Index

Symbols

802 standards, History of 802.11
802.11 networks
core unit of, BSS and IBSS
security, Inherent Insecurity
(see also security)
, Inherent Insecurity
(see also WLANs)
802.11 PHY specifications, History of 802.11
802.11 protocols, What Is Wireless?, 802.11, History of 802.11
history of, History of 802.11, History of 802.11
MIB for, SNMP Monitoring
structure of 802.11 MAC, Structure of 802.11 MAC
802.11 Working Group, History of 802.11
802.11a specification, History of 802.11
802.11b networks
DoS attacks, 802.11b network DoS attacks
data-link DoS attacks, 802.11b data-link DoS attacks
physical DoS attacks, 802.11b physical attacks
interference from Bluetooth deployments, 802.11b physical attacks
802.11b specification, History of 802.11
802.11g specification, History of 802.11
802.1x protocol, 802.1x, Supplicant
clients on, Pieces of a Coherent System
equipment and configuration, 802.1x Equipment and Configuration, Supplicant
authentication server, Authentication server, Authentication server
authenticator, Authenticator
supplicant, Supplicant
limitations of, Limitations of 802.1x
structure of, Structure of 802.1x, Structure of 802.1x
vendors supporting, 802.1x Equipment and Configuration
WEP and, Limitations of 802.1x
802.3 CSMA/CD Access Method (see Ethernet)
802.3 Ethernet, What Is Wireless?

A

access points (see APs)
Address Resolution Protocol (ARP), Man-in-the-Middle Attacks
AH (Authenticated Header), IPsec in a Nutshell
AirPort Admin utility, AirPort Access Point Utilities
AirPort card, Card Configuration
AirPort Setup Assistant, AirPort Access Point Utilities
ALTQ interface, Rate Limiting
amplifiers, Signal Strength
ancontrol utility
configuring Cisco cards to associate with authorized MAC addresses, Static ARP Entries
parameters, list of, Card Configuration
antennas, Antennas
antenna diversity, 802.11b data-link DoS attacks
antivirus software, Virus Protection
application-layer DoS attacks, Application (OSI Layer 7)
APs (access points), BSS and IBSS, Setting Up an Access Point, Taking It to the Gateway
databases of, for illicit use, Illicit Use
diversity antennas, 802.11b data-link DoS attacks
FreeBSD, Setting Up a FreeBSD Access Point, Setting Up a FreeBSD Access Point
HostAP installation, Setting Up a FreeBSD Access Point, Setting Up a FreeBSD Access Point
Linux, Setting Up a Linux Access Point, Installation of HostAP
HostAP installation, Installation of HostAP, Installation of HostAP
management interfaces, Management Interfaces
OpenBSD, Setting Up an OpenBSD Access Point, Securing an OpenBSD Access Point
HostAP configuration, Setting Up an OpenBSD Access Point
securing access point, Securing an OpenBSD Access Point
startup files, OpenBSD Startup Files
security, General Access Point Security, Scotty/tkined, Management Interfaces
(see also APs (access points, management interfaces))
authentication methods, Authentication Methods
log host, Log Host
MAC address filtering, MAC Address Filtering
SNMP monitoring, SNMP Monitoring, Setting Up a Linux Access Point
trap host, Trap Host
WEP keys, WEP Keys
ARP (Address Resolution Protocol), Man-in-the-Middle Attacks
ARP poisoning, Man-in-the-Middle Attacks
gateways and, Static ARP
ARP spoofing, arpwatch, Gateway Architecture
(see also ARP poisoning MITM attacks)
arpwatch utility
FreeBSD, arpwatch
Linux, arpwatch
attacks
ARP poisoning, Man-in-the-Middle Attacks
gateways and, Static ARP
ARP spoofing, arpwatch, Gateway Architecture
backhoe DoS, Physical (OSI Layer 1)
cryptographic, Security Kernel Configuration
DoS, Denial-of-Service Attacks, 802.11b network DoS attacks
minimizing effects of, Security Kernel Configuration
wireless, Wireless DoS Attacks, 802.11b network DoS attacks
illicit use, Illicit Use
MITM, Man-in-the-Middle Attacks, Manipulating
eavesdropping, Eavesdropping
manipulating, Manipulating
ping floods, Network (OSI Layer 3)
SYN floods, Transport (OSI Layer 4)
war driving, Inherent Insecurity
attenuation of signal, Signal Strength
auditing logs, Audit Logging
on FreeBSD, Audit Logging, swatch
arpwatch utility, arpwatch
swatch utility, swatch
syslog, syslog
FreeBSD gateways, Auditing
gateway security, Audit Logging
on Linux, Audit Logging
arpwatch utility, arpwatch
swatch utility, swatch
syslog, syslog
Linux gateways, Audit Logging
on Mac OS X, Audit Logging
OpenBSD gateways, Auditing
on Windows, Audit Logging
auth command, Authenticator
Authenticated Header (AH), IPsec in a Nutshell
authentication, Authentication and Encryption, Supplicant
802.1x, 802.1x, Supplicant
equipment and configuration, 802.1x Equipment and Configuration, Supplicant
limitations of, Limitations of 802.1x
access points, Authentication Methods
FreeBSD IPsec implementation, FreeBSD IPsec Implementation
client configuration, FreeBSD IPsec Client Configuration
gateway configuration, FreeBSD IPsec Gateway Configuration, Linux IPsec Gateway Configuration
IPsec VPN, IPsec VPN, Linux IPsec Gateway Configuration
Linux IPsec implementation, Linux IPsec Implementation
client configuration, Linux IPsec Client Configuration
portals, Portals, WiCap
NoCat, NoCat
WiCap, WiCap
WEP and, WEP, Authentication Methods
authentication server (802.1x protocol), Structure of 802.1x
RADIUS server, Authentication server, Authentication server
authenticator (802.1x protocol), Structure of 802.1x
Open1x, Authenticator

B

backhoe DoS attacks, Physical (OSI Layer 1)
Basic Service Set (BSS), BSS and IBSS
Berkeley Internet Name Domain (see BIND)
Berkeley Packet Filter (see BPF)
BIND (Berkeley Internet Name Domain)
documention and download resource, DNS
OpenBSD and, DNS
Bluetooth, What Is Wireless?
interference with 802.11b networks, 802.11b physical attacks
BPF (Berkeley Packet Filter)
FreeBSP security kernel configuration, Security Kernel Configuration
bpfilter utility, Security Kernel Configuration
brconfig utility, Securing an OpenBSD Access Point
brctl command, Installation of HostAP
BSS (Basic Service Set), BSS and IBSS
bugtraq mailing list, Mailing Lists

C

Carrier Sense Multiple Access with Collision Avoidance (see CSMA/CA)
CBQ (Class Based Queuing), Rate Limiting
Class Based Queuing (CBQ), Rate Limiting
client station security, Client Security Goals, SSH, Pieces of a Coherent System
auditing logs, Audit Logging
FreeBSD, FreeBSD Station Security, swatch
, FreeBSD Station Security
(see also FreeBSD, client setup)
Linux, Linux Station Security, Secure Communication
card configuration, Card Configuration, Card Configuration
security kernel configuration, Security Kernel Configuration, Security Kernel Configuration
startup configuration, Startup Configuration
wireless kernel configuration, Wireless Kernel Configuration
Mac OS X, Mac OS X Station Security, Audit Logging
AirPort access point utilities, AirPort Access Point Utilities
card configuration, Card Configuration, Card Configuration
kernel configuration, Kernel Configuration
OpenBSD, OpenBSD Station Security, Audit Logging
card configuration, Card Configuration, Card Configuration
security kernel configuration, Security Kernel Configuration
startup configuration, Startup Configuration
wireless kernel configuration, Wireless Kernel Configuration
preventing access, Prevent Access to the Client
secure communication, Secure Communication, SSH
SSH, SSH
SSL, SSL
Windows, Windows Station Security, Secure Communication
closed networks, Authentication Methods
confidentiality, WEP and, WEP
contention for airwaves, Structure of 802.11 MAC
cordless telephones, wireless DoS attacks and, 802.11b physical attacks
CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance), Structure of 802.11 MAC
cvsup utility, Building the Gateway

D

data rate of radio transmissions, Data Rate
data-link DoS attacks, Data-Link (OSI Layer 2)
denial-of-service (DoS) attacks (see DoS attacks)
DHCP (Dynamic Host Configuration Protocol)
FreeBSD gateways, DHCP
latest version, resource for, DHCP
Linux gateways, DHCP
OpenBSD gateways, DHCP
Direct Sequence Spread Spectrum (DSSS), History of 802.11
directional antennas, Antennas
diversity antennas, 802.11b data-link DoS attacks
DNS (Domain Name System)
FreeBSD gateways, DNS
Linux gateways, DNS
OpenBSD gateways, DNS
Domain Name System (see DNS)
DoS attacks (denial-of-service attacks), Denial-of-Service Attacks, 802.11b network DoS attacks
application (OSI layer 7), Application (OSI Layer 7)
data-link (OSI layer 2), Data-Link (OSI Layer 2)
network (OSI layer 3), Network (OSI Layer 3)
physical (OSI layer 1), Physical (OSI Layer 1)
transport (OSI layer 4), Transport (OSI Layer 4)
wireless, Wireless DoS Attacks, 802.11b network DoS attacks
802.11b data-link, 802.11b data-link DoS attacks
802.11b network, 802.11b network DoS attacks
802.11b physical, 802.11b physical attacks
DSSS (Direct Sequence Spread Spectrum), History of 802.11
Dummynet, Rate Limiting
Dynamic Host Configuration Protocol (see DHCP)

E

EAP (Extensible Authentication Protocol), Structure of 802.1x
EAP over LAN protocol (EAPOL), Structure of 802.1x
EAP-TLS, Authentication server
EAPOL (EAP over LAN protocol), Structure of 802.1x
eavesdropping MITM attacks, Eavesdropping
Encapsulated Security Payload (ESP), IPsec in a Nutshell
encryption, Authentication and Encryption
(see also authentication)
WEP and, Encryption
encryption, WEP and
security issues, Encryption Issues
ESP (Encapsulated Security Payload), IPsec in a Nutshell
Ethernet, History of 802.11
bridging tools, Installation of HostAP
Extensible Authentication Protocol (EAP), Structure of 802.1x

F

FHSS (Frequency Hopping Spread Spectrum), History of 802.11
firewalls
client station security, Prevent Access to the Client
FreeBSD
configuration, Firewall configuration
gateways, Building the Firewall Rules, Building the Firewall Rules
verbose logging, Security Kernel Configuration
Linux, Security Kernel Configuration
(see also Netfilter)
configuration, Firewall Configuration
security kernel configuration, Security Kernel Configuration
Mac OS X, configuring, Firewall Configuration, Firewall Configuration
OpenBSD, Security Kernel Configuration, Firewall Configuration
gateways, Building the Firewall Rules, Building the Firewall Rules
rule creation, Firewall Rule Creation
FreeBSD, Building the Firewall Rules, Building the Firewall Rules
Linux, Building the Firewall Rules, Building the Firewall Rules
OpenBSD, Building the Firewall Rules, Building the Firewall Rules
Windows, Firewall
auditing logs, Audit Logging
VPN clients, Firewall
FreeBSD
802.11 cards, support for, FreeBSD Client Setup
auditing logs, Audit Logging, swatch
arpwatch utility, arpwatch
swatch utility, swatch
syslog, syslog
client setup, FreeBSD Client Setup, swatch
card configuration, Card Configuration
security kernel configuration, Security Kernel Configuration, Security Kernel Configuration
startup configuration, Startup Configuration
wireless kernel configuration, Wireless Kernel Configuration, Wireless Kernel Configuration
gateway building, Building a FreeBSD Gateway, Auditing
auditing logs, Auditing
DHCP, DHCP
disabling unneeded services, Disabling Unneeded Services
DNS, DNS
firewall rules, Building the Firewall Rules, Building the Firewall Rules
kernel configuration, FreeBSD Kernel Configuration
static ARP, Static ARP
IPsec client configuration, FreeBSD IPsec Client Configuration
IPsec gateway configuration, FreeBSD IPsec Gateway Configuration
IPsec implementation, FreeBSD IPsec Implementation
kernel security levels, Disabling Unneeded Services
limiting traffic rates, Rate Limiting
operating system protection, OS Protection, Other security concerns
disabling unneeded services, Disable unneeded services
firewall configuration, Firewall configuration
static ARP, Static ARP
Principle of Least Privilege, FreeBSD Client Setup
security-specific options, Security Kernel Configuration
gateway building, FreeBSD Kernel Configuration
setting up access point, Setting Up a FreeBSD Access Point, Setting Up a FreeBSD Access Point
HostAP installation, Setting Up a FreeBSD Access Point, Setting Up a FreeBSD Access Point
station security, FreeBSD Station Security, swatch
FreeBSD Handbook, Operating-System-Specific Documentation
FreeRADIUS, Authentication server
FreeS/WAN package, Linux IPsec Implementation
Frequency Hopping Spread Spectrum (FHSS), History of 802.11

G

gateways
architecture, Gateway Architecture
duties of, Laying Out the Network
FreeBSD, Building a FreeBSD Gateway, Auditing
auditing logs, Auditing
DHCP, DHCP
disabling unneeded services, Disabling Unneeded Services
DNS, DNS
firewall rules, Building the Firewall Rules, Building the Firewall Rules
kernel configuration, FreeBSD Kernel Configuration
limiting traffic rates, Rate Limiting
static ARP, Static ARP
installing, Secure Installation
Linux, Building a Linux Gateway, Wrapping Up
auditing logs, Audit Logging
building firewall rules, Building the Firewall Rules, Building the Firewall Rules
configuring network interfaces, Configuring Network Interfaces
DHCP, DHCP
disabling unneded services, Disabling Unneeded Services
kernel configuration, Linux Kernel Configuration
MAC address filtering, MAC Address Filtering
network layout, Laying Out the Network
running DNS server, DNS
static ARP, Static ARP
OpenBSD, Building an OpenBSD Gateway, Auditing
auditing logs, Auditing
configuring NAT, Configuring NAT
DHCP, DHCP
DNS, DNS
firewall rules, Building the Firewall Rules, Building the Firewall Rules
kernel configuration, OpenBSD Kernel Configuration
limiting traffic rates, Rate Limiting, Rate Limiting
service configuration, Configuring Services
static ARP, Static ARP
security, Gateway Security, Audit Logging
auditing logs, Audit Logging
firewall rule creation, Firewall Rule Creation

H

HFSC (Hierarchical Fair Service Curve), Rate Limiting
Hierarchical Fair Service Curve (HFSC), Rate Limiting
home WLANs, as security risks, Determining Risk
HomeRF, What Is Wireless?
HostAP
FreeBSD installation, Setting Up a FreeBSD Access Point, Setting Up a FreeBSD Access Point
Linux installation, Installation of HostAP, Installation of HostAP
driver, Operating-System-Specific Documentation
Hotspot Locator, Illicit Use

I

IBSS (independent BSS), BSS and IBSS
ICMP_BANDL option (FreeBSD), Security Kernel Configuration
IEEE (Institute of Electrical and Electronics Engineers, What Is Wireless?
history of 802.11 and, History of 802.11
IEEE 802 Standards Online, Standards and References
ifconfig utility, Card Configuration
FreeBSD access point, Setting Up a FreeBSD Access Point
Linux wireless NIC configuration, Card Configuration
OpenBSD access point, Setting Up an OpenBSD Access Point
IKE (Internet Key Exchange protocol), IPsec in a Nutshell
illicit use attacks, Illicit Use
independent BSS (see IBSS)
Industrial, Scientific, and Medical (ISM), History of 802.11
inetd services, disabling, Disabling Unneeded Services
infrastructure networks, BSS and IBSS
installing
gateways, Secure Installation
HostAP on FreeBSD, Setting Up a FreeBSD Access Point, Setting Up a FreeBSD Access Point
HostAP on Linux, Installation of HostAP, Installation of HostAP
Institute of Electrical and Electronics Engineers (see IEEE)
Internet Key Exchange protocol (IKE), IPsec in a Nutshell
IP forwarding, Linux gateway support for, Linux Kernel Configuration
IP security protocol (see IPsec)
ipchains service, disabling, Disabling Unneeded Services
IPFIREWALL options (FreeBSD), Security Kernel Configuration
ipfw program, Security Kernel Configuration
commands, Firewall configuration
FreeBSD gateway, Building the Firewall Rules
IPsec (IP security protocol)
clients on, Pieces of a Coherent System
enabling support for with OpenBSD, Security Kernel Configuration
FreeBSD gateway configuration, FreeBSD IPsec Gateway Configuration
FreeBSD implementation, FreeBSD IPsec Implementation
Linux client configuration, Linux IPsec Client Configuration
Linux gateway configuration, Linux IPsec Gateway Configuration
Linux implementation, Linux IPsec Implementation
modes, IPsec in a Nutshell
IPsec VPN, IPsec VPN, Linux IPsec Gateway Configuration
ipsec.conf, Linux client configuration, Linux IPsec Client Configuration
iptables program, Security Kernel Configuration
iptables services, disabling, Disabling Unneeded Services
IP_ variables (rc.firewall script), Building the Firewall Rules
ISM (Industrial, Scientific, and Medical), History of 802.11
iwconfig utility, Linux wireless NIC configuration, Card Configuration
iwcontrol command, Installation of HostAP
iwpriv command, Installation of HostAP

K

KerneL IP Security (KLIPS), Linux IPsec Implementation
KLIPS (KerneL IP Security), Linux IPsec Implementation

L

LEAP (Lightweight EAP), Structure of 802.1x
Lightweight EAP (LEAP), Structure of 802.1x
Linux
auditing logs, Audit Logging
arpwatch utility, arpwatch
swatch utility, swatch
syslog, syslog
card utilities, Card Utilities
client setup, Linux Client Setup
gateway building, Building a Linux Gateway, Wrapping Up
auditing logs, Audit Logging
configuring network interfaces, Configuring Network Interfaces
DHCP, DHCP
disabling unneeded services, Disabling Unneeded Services
firewall rules, Building the Firewall Rules, Building the Firewall Rules
kernel configuration, Linux Kernel Configuration
MAC address filtering, MAC Address Filtering
network layout, Laying Out the Network
running DNS server, DNS
static ARP, Static ARP
HostAP driver for, Operating-System-Specific Documentation
IPsec client configuration, Linux IPsec Client Configuration
IPsec gateway configuration, Linux IPsec Gateway Configuration
IPsec implementation, Linux IPsec Implementation
iw-based commands, Card Utilities
kernel configuration, Kernel Configuration, Card Utilities
card configuration, Card Configuration, Card Configuration
security kernel, Security Kernel Configuration, Security Kernel Configuration
startup configuration, Startup Configuration
wireless kernel, Wireless Kernel Configuration
operating system protection, OS Protection, Other Security Concerns
disabling unneeded services, Disable Unneeded Services
static ARP, Static ARP
Principle of Least Privilege, Kernel Configuration
setting up access point, Setting Up a Linux Access Point, Installation of HostAP
installing HostAP, Installation of HostAP, Installation of HostAP
station security, Linux Station Security, Secure Communication
Linux Netfilter documentation, Operating-System-Specific Documentation
LLC (Logical Link Control), History of 802.11
logs
auditing, Audit Logging
as OS security on FreeBSD, arpwatch, swatch
on FreeBSD, Audit Logging
FreeBSD gateways, Auditing
gateway security, Audit Logging
on Linux, Audit Logging
Linux gateways, Audit Logging
on Mac OS X, Audit Logging
OpenBSD gateways, Auditing
on Windows, Audit Logging
central log host as security measure, Log Host
gateway security, Audit Logging
spoofed source IP addresses in, Building the Firewall Rules

M

MAC (Media Access), History of 802.11
address filtering (see MAC adress filtering)
structure of 802.11 MAC, Structure of 802.11 MAC
MAC address filtering
access point security, MAC Address Filtering
impact on users, User Knowledge
Linux gateways, MAC Address Filtering
MAC addresses, limiting, Securing an OpenBSD Access Point
Mac OS X
auditing logs, Audit Logging
client setup, Mac OS X Setup, AirPort Access Point Utilities
AirPort access point utilities, AirPort Access Point Utilities
card configuration, Card Configuration, Card Configuration
kernel configuration, Kernel Configuration
operating system protection, OS Protection, Audit Logging
disabling unneeded services, Disable Unneeded Services
firewall configuration, Firewall Configuration, Firewall Configuration
static ARP, Static ARP Entries
station security, Mac OS X Station Security, Audit Logging
mail clients, supporting IMAP or SMTP over SSL, SSL
mailing lists, Mailing Lists
man in the middle (see MITM attacks)
Management Information Base (MIB), SNMP Monitoring
manipulating MITM attacks, Manipulating
Media Access (see MAC)
MIB (Management Information Base), SNMP Monitoring
MIB tree, walking, net-snmp
Microsoft
security patches, OS Protection
security resources, OS Protection
support for 802.1x protocol, 802.1x Equipment and Configuration
MITM (man in the middle-see MITM attacks), Inherent Insecurity
MITM attacks (man-in-the-middle attacks), Man-in-the-Middle Attacks, Manipulating
eavesdropping, Eavesdropping
manipulating, Manipulating
static ARP, Static ARP
mixed environments, Authentication Methods

N

NAT (Network Address Translation)
OpenBSD gateways, Configuring NAT
nat.conf, Configuring NAT
net-snmp monitoring tool, net-snmp
Netfilter, Firewall Configuration
configuration options, Security Kernel Configuration
documentation, Operating-System-Specific Documentation
enabling for Linux gateway, Linux Kernel Configuration
firewall rules for Linux gateway, Building the Firewall Rules, Building the Firewall Rules
firewall rules for Linux gateway, resources for, Building the Firewall Rules
NetStumbler, Illicit Use
Network Address Translation (see NAT)
Network Properties control panel, Windows Client Setup
network-layer DoS attacks, Network (OSI Layer 3)
NoCat portal, NoCat

O

Object Identifier (OID), SNMP Monitoring
OFDM (Orthogonal Frequency Division Multiplexing), History of 802.11
OID (Object Identifier), SNMP Monitoring
omni-directional antennas, Antennas
open networks, Authentication Methods
OpenBSD
auditing logs (see FreeBSD, auditing logs)
BIND and, DNS
client setup, OpenBSD Client Setup, Startup Configuration
firewall, Security Kernel Configuration
gateway building, Building an OpenBSD Gateway, Auditing
auditing logs, Auditing
configuring NAT, Configuring NAT
DHCP, DHCP
DNS, DNS
firewall rules, Building the Firewall Rules, Building the Firewall Rules
kernel configuration, OpenBSD Kernel Configuration
service configuration, Configuring Services
static ARP, Static ARP
kernel configuration, Kernel Configuration, Startup Configuration
card configuration, Card Configuration, Card Configuration
security kernel, Security Kernel Configuration
startup configuration, Startup Configuration
wireless kernel, Wireless Kernel Configuration
kernel security levels, Configuring Services
limiting traffic rates, Rate Limiting, Rate Limiting
operating system protection, OS Protection, Static ARP Entries
disabling unneeded services, Disable Unneeded Services
firewall configuration, Firewall Configuration
static ARP, Static ARP Entries
portability of, Wireless Kernel Configuration
Principle of Least Privilege, Kernel Configuration
securing access point, Securing an OpenBSD Access Point
security vulnerabilities, resource for, Building the Gateway
setting up access point, Setting Up an OpenBSD Access Point, Securing an OpenBSD Access Point
HostAP configuration, Setting Up an OpenBSD Access Point
startup files, OpenBSD Startup Files
station security, OpenBSD Station Security, Audit Logging
WiCap portal, WiCap
OpenDarwin kernel, Kernel Configuration
OpenSSL, Authentication server
operating system-specific documentation, Operating-System-Specific Documentation
Orthogonal Frequency Division Multiplexing (OFDM), History of 802.11

P

PAN (Personal Area Network), What Is Wireless?
passwords, confidentiality of (see client station security, secure communication)
PC cards, diversity antennas, Antennas, 802.11b data-link DoS attacks
PCMCIA cards
FreeBSD kernel support for, Wireless Kernel Configuration
Linux support for, Wireless Kernel Configuration
PCS (Personal Communication Systems, What Is Wireless?
performance, WLANs, A Wireless World
Personal Area Network (PAN), What Is Wireless?
Personal Communication Systems (PCS), What Is Wireless?
pf rules (OpenBSD), enabling, Security Kernel Configuration
pflog file (OpenBSD), enabling, Security Kernel Configuration
philo daemon, Linux IPsec Implementation
PHY (Physical Layer), History of 802.11
Physical Layer (PHY), History of 802.11
physical-layer DoS attacks, Physical (OSI Layer 1)
ping floods, Network (OSI Layer 3)
port scanning, Inherent Insecurity
portals, Portals, WiCap
NoCat, NoCat
WiCap, WiCap
Principle of Least Privilege
FreeBSD, FreeBSD Client Setup
Linux, Kernel Configuration
OpenBSD, Kernel Configuration
Priority Queuing (PRIQ), Rate Limiting
PRIQ (Priority Queuing), Rate Limiting
Prism chipset, Setting Up a Linux Access Point, Setting Up a FreeBSD Access Point, Setting Up an OpenBSD Access Point

Q

QoS (Quality of Service) (see rate limiting)

R

racoon program, FreeBSD IPsec Implementation
gateway configuration, FreeBSD IPsec Gateway Configuration
radio frequency (RF), Inherent Insecurity
radio transmission, Radio Transmission, Antennas
antennas, Antennas
antenna diversity, Antennas, 802.11b data-link DoS attacks
data rate, Data Rate
signal strength, Signal Strength
RADIUS (Remote Authentication Dial In User Service), Structure of 802.1x
Random Early Detection (RED), Rate Limiting
RANDOM_IP_ID option (FreeBSD), Security Kernel Configuration
rate limiting
FreeBSD, Rate Limiting
OpenBSD, Rate Limiting, Rate Limiting
rc-based services, disabling, Disabling Unneeded Services
rc.conf, example settings for FreeBSD gateway, Disabling Unneeded Services
rc.firewall
FreeBSD, ipfw commands, Firewall configuration
Linux firewall rules, Building the Firewall Rules
RC4 symmetric cipher, WEP
RED (Random Early Detection), Rate Limiting
Remote Authentication Dial In User Service (RADIUS), Structure of 802.1x
RF (radio frequency), Inherent Insecurity
risk assessment, Determining Risk
home WLANs, Determining Risk

S

SA (Security Association), IPsec in a Nutshell
Scotty network monitoring tool, Scotty/tkined
Secure Shell (see SSH)
Secure Socket Layer (see SSL)
security
802.11 networks and, Inherent Insecurity
access points, General Access Point Security, Scotty/tkined
authentication, Authentication Methods
log host, Log Host
MAC address filtering, MAC Address Filtering
SNMP monitoring, SNMP Monitoring, Scotty/tkined
trap host, Trap Host
WEP keys, WEP Keys
client stations, Client Security Goals, SSH, Pieces of a Coherent System
auditing logs, Audit Logging
FreeBSD, FreeBSD Station Security, swatch
Linux, Linux Station Security, Secure Communication
Mac OS X, Mac OS X Station Security
OpenBSD, OpenBSD Station Security, Audit Logging
preventing access to, Prevent Access to the Client
secure communication, Secure Communication
Windows, Windows Station Security, Secure Communication
gateways, Gateway Security, Audit Logging
firewall rule creation, Firewall Rule Creation
installation, Secure Installation
as trade-off with convenience, User Knowledge
WEP and, Problems with WEP, Encryption Issues
WLANs and, Inherent Insecurity
, Attacks and Risks
(see also attacks)
Security Association (SA), IPsec in a Nutshell
Security Policy Database (SPD), IPsec in a Nutshell
security updates, Security Updates
service-set identifier (SSID), BSS and IBSS
Shmoo Group’s Global Access Wireless Database, Illicit Use
signal strength of radio transmission, Signal Strength
signal to noise ratio (see SNR)
Simple Network Management Protocol (see SNMP)
SNMP (Simple Network Management Protocol)
access point monitoring, SNMP Monitoring, Setting Up a Linux Access Point
net-snmp, net-snmp
Scotty/tkined, Scotty/tkined
managers and agents, SNMP Monitoring
SNR (signal to noise ratio), Signal Strength
802.11b physical DoS attack and, 802.11b physical attacks
SPD (Security Policy Database), IPsec in a Nutshell
SSH (Secure Shell), SSH
tunneling over, SSH
SSID (service-set identifier), BSS and IBSS
SSL (Secure Socket Layer), SSL
mail clients supporting IMAP or SMTP over SSL, SSL
static ARP
FreeBSD, Static ARP
gateways, Static ARP
Linux, Static ARP
gateways, Static ARP
Mac OS X, Static ARP Entries
OpenBSD, Static ARP Entries
gateways, Static ARP
Windows, Static ARP
supplicant (802.1x protocol), Structure of 802.1x, Supplicant
swatch utility, swatch
on FreeBSD, swatch
SYN cookies, Linux gateway support for, Linux Kernel Configuration
SYN floods, Transport (OSI Layer 4)
syslog
on FreeBSD, syslog
on Linux, syslog
system logs (see auditing logs)
System Preferences dialog box (Mac OS X), Card Configuration
SystemStarter program (Mac OS X), Firewall Configuration

T

TCP_DROP_SYNF option (FreeBSD), Security Kernel Configuration
Tiny Personal Firewall, Firewall
tkined monitoring tool, Scotty/tkined, Installation of HostAP
TLS (Transport Layer Security), Structure of 802.1x
Transport Layer Security (TLS), Structure of 802.1x
transport mode (IPsec), IPsec in a Nutshell
transport-layer DoS attacks, Transport (OSI Layer 4)
traps, Trap Host
tunnel mode (IPsec), IPsec in a Nutshell

U

usernames, confidentiality of (see client station security, secure communication)

V

virus protection on Windows, Virus Protection
vuln-dev mailing list, Mailing Lists

W

WAP (Wireless Application Protocol), What Is Wireless?
war dialing, Inherent Insecurity
war driving, Inherent Insecurity
web servers, swamping with requests, Application (OSI Layer 7)
web sites
book examples, We’d Like to Hear from You
Microsoft’s security resources, OS Protection
as resource for more information, Other Sources of Information
WECA (Wireless Ethernet Compatibility Alliance), Standards and References, History of 802.11
Weighted Fair Queuing (WFQ), Rate Limiting
WEP (Wired Equivalent Privacy), WEP, Encryption Issues
802.1x protocol and, Limitations of 802.1x
authentication, Authentication
client machines on, Pieces of a Coherent System
confidentiality and, Secure Communication
configuring, WEP Keys
eavesdropping MITM attacks and, Eavesdropping
encryption, Encryption
security issues, Encryption Issues
keys (see WEP keys)
security problems with, Problems with WEP
WEP keys, WEP Keys
configuration options, Card Configuration, Installation of HostAP
management of, impact on users, User Knowledge
security problems with, Key Management
wireless card configuration and, Card Configuration
WFQ (Weighted Fair Queuing), Rate Limiting
Wi-Fi, What Is Wireless?, History of 802.11
WiCap portal, WiCap
wicontrol utility
OpenBSD access point, Setting Up an OpenBSD Access Point
parameters, list of, Card Configuration
Windows
auditing logs, Audit Logging
client setup, Windows Client Setup
file sharing on, Firewall
operating system protection, OS Protection, Static ARP
firewall, Firewall
static ARP, Static ARP
virus protection, Virus Protection
station security, Windows Station Security, Secure Communication
Windows 2000, NSA guides for securing, OS Protection
Windows 95/98, lack of security in, OS Protection
Windows ME, lack of security in, OS Protection
Windows NT, NSA guides for securing, OS Protection
Windows Update tool, OS Protection
Windows VPN clients, firewalls and, Firewall
Wired Equivalent Privacy (see WEP)
wireless, What Is Wireless?
, What Is Wireless?
(see also radio transmission)
Wireless Application Protocol (WAP), What Is Wireless?
wireless DoS attacks, Wireless DoS Attacks, 802.11b network DoS attacks
802.11b data-link, 802.11b data-link DoS attacks
802.11b networks, 802.11b network DoS attacks
802.11b physical, 802.11b physical attacks
Wireless Ethernet Compatibility Alliance (see WECA)
Wireless Fidelity (see Wi-Fi)
wireless interface driver types, Wireless Kernel Configuration
Wireless Local Area Networks (see WLANs)
Wireless Markup Language (WML), What Is Wireless?
wireless standards, What Is Wireless?
Wireless Transport Layer Security (WTLS), What Is Wireless?
wireness networks (see WLANs)
WLANs (Wireless Local Area Networks), A Wireless World
performance of, A Wireless World
reasons for deploying, What Is Wireless?
risks, A Wireless World
security of, Inherent Insecurity
(see also security)
signal strength of, Signal Strength
WLCACHE option (FreeBSD), Wireless Kernel Configuration
WLDEBUG (FreeBSD), Wireless Kernel Configuration
WML (Wireless Markup Language), What Is Wireless?
WTLS (Wireless Transport Layer Security, What Is Wireless?

X

xinetd services, disabling, Disabling Unneeded Services
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.217.116.183