You are previewing Maximum Wireless Security.
O'Reilly logo
Maximum Wireless Security

Book Description

Maximum Wireless Security is a practical handbook that reveals the techniques and tools crackers use to break into wireless networks, and that details the steps network administrators need to take to secure their systems.

The authors provide information to satisfy the expert's hunger for in-depth information with actual source code, real-world case studies, and step-by-step configuration recipes.

The book includes detailed, hands-on information that is currently unavailable in any printed text -- information that has been gleaned from the authors' work with real wireless hackers ("war drivers"), wireless security developers, and leading security experts.

Table of Contents

  1. Copyright
  2. About the Authors
  3. We Want to Hear from You!
  4. Introduction
  5. Wireless Fundamentals
    1. Wireless Hardware
      1. Access Points
      2. Linksys WAP11
      3. NetGear ME102
      4. Antennas
      5. Radome-Enclosed Yagi Antenna: HyperLink HG2415Y
      6. Parabolic Grid Antenna: HyperLink HG2419G
      7. SigMax Omni-Directional: Signull SMISMCO10
      8. SigMax Circular Yagi: Signull SMISMCY12
      9. TechnoLab Log Periodic Yagi
      10. Wireless NICs
      11. ORiNOCO PC Card
      12. Handheld Devices
      13. Compaq iPAQ
      14. Summary
    2. Wireless Network Protocols
      1. Inside the 802.11 Standard
      2. Inside the 802.11g Standard
      3. 802.11a Versus 802.11b
      4. Understanding HomeRF
      5. Understanding IrDA
      6. Understanding Bluetooth
      7. Summary
    3. Wireless Programming
      1. HTML/XML/XHTML
      2. WAP/WML/WMLScript
      3. Openwave SDK
      4. i-mode
      5. Java
      6. .NET
      7. Summary
    4. WEP Security
      1. WEP Introduction
      2. RC4 Encryption
      3. How RC4 Works
      4. Summary
  6. Wireless Threats
    1. Cracking WEP
      1. WEP Review
      2. Data Analysis
      3. Technical Example
      4. IV Collision
      5. Key Extraction
      6. Summary
    2. Hacking Techniques
      1. Diverse Hacker Attack Methods
      2. Sniffing
      3. Spoofing and Session Hijacking
      4. Understanding Buffer Overflows
      5. Unexpected Input
      6. Denial-of-Service Attacks
      7. Summary
    3. Wireless Attacks
      1. Surveillance
      2. War Driving
      3. Client-to-Client Hacking
      4. Rogue Access Points
      5. Jamming (Denial of Service)
      6. Practical WEP Cracking
      7. Summary
    4. Airborne Viruses
      1. Airborne Viruses
      2. Virus Overview
      3. Virus Prevention
      4. Hostile Web Pages and Scripting
      5. Palm OS
      6. Viruses on Windows CE .NET
      7. Handset Viruses
      8. Summary
  7. Tools of the Trade
    1. Auditing Tools
      1. Ethereal
      2. NetStumbler
      3. Kismet
      4. AirSnort
      5. WEPCrack
      6. Windows XP
      7. AiroPeek NX
      8. Summary
    2. Pocket PC Hacking
      1. Important URLs
      2. Pocket PC Installation
      3. WLAN Drivers
      4. MiniStumbler
      5. CENiffer
      6. Net Force and vxUtil
      7. IBM Wireless Security Auditor
      8. Summary
    3. Wireless Hack Walkthrough
      1. The Test Network
      2. Defining the Goal
      3. Investigation and Discovery
      4. Attack Preparation
      5. Execution
      6. Clean Up
      7. Summary
  8. Wireless Security
    1. Securing the WLAN
      1. Access Point-Based Security Measures
      2. Third-Party Security Methods
      3. Funk’s Steel-Belted Radius
      4. WLAN Protection Enhancements
      5. Summary
    2. Virtual Private Networks
      1. VPN Review
      2. Tunneling
      3. IPsec
      4. L2TP
      5. Attacks Against VPNs
      6. Deploying VPNs in WLANs
      7. Summary
    3. Intrusion Detection Systems
      1. Log File Monitors
      2. Integrity Monitors
      3. IDS Theory
      4. Receiver Operating Characteristic Curves
      5. Hacking Through IDSs
      6. The Future of IDSs
      7. Summary
    4. Wireless Public Key Infrastructure
      1. Public Key Cryptography
      2. Digital Signatures
      3. Certificate Authorities
      4. Wireless PKI Implementation
      5. Transaction Confirmation
      6. Integrity of User Identities
      7. Third-Party Services
      8. WAP PKI
      9. Summary
  9. Appendixes
    1. Decimal/Hex/Binary Conversion Table
    2. WEPCrack Exploit Code Example
      1. GNU General Public License
    3. References
  10. Index