Home Page Icon
Home Page
Table of Contents for
802.11 Security
Close
802.11 Security
by Bruce Potter, Bob Fleck
802.11 Security
802.11 Security
Preface
Assumptions About the Reader
Scope of the Book
Conventions Used in This Book
Other Sources of Information
Standards and References
Operating-System-Specific Documentation
Mailing Lists
We’d Like to Hear from You
Acknowledgments
From Bruce Potter
From Bob Fleck
I. 802.11 Security Basics
1. A Wireless World
What Is Wireless?
Radio Transmission
Data Rate
Signal Strength
Antennas
Inherent Insecurity
802.11
History of 802.11
Structure of 802.11 MAC
BSS and IBSS
WEP
Encryption
Authentication
Problems with WEP
Key Management
Encryption Issues
Is It Hopeless?
2. Attacks and Risks
An Example Network
Denial-of-Service Attacks
Application (OSI Layer 7)
Transport (OSI Layer 4)
Network (OSI Layer 3)
Data-Link (OSI Layer 2)
Physical (OSI Layer 1)
Wireless DoS Attacks
802.11b physical attacks
802.11b data-link DoS attacks
802.11b network DoS attacks
Man-in-the-Middle Attacks
Eavesdropping
Manipulating
Illicit Use
Wireless Risks
Determining Risk
Knowing Is Half the Battle
II. Station Security
3. Station Security
Client Security Goals
Prevent Access to the Client
Secure Communication
SSL
SSH
Audit Logging
Security Updates
4. FreeBSD Station Security
FreeBSD Client Setup
Wireless Kernel Configuration
Security Kernel Configuration
Startup Configuration
Card Configuration
OS Protection
Firewall configuration
Disable unneeded services
Static ARP
Other security concerns
Audit Logging
arpwatch
syslog
swatch
5. Linux Station Security
Linux Client Setup
Kernel Configuration
Wireless Kernel Configuration
Security Kernel Configuration
Startup Configuration
Card Configuration
Card Utilities
OS Protection
Firewall Configuration
Disable Unneeded Services
Static ARP
Other Security Concerns
Audit Logging
arpwatch
syslog
swatch
Secure Communication
6. OpenBSD Station Security
OpenBSD Client Setup
Kernel Configuration
Wireless Kernel Configuration
Security Kernel Configuration
Card Configuration
Startup Configuration
OS Protection
Firewall Configuration
Disable Unneeded Services
Static ARP Entries
Audit Logging
7. Mac OS X Station Security
Mac OS X Setup
Kernel Configuration
Card Configuration
AirPort Access Point Utilities
OS Protection
Disable Unneeded Services
Firewall Configuration
Static ARP Entries
Audit Logging
8. Windows Station Security
Windows Client Setup
OS Protection
Virus Protection
Firewall
Static ARP
Audit Logging
Secure Communication
III. Access Point Security
9. Setting Up an Access Point
General Access Point Security
WEP Keys
MAC Address Filtering
Management Interfaces
Log Host
Trap Host
Authentication Methods
SNMP Monitoring
net-snmp
Scotty/tkined
Setting Up a Linux Access Point
Installation of HostAP
Setting Up a FreeBSD Access Point
Setting Up an OpenBSD Access Point
OpenBSD Startup Files
Securing an OpenBSD Access Point
Taking It to the Gateway
IV. Gateway Security
10. Gateway Security
Gateway Architecture
Secure Installation
Firewall Rule Creation
Audit Logging
11. Building a Linux Gateway
Laying Out the Network
Building the Gateway
Linux Kernel Configuration
Disabling Unneeded Services
Configuring Network Interfaces
Building the Firewall Rules
MAC Address Filtering
DHCP
DNS
Static ARP
Audit Logging
Wrapping Up
12. Building a FreeBSD Gateway
Building the Gateway
FreeBSD Kernel Configuration
Disabling Unneeded Services
Building the Firewall Rules
Rate Limiting
DHCP
DNS
Static ARP
Auditing
13. Building an OpenBSD Gateway
Building the Gateway
OpenBSD Kernel Configuration
Configuring Services
Building the Firewall Rules
Configuring NAT
Rate Limiting
DHCP
DNS
Static ARP
Auditing
14. Authentication and Encryption
Portals
NoCat
WiCap
IPsec VPN
IPsec in a Nutshell
FreeBSD IPsec Implementation
FreeBSD IPsec Client Configuration
FreeBSD IPsec Gateway Configuration
Linux IPsec Implementation
Linux IPsec Client Configuration
Linux IPsec Gateway Configuration
802.1x
Structure of 802.1x
Limitations of 802.1x
802.1x Equipment and Configuration
Authentication server
Authenticator
Supplicant
15. Putting It All Together
Pieces of a Coherent System
User Knowledge
Looking Ahead
Index
Colophon
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Prev
Previous Chapter
Cover
Next
Next Chapter
Preface
802.11 Security
Bruce Potter
Bob Fleck
Editor
Jim Sumser
Copyright © 2002 O'Reilly Media, Inc.
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset