Hackproofing Your Wireless Network

  • ID: 1762296
  • Book
  • 608 Pages
  • Elsevier Science and Technology
1 of 4
The only way to stop a hacker is to think like one!

Wireless technology is a new and rapidly growing field of concentration for network engineers and administrators. Innovative technology is now making the communication between computers a cordless affair. Wireless devices and networks are vulnerable to additional security risks because of their presence in the mobile environment.

Hack Proofing Your Wireless Network is the only book written specifically for architects, engineers, and administrators responsible for securing their wireless networks. From making sense of the various acronyms (WAP, WEP, SSL, PKE, PKI, SSL, SSH, IPSEC) to the implementation of security policies, plans, and recovery protocols, this book will help users secure their wireless network before its security is compromised. The only way to stop a hacker is to think like one...this book details the multiple ways a hacker can attack a wireless network - and then provides users with the knowledge they need to prevent said attacks.

- Uses forensic-based analysis to give the reader an insight into the mind of a hacker- With the growth of wireless networks architects, engineers and administrators will need this book- Up to the minute Web based support at [external URL]
Note: Product cover images may vary from those shown
2 of 4
Foreword

Chapter 1 The Wireless Challenge


Introduction


Wireless Technology Overview


Defining Cellular-based Wireless


Defining the Wireless LAN


The Convergence of Wireless Technologies


Trends and Statistics


Understanding the Promise of Wireless


Wireless Networking


Understanding the Benefits of Wireless


Convenience


Affordability


Speed


Aesthetics


Productivity


Facing the Reality of Wireless Today


Standards Conflicts


Commercial Conflicts


Market Adoption Challenges


The Limitations of "Radio”


The Limitations of Wireless Security


Examining the Wireless Standards


Cellular-based Wireless Networks


Wireless LAN Networks


Understanding Public Key Infrastructures and Wireless Networking


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 2 A Security Primer


Introduction


Understanding Security Fundamentals and Principles of Protection


Ensuring Confidentiality


Ensuring Integrity


Ensuring Availability


Ensuring Privacy


Ensuring Authentication


Ensuring Authorization


Ensuring Non-repudiation


Accounting and Audit Trails


Using Encryption


Reviewing the Role of Policy


Identifying Resources


Understanding Classification Criteria


Implementing Policy


Recognizing Accepted Security and Privacy Standards


Reviewing Security Standards


Reviewing Privacy Standards and Regulations


Addressing Common Risks and Threats


Experiencing Loss of Data


Experiencing Denial and Disruption of Service


Eavesdropping


Preempting the Consequences of an Organization's Loss


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 3 Wireless Network


Architecture and Design


Introduction


Fixed Wireless Technologies


Multichannel Multipoint Distribution Service


Local Multipoint Distribution Services


Wireless Local Loop


Point-to-Point Microwave


Wireless Local Area Networks


Why the Need for a Wireless LAN Standard?


Developing WLANs through the 802.11 Architecture


The Basic Service Set


The Extended Service Set


The CSMA-CA Mechanism


Configuring Fragmentation


Using Power Management Options


Multicell Roaming


Security in the WLAN


Developing WPANs through the 802.15 Architecture


Bluetooth


HomeRF


High Performance Radio LAN


Mobile Wireless Technologies


First Generation Technologies


Second Generation Technologies


2.5G Technology


Third Generation Technologies


Wireless Application Protocol


Global System for Mobile Communications


General Packet Radio Service


Short Message Service


Optical Wireless Technologies


Exploring the Design Process


Conducting the Preliminary Investigation


Performing Analysis of the Existing Environment


Creating a Preliminary Design


Finalizing the Detailed Design


Executing the Implementation


Capturing the Documentation


Creating the Design Methodology


Creating the Network Plan


Developing the Network Architecture


Reviewing and Validating the Planning Phase


Creating a High-Level Topology


Creating a Collocation Architecture


Defining the High-Level Services


Formalizing the Detailed Design Phase


Understanding Wireless Network Attributes from a Design Perspective


Application Support


Physical Landscape


Network Topology


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 4 Common Attacks and Vulnerabilities


Introduction


The Weaknesses in WEP


Criticisms of the Overall Design


Weaknesses in the Encryption Algorithm


Weaknesses in Key Management


Weaknesses in User Behavior


Conducting Reconnaissance


Finding a Target


Finding Weaknesses in a Target


Exploiting Those Weaknesses


Sniffing, Interception, and Eavesdropping


Defining Sniffing


Sample Sniffing Tools


Sniffing Case Scenario


Protecting Against Sniffing and Eavesdropping


Spoofing and Unauthorized Access


Defining Spoofing


Sample Spoofing Tools


Spoofing Case Scenario


Protecting Against Spoofing and Unauthorized Attacks


Network Hijacking and Modification


Defining Hijacking


Sample Hijacking Tools


Hijacking Case Scenario


Protection against Network Hijacking and Modification


Denial of Service and Flooding Attacks


Defining DoS and Flooding


Sample DoS Tools


DoS and Flooding Case Scenario


Protecting Against DoS and Flooding Attacks


The Introduction of Malware


Stealing User Devices


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 5 Wireless Security Countermeasures


Introduction


Revisiting Policy


Addressing the Issues with Policy


Analyzing the Threat


Threat Equals Risk Plus Vulnerability


Designing and Deploying a Secure Network


Implementing WEP


Defining WEP


Creating Privacy with WEP


The WEP Authentication Process


WEP Benefits and Advantages


WEP Disadvantages


The Security Implications of Using WEP


Implementing WEP on the Aironet


Implementing WEP on the ORiNOCO AP-1000


Securing a WLAN with WEP: A Case Scenario


Filtering MACs


Defining MAC Filtering


MAC Benefits and Advantages


MAC Disadvantages


Security Implications of MAC Filtering


Implementing MAC Filters on the AP-1000


Implementing MAC Filters on the Aironet 340


Filtering MAC Addresses: A Case Scenario


Filtering Protocols


Defining Protocol Filters


Protocol Filter Benefits and Advantages


Protocol Filter Disadvantages


Security Implications of Using Protocol Filters


Using Closed Systems and Networks


Defining a Closed System


Closed System Benefits and Advantages


Closed System Disadvantages


Security Implications of Using a Closed System


A Closed Environment on a Cisco Aironet Series AP


A Closed Environment on an ORiNOCO AP-1000


Implementing a Closed System: A Case Scenario


Enabling WEP on the ORiNOCO Client


Allotting IPs


Defining IP Allocation on the WLAN


Deploying IP over the WLAN: Benefits and Advantages


Deploying IP over the WLAN: Disadvantages


Security Implications of Deploying IP over the WLAN


Deploying IP over the WLAN: A Case Scenario


Using VPNs


VPN Benefits and Advantages


VPN Disadvantages


Security Implications of Using a VPN


Layering Your Protection Using a VPN


Utilizing a VPN:A Case Scenario


Securing Users


End User Security Benefits and Advantages


End User Security Disadvantages


User Security: A Case Scenario


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 6 Circumventing Security Measures


Introduction


Planning and Preparations


Finding a Target


Detecting an Open System


Detecting a Closed System


Exploiting WEP


Security of 64-bit versus 128-bit Keys


Acquiring a WEP Key


War Driving


What Threat Do These "Open Networks” Pose to Network Security?


Stealing User Devices


What Are the Benefits of Device Theft?


MAC Filtering


Determining MAC Filtering Is Enabled


MAC Spoofing


Bypassing Advanced Security Mechanisms


Firewalls


What Happens Now?


Exploiting Insiders


Installing Rogue Access Points


Where Is the Best Location for a Rogue AP?


Configuring the Rogue AP


Risks Created by a Rogue AP


Are Rogue APs Detectable?


Exploiting VPNs


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 7 Monitoring and Intrusion Detection


Introduction


Designing for Detection


Starting with a Closed Network


Ruling Out Environmental Obstacles


Ruling Out Interference


Defensive Monitoring Considerations


Availability and Connectivity


Monitoring for Performance


Intrusion Detection Strategies


Integrated Security Monitoring


Popular Monitoring Products


Conducting Vulnerability Assessments


Incident Response and Handling


Policies and Procedures


Reactive Measures


Reporting


Cleanup


Prevention


Conducting Site Surveys for Rogue Access Points


The Rogue Placement


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 8 Auditing


Introduction


Designing and Planning a Successful Audit


Types of Audits


When to Perform an Audit


Auditing Activities


Auditing Tools


Critical Auditing Success Factors


Defining Standards


Standards


Guidelines


Best Practices


Policies


Procedures


Auditing, Security Standards, and Best Practices


Corporate Security Policies


Auditing Charters and Irregularities


Establishing the Audit Scope


Establishing the Documentation Process


Performing the Audit


Auditors and Technologists


Obtaining Support from IS/IT Departments


Gathering Data


Analyzing Audit Data


Matrix Analysis


Recommendations Reports


Generating Audit Reports


The Importance of Audit Report Quality


Writing the Audit Report


Final Thoughts on Auditing


Sample Audit Reports


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 9 Case Scenarios


Introduction


Implementing a Non-secure Wireless Network


Implementing an Ultra-secure Wireless LAN


Physical Location and Access


Configuring the AP


Designing Securely


Securing by Policy


Taking a War Drive


Scouting Your Location


Installing in Difficult Situations


Developing a Wireless Security Checklist


Minimum Security


Moderate Security


Optimal Security


Summary


Solutions Fast Track


Frequently Asked Questions


Appendix: Hack Proofing Your Wireless Network Fast Track


Index


Note: Product cover images may vary from those shown
3 of 4

Loading
LOADING...

4 of 4
Syngress
Note: Product cover images may vary from those shown
5 of 4
Note: Product cover images may vary from those shown
Adroll
adroll