You are previewing Building a Pentesting Lab for Wireless Networks.
O'Reilly logo
Building a Pentesting Lab for Wireless Networks

Book Description

Build your own secure enterprise or home penetration testing lab to dig into the various hacking techniques

About This Book

  • Design and build an extendable penetration testing lab with wireless access suitable for home and enterprise use

  • Fill the lab with various components and customize them according to your own needs and skill level

  • Secure your lab from unauthorized access and external attacks

  • Who This Book Is For

    If you are a beginner or a security professional who wishes to learn to build a home or enterprise lab environment where you can safely practice penetration testing techniques and improve your hacking skills, then this book is for you. No prior penetration testing experience is required, as the lab environment is suitable for various skill levels and is used for a wide range of techniques from basic to advance. Whether you are brand new to online learning or you are a seasoned expert, you will be able to set up your own hacking playground depending on your tasks.

    What You Will Learn

  • Determine your needs and choose the appropriate lab components for them

  • Build a virtual or hardware lab network

  • Imitate an enterprise network and prepare intentionally vulnerable software and services

  • Secure wired and wireless access to your lab

  • Choose a penetration testing framework according to your needs

  • Arm your own wireless hacking platform

  • Get to know the methods to create a strong defense mechanism for your system

  • In Detail

    Starting with the basics of wireless networking and its associated risks, we will guide you through the stages of creating a penetration testing lab with wireless access and preparing your wireless penetration testing machine.

    This book will guide you through configuring hardware and virtual network devices, filling the lab network with applications and security solutions, and making it look and work like a real enterprise network. The resulting lab protected with WPA-Enterprise will let you practice most of the attack techniques used in penetration testing projects. Along with a review of penetration testing frameworks, this book is also a detailed manual on preparing a platform for wireless penetration testing. By the end of this book, you will be at the point when you can practice, and research without worrying about your lab environment for every task.

    Style and approach

    This is an easy-to-follow guide full of hands-on examples and recipes. Each topic is explained thoroughly and supplies you with the necessary configuration settings. You can pick the recipes you want to follow depending on the task you need to perform.

    Downloading the example code for this book. You can download the example code files for all Packt books you have purchased from your account at http://www.PacktPub.com. If you purchased this book elsewhere, you can visit http://www.PacktPub.com/support and register to have the code file.

    Table of Contents

    1. Building a Pentesting Lab for Wireless Networks
      1. Table of Contents
      2. Building a Pentesting Lab for Wireless Networks
      3. Credits
      4. About the Authors
      5. About the Reviewers
      6. www.PacktPub.com
        1. eBooks, discount offers, and more
          1. Why subscribe?
      7. Preface
        1. What this book covers
        2. What you need for this book
        3. Who this book is for
        4. Conventions
        5. Reader feedback
        6. Customer support
          1. Downloading the example code
          2. Errata
          3. Piracy
          4. Questions
      8. 1. Understanding Wireless Network Security and Risks
        1. Understanding wireless environment and threats
          1. An overview of wireless technologies
          2. An overview of wireless threats
          3. Wi-Fi media specifics
        2. Common WLAN protection mechanisms and their flaws
          1. Hiding SSID
          2. MAC filtering
          3. WEP
          4. WPA/WPA2
            1. Pre-shared key mode
            2. Enterprise mode
          5. WPS
        3. Getting familiar with the Wi-Fi attack workflow
          1. General Wi-Fi attack methodology
          2. The active attacking phase
            1. WPA-PSK attacks
            2. Enterprise WLAN attacks
        4. Summary
      9. 2. Planning Your Lab Environment
        1. Understanding what tasks your lab should fulfill
          1. Objectives of a lab
          2. Lab tasks
            1. Network reconnaissance
            2. Web application hacking
            3. Hacking and researching network services
            4. AD hacking
            5. DBMS hacking
            6. Network layer attacks
            7. Wi-Fi penetration testing
              1. Man-in-the-middle attacks
        2. Planning the network topology
        3. Choosing appropriate components
          1. Network devices
          2. Server and workstation components
        4. Planning lab security
          1. Access control
          2. Integrated security mechanisms
          3. Security solutions
        5. Security hints
        6. Summary
      10. 3. Configuring Networking Lab Components
        1. General lab network communication rules
        2. Configuring hardware wired devices
          1. Preparing the console connection on Windows
          2. Core switch
            1. Initial configuration
            2. Configuring interfaces and VLANs
          3. Hardening the core switch
            1. Configuring subinterfaces and subnets
            2. Configuring auxiliary services
            3. Basic gateway hardening
        3. Configuring virtual wired network devices
          1. Network virtualization platform
            1. Software installation
            2. Initial configuration
            3. Network topology implementation
          2. Switch
          3. Gateway
          4. Virtual host emulation
          5. Wireless hardware devices
        4. Configuring WLANs
          1. Guest WLAN
          2. Preparing the hardware access point
        5. Summary
      11. 4. Designing Application Lab Components
        1. Planning services
        2. Creating virtual servers and workstations
          1. VirtualBox overview and installation
          2. Creating virtual machines
          3. Configuring network settings of lab components
        3. Installing and configuring domain services
          1. Creating a domain
          2. Creating users
          3. Adding hosts to the domain
        4. Certification authority services
          1. Creating a root certificate
          2. Creating a working certificate
          3. Installing a root certificate
        5. Installing a remote management service
        6. Corporative e-mail service
          1. Configuring a DNS server
          2. Installing and configuring hMailServer
        7. Installing vulnerable services
        8. Installing web applications
          1. Preparing a web server
          2. WebGoat
          3. DVWA
          4. Liferay Portal
          5. Metasploitable
          6. Vulnerable VoIP server
        9. Summary
      12. 5. Implementing Security
        1. Network-based security solutions
          1. Configuring network access control
            1. Isolating external and guest networks
            2. Isolating internal VLANs
          2. Securing wireless access
            1. Preparing the RADIUS server
            2. Preparing the certificates
            3. Configuring RADIUS
              1. clients.conf
              2. eap.conf
            4. Configuring the access point
            5. Configuring the WLAN client
          3. Installing a network intrusion detection system
            1. Activating SPAN
            2. Snort
              1. Installing Snort
              2. Configuring Snort
              3. Snort rules
        2. Host-based security solutions
          1. Workstation security
            1. EMET
            2. HIPS
          2. Web application firewall
          3. ClamAV
            1. Installing
            2. Configuring
            3. Usage and integration with the mail server
          4. OSSEC
            1. Installing
            2. Configuring
            3. Connecting OSSEC agents
        3. SIEM
          1. Installing
          2. Configuration wizard
          3. Configuring HIDS
        4. Summary
      13. 6. Exploring Hacking Toolkits
        1. Wireless hacking tools
          1. Aircrack-ng
            1. Content
            2. Exercise
          2. Mana
            1. Exercise
        2. Infrastructure hacking tools
          1. Nmap
            1. Scripting engine
            2. Example
          2. Ettercap
            1. Exercise
          3. Metasploit Framework
            1. Meterpreter
            2. Example
            3. Armitage
            4. Veil-Evasion framework
        3. Cracking tools
          1. John The Ripper
            1. Example
          2. Hashcat
            1. Example
        4. Web application hacking tools
          1. Burp Suite
            1. Example
        5. Summary
      14. 7. Preparing a Wireless Penetration Testing Platform
        1. Common variants of the pentesting platform
        2. Choosing an interface
        3. Installing the necessary software
        4. Preparing configs and scripts
          1. Standalone Hostapd-based APs
          2. Automating the AP setup
          3. Configuration for WPE-Enterprise
        5. Preparing a Kali USB stick
          1. Creating a USB stick under Windows
          2. Creating a USB stick under Linux
          3. Making an encrypted persistent partition
        6. Summary
      15. 8. What's Next?
        1. What you can learn
          1. Infrastructure penetration testing
          2. Web application and web-services hacking
          3. Mobile security
          4. IoT
        2. Courses and certificates
          1. EC-Council security track
          2. Offensive Security trainings
          3. GIAC
        3. Pentesting standards
        4. Information sources
        5. Summary
      16. Index