Ever hear the saying "the more things change the more thing stay the same?" Consider the not-too-distant past when people used modems and dialup accounts. During this time, wardialing became very popular. Programs like ToneLoc and Scan were popular. Hackers of the time would call ranges of phone numbers looking for systems with modems tied to them. Administrators fought back by limiting the hours that modems were on, started using callback systems, and added caller ID.

Then came the move to the early Internet. The same methodology of wardialing was carried over to port scanning. The attacker used this newer technology as a way to search for access to a vulnerable system. Administrators were forced to add firewalls, intrusion detection, and filter access to unneeded ports at the edge of the network. Today, many networks have switched to wireless. After all, it's an inexpensive method to add connectivity for local users. Attackers see wireless in the same way that the previous technologies were viewed. Wireless wardriving tools can be used to connect to unsecured networks or tools can be used in an attempt to break weak encryption. Again, administrators must be ready to respond to the threat.

This chapter discusses attacking and securing wireless. I start by discussing some wireless basics, and then move on to methods used to attack and secure wireless systems. Wireless communication plays a big role in most people's lives, from cell phones and satellite ...