Wireless Refresh
Secure Design Principles for Wireless Networks
Defense In Depth
Least Privilege
Network Segmentation
Wireless Assessments
Secure the Infrastructure
Rogue AP Detection
Physical Security
Change the Default Configurations
Due Diligence
Confidentiality Integrity Availability (CIA)
Encryption
Authentication
Useless Defenses
Faraday Cage
MAC Filtering
SSID Cloaking
WEP
WEP Cloaking
Good Wireless Defenses
Firewalls
Routers
Switches
Intrusion Detection Systems and Intrusion Prevention Systems
When to Use IDS vs. IPS
Where on the Network Will the IDS System Be Placed?
How Will the IDS Receive Network Traffic to Inspect?
Who Will Manage the IDS?
What to Look for When Monitoring an IDS
Wireless Intrusion Detection and Intrusion Prevention Systems
Honeypots
Web Authentication Gateways
We’ve Covered
Setting the stage
Phases of wireless deployment
Secure design principles for wireless networks
Useless defenses
Good wireless defenses
Chapter 7: Understanding the WPA2-Enterprise with Certificates Architecture
We’ll Cover
Introduction to WPA2-Enterprise with Digital Certificates
Public Key Infrastructure and Digital Certificates
Public Key Cryptography: Asymmetric Encryption Algorithms
Attacking Public Key Crypto-Secured Messages
Digital Certificates
Certificate Authority Server Structure
Handling Compromised Certificates
Supporting Services
Microsoft Certificate Services
Auto-Enrollment and Certificate Templates
Remote Authentication Dial-In User Service
802.1x: Port-Based Access Control
RADIUS and 802.1x
WPA Enterprise Architecture
We’ve Covered
PKI and digital certificates
WPA-Enterprise example
Chapter 8: Deploying a WPA-Enterprise Network with Certificates
We’ll Cover
Install and Configure the Certification Authority
Install Active Directory Certificate Services
Configure the Certificate Template and Auto-Enrollment
Create the Wireless Organizational Unit and the WirelessUsers Group
Create the Wireless Group Policy Object
Apply the Group Policy Object to the Wireless Organizational Unit
Create and Issue the Certificate Templates
Log onto the Workstation and Obtain the User Certificate
Allow Pre-logon Authentication
Configure the RADIUS Server
Configure the Wireless Access Point
Authenticate to the Wireless Network
We’ve Covered
Configure the Certification Authority
Configure the RADIUS server
Configure the wireless access point
Chapter 9: Deploying Secure Wireless Networks
We’ll Cover
WPA2-Enterprise Wireless Networks
Configure the Network Policy Server (RADIUS)
Configure the Wireless Access Point
Configure the Wireless Client
Troubleshooting PEAP Authentication
Troubleshooting RADIUS Authentication
Bad RADIUS Authenticator
Client Access Denied
When All Else Fails
Securing Your Wireless Network
Segmenting Wireless Networks
Restricting Users
Restricting Time
Restricting Network Subnets and TCP Ports
Internal DMZ
Multiple Wireless Networks (SSIDs)
Remote Wireless Networks
We’ve Covered
Configuring a WPA2-Enterprise network with PEAP authentication
Configure the Microsoft Windows 2008 Network Policy Server
Strategies for segmenting wireless networks
Chapter 10: Handling Wireless Guest Access
We’ll Cover
Guest Networks and Internet Access
Authenticating Guest Users and Managing Guest Credentials
Using Captive Web Portals
Guest Users Only
Encrypting Traffic
Using Auto-Expiring Credentials
Allowing Secure Access to Internal Resources
Authenticating Consultants
Segmenting Guest Wireless Networks from Internal Networks
DMZ with Jump Stations
Virtual Private Networking
VPN Options for Wireless Networks
We’ve Covered
Authenticating guest users and managing guest credentials
Using captive web portals
Segmenting guest wireless networks from internal networks
Allowing secure access to internal resources
Chapter 11: Handling Rogue Access Points and the Future of Wireless Security
We’ll Cover
Handling Rogue Access Points
Preventing Rogue Wireless Networks
802.1x Port-Based Access Control
Network Access Control
Port Security
Manually Detecting Rogue Wireless Networks
Tracing Malicious Rogue Access Points
Handling Rogue Access Points
Automated Detection of Rogue Wireless Networks
Other Wireless Technologies
Next-Gen Solutions
Lightweight Wireless Solutions
Cloud-Based Wireless Solutions
Dedicated Wireless IDS
Client Protection
User Education
Technical Solutions for Endpoint Security
Group Policy Objects
We’ve Covered
Handling rogue access points
Other wireless technologies
Next-gen solutions
Client protection
Appendix: Introduction to Linux: The Wireless Engineer’s Operating System of Choice
The Linux Operating System
BackTrack: Our Linux Distribution of Choice
Downloading and Burning BackTrack
Booting BackTrack from a USB Drive
Booting to BackTrack
The Gnome Graphical Environment
Basic Linux Commands
Understanding the Linux Shell
Running Commands
Getting Help with Linux Commands
Navigating the Linux File System
Installing Software on BackTrack
Basic Networking Configuration
Understanding Linux File Permissions
Basic Scripting
Conclusion
Glossary
Index