Previous Page
Next Page

Part II: Hacking 802.11 Wireless Technology

Part II of this book covers 802.11 security from the ground up. In the initial chapter, an introduction to the 802.11 Media Access Control rules are covered, as well as the basic management operations of an 802.11 wireless network. Chapters 4 and 5 cover how to choose the best wireless network scanning tools and ensure you get the optimal results. Chapter 6 illustrates all of the attacks that aren't specific to WPA-protected networks (cracking WEP keys, replaying packets, and so on). Later chapters include how 802.11i and WPA operate and how to attack them.

Chapter 3: Introduction to 802.11

This chapter serves as a quick introduction to the basics of the 802.11 standard. It includes a quick rundown on the format of certain types of packets, as well as brief explanations of many important features of the 802.11standard. Also included is a thorough explanation on how 802.11i integrates with other security protocols, such as Extensible Authentication Protocol and RADIUS.

Chapter 4: 802.11 Discovery

Chapter 4 covers everything you want to know about 802.11 chipsets, drivers, and Linux kernel versions. It includes suggestions for finding the best card/antenna for your operating system, and provides detailed instructions on getting a Linux device driver that supports monitor mode as well as packet injection. It also provides guidance on choosing GPS hardware to work with your platform.

Chapter 5: Scanning and Enumerating 802.11 Networks

Chapter 5 covers popular scanning tools on Windows, Linux, and OS X platforms. NetStumbler, Kismet, and Kismac are covered at length. It also includes useful tips for getting the most out of NetStumbler on Windows, as well as information on troubleshooting GPS problems.

Chapter 6: Attacking 802.11 Networks

This chapter covers all of the classic attacks against WEP, as well as some more offbeat ones. Detailed instructions on cracking WEP keys, setting up rogue APs, and various traffic injection attacks are covered. DoS attacks as well as tools that can be used to recover the WEP/WPA keys from a compromised host are also detailed.

Chapter 7: Attacking WPA-protected 802.11 Networks

Chapter 7 covers all of the practical attacks currently known against WPA. These include dictionary attacks against WPA-PSK, attacking LEAP-protected networks with asleap, and offline attacks against the RADIUS shared secret.

Chapter 8: 802.11 Defense

Chapter 8 provides deep insight into securing your wireless network. This includes setting up antennas that minimize signal exposure, deploying VPNs and upper layer authentication to augment your existing wireless security, and choosing a good EAP authentication type. This chapter ends with an in-depth walkthrough on setting up your first wireless network with enterprise-based authentication. The tutorial covers configuring a FreeRADIUS server on Linux and setting up the appropriate client-side software on Windows, Linux, and OS X.


Previous Page
Next Page