Home Page Icon
Home Page
Table of Contents for
Part III Real-World Wireless Security Defenses
Close
Part III Real-World Wireless Security Defenses
by Tyler Wrightson
Wireless Network Security: A Beginner’s Guide
Cover
About the Author
Copyright
Dedication
Contents
Acknowledgments
Introduction
Part I Wireless Foundations
1 Introduction to the Wireless Security Mindset
What You Will Learn
Security 101: The 11 Security Principles
Principle 1: Security Versus Convenience
Principle 2: It Is Impossible to Eliminate All Risks
Principle 3: Rules of Risk Calculation and Mitigating Controls
Principle 4: Not All Risks Must Be Mitigated
Principle 5: Security Is Not Just Keeping the Bad Guys Out
Principle 6: ROI Doesn’t Work for Security
Principle 7: Defense In Depth
Principle 8: Least Privilege
Principle 9: CIA Triad
Principle 10: Prevention, Detection, Deterrents
Principle 11: Prevention Fails
Wireless Networking Basics
802.11a/b/g/n
Access Points
Autonomous vs. Controller Based
SSID, BSSID, MAC Address
Beacons and Broadcasts
Associating and Authenticating
Encryption
2 Wireless Tools and Gadgets
A Lab of Your Own
Client Devices
Phones
Printers
Access Points
DD-WRT
WRT54G
Apple Airport Express
Mini Access Points
Mobile Hotspots
Smartphones
Enterprise-Grade Access Points
Antennas
Types of Antennas
Gadgets
GPS
Smartphones and PDAs
Pocket Wireless Scanners
Spectrum Analyzer
Operating System of Choice
Part II Know Thy Enemy
3 Theory of Attacks on Wireless Networks
Setting the Stage
Wireless Reconnaissance
SSID Decloaking
Passive Packet Captures
Store and Crack at Your Convenience
Man-in-the-Middle Attacks
MITM—OK, Now What?
Authentication
WEP Authentication
Encryption
Stream Ciphers vs. Block Ciphers
How WEP Works
History of Breaking WEP
Attacking WEP Encrypted Networks
How WPA Works
WPA-PSK
WPA-Enterprise
WPA2 Encryption Algorithms
Attacking WPA Protected Networks
So What Should I Use?
4 Attacking Wireless Networks
Wireless Reconnaissance
The iwlist Command
Kismet
Kismac
Wardrive
Netstumbler
Actively Attacking Wireless Networks
Cracking WEP Encryption
Cracking a WPA Passphrase
5 Attacking Wireless Clients
Wireless World
Wireless Client Vulnerabilities
Factors That Exacerbate Wireless Client Vulnerabilities
Wireless Reconnaissance
Kismet
Airodump
Sniffing Insecure Communications
Capturing Packets
Can We Force the Client to Talk to Us?
Creating a Linux Access Point
Forcing the Client to Talk to Us
Default Operations
Man-in-the-Middle Attacks
DNS Spoofing
Fake Webauth
SSL MITM
SSL Stripping
Fake AV Updates
Part III Real-World Wireless Security Defenses
6 Theory of Defense for Securing Wireless Networks
Setting the Stage
Context
Reality
The Attacker Has the Advantage
Phases of Wireless Deployment
New Deployments
Existing Wireless Networks
Wireless Refresh
Secure Design Principles for Wireless Networks
Defense In Depth
Least Privilege
Network Segmentation
Wireless Assessments
Secure the Infrastructure
Rogue AP Detection
Physical Security
Change the Default Configurations
Due Diligence
Confidentiality Integrity Availability (CIA)
Useless Defenses
Faraday Cage
MAC Filtering
SSID Cloaking
WEP
WEP Cloaking
Good Wireless Defenses
Firewalls
Routers
Switches
Intrusion Detection Systems and Intrusion Prevention Systems
Wireless Intrusion Detection and Intrusion Prevention Systems
Honeypots
Web Authentication Gateways
7 Understanding the WPA2-Enterprise with Certificates Architecture
Introduction to WPA2-Enterprise with Digital Certificates
Public Key Infrastructure and Digital Certificates
Public Key Cryptography: Asymmetric Encryption Algorithms
Digital Certificates
Microsoft Certificate Services
Remote Authentication Dial-In User Service
802.1x: Port-Based Access Control
RADIUS and 802.1x
WPA Enterprise Architecture
8 Deploying a WPA-Enterprise Network with Certificates
Install and Configure the Certification Authority
Install Active Directory Certificate Services
Configure the Certificate Template and Auto-Enrollment
Allow Pre-logon Authentication
Configure the RADIUS Server
Configure the Wireless Access Point
Authenticate to the Wireless Network
9 Deploying Secure Wireless Networks
WPA2-Enterprise Wireless Networks
Configure the Network Policy Server (RADIUS)
Configure the Wireless Access Point
Configure the Wireless Client
Troubleshooting PEAP Authentication
Troubleshooting RADIUS Authentication
Securing Your Wireless Network
Segmenting Wireless Networks
Restricting Users
Restricting Time
Restricting Network Subnets and TCP Ports
10 Handling Wireless Guest Access
Guest Networks and Internet Access
Authenticating Guest Users and Managing Guest Credentials
Using Captive Web Portals
Guest Users Only
Encrypting Traffic
Using Auto-Expiring Credentials
Allowing Secure Access to Internal Resources
Authenticating Consultants
Segmenting Guest Wireless Networks from Internal Networks
DMZ with Jump Stations
Virtual Private Networking
11 Handling Rogue Access Points and the Future of Wireless Security
Handling Rogue Access Points
Preventing Rogue Wireless Networks
Manually Detecting Rogue Wireless Networks
Tracing Malicious Rogue Access Points
Handling Rogue Access Points
Automated Detection of Rogue Wireless Networks
Other Wireless Technologies
Next-Gen Solutions
Lightweight Wireless Solutions
Cloud-based Wireless Solutions
Dedicated Wireless IDS
Client Protection
User Education
Technical Solutions for Endpoint Security
Group Policy Objects
A Introduction to Linux: The Wireless Engineer’s Operating System of Choice
The Linux Operating System
BackTrack: Our Linux Distribution of Choice
Downloading and Burning BackTrack
Booting BackTrack from a USB Drive
Booting to BackTrack
The Gnome Graphical Environment
Basic Linux Commands
Understanding the Linux Shell
Running Commands
Getting Help with Linux Commands
Navigating the Linux File System
Installing Software on BackTrack
Basic User Administration
Basic Networking Configuration
Understanding Linux File Permissions
Basic Scripting
Conclusion
Glossary
Index
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Prev
Previous Chapter
5 Attacking Wireless Clients
Next
Next Chapter
6 Theory of Defense for Securing Wireless Networks
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset