Index

A

A2DP (Advanced Audio Distribution Profile), 289

A5/1 algorithm, 10

Absolute Value systems wireless cards list, 104

access messages (RADIUS), 74

ACK packets, 64

active scanning, 92-95

active tools, 92

Address Resolution Protocol (ARP)

ARP traffic, 163

ARP-spoofing tools, 285

layer 2/3 address resolution and, 337

addresses

broadcast, 339-340

discovering IP, 337-338

in packets, 63-64

adduser payload, 356

Advanced Audio Distribution Profile (A2DP), 289

Advanced Encryption Standard (AES), 5, 10

AH (Authentication Header), 233

AID (Association ID), 67-68

Airbase

downloading and installing, 112-113

jc-wepcrack and, 174

aircrack

airmon.sh script and, 148

to break WEP on Linux, 180-182

to break WEP on OS X, 183

to break WEP on Windows, 182

airdecap, decrypting packet captures with, 211-212

AirDefense, rogue APs and, 194

aireplay utility, 169-170

AirJack driver, 107

airmon.sh script, 148

Aironet

antennas, 256

cards (802.11b), 102

AiroPeek, 140-146

capturing packets, 144-145

overview of, 140-141

transmitting packets, 146

Wireless Statistics (WarDriving Display), 141-144

AirPcap, 117

airpwn tool, 285

Airsnarf Rogue Squadron, 193-194

Airsnort, 180

algorithms. See also specific algorithms

dictionary attacks against, 179-180

passphrase algorithm vulnerabilities, 178

allocations, U.S. frequency, 43-44

AM (amplitude modulation), 25, 26

amperes (amps), 21

amplification, 41

amplifiers, RF, 41-43, 120

amplitude, 17, 41

amplitude modulation (AM), 25, 26

amps, 21

analog modulation techniques, 25-26

A-nonce (authenticator-nonce), 83, 85

antennas, 36-42

Aironet, 256

base-station, 119

basics of, 117-120

design of, 40-41

gain, 36-38

omnidirectional, 256

polarization of, 39

radiation efficiency of, 39-40

radiation pattern and, 36-38

resonant frequency and, 37-39

Yagi, 294

application-specific vulnerability, Bluetooth devices and, 291

APs

authenticating to user, 802.11i, 82-84

configuring, 244

ARP. See Address Resolution Protocol

arrays, antenna, 41

Asleap tool, 215

Association ID (AID), 67-68

association requests, 162

Atbash alphabet, 8

Atheros

Atheros 802.11 chipset, 103

TamoSoft Atheros Driver, 117

WildPackets Atheros driver, 117

attacks. See also Bluetooth; client attacks; spoofing; statistical attacks; WEP keys, defeating

advanced attacks against WEP, 185-188

attacking PMK over RADIUS, 221-222

attacking WPA/80211i., 204-212

basic types of, 168

billing attacks on hotspots, 272-273

deauthentication, 169-170

defending against advanced WEP attacks, 188

detecting with WIDS, 235-236

DoS, 285

EAP-TLS, attacking, 213

LEAP, 215-216

MAC spoofing MITM, 271

miscellaneous, 198-200

MITM, 217

against PEAP/EAP-TTLS, 217-222

statistical attacks against WEP, 344-347

WPA/802.11i enterprise authentication, 180, 183-184, 212-223

authentication. See also deauthentication

802.11i EAP requirements for, 80-82

Authentication Header, 233

authenticating SP to user, 82-84

authenticators, 70

configuring enterprise, 230

LEAP (CISCO-EAP), 230

types of, 184-185

upper layer, 234-235

using 802.11i, 78-84

WPA enterprise authentication exchange, 207

authenticator-nonce (A-nonce), 83, 85

autorooting of Bluetooth, 326-329

azimuth radiation pattern, 37-38