Introduction
Few technologies have so rapidly reached the ubiquitous level that wireless technologies have. Just over ten years ago, wireless networks were still considered expensive for consumers and something of a luxury for general business use. Then, the market demanded access to data whenever and wherever, and wireless networks exploded everywhere, permeating every aspect of our lives. Now almost every new device (including many that don’t need it) is made with integrated wireless services.
This book is designed for IT professionals who need to quickly understand the risks and vulnerabilities associated with deploying and managing a wireless network and need a good foundation for designing and deploying secure wireless networks. This book does more than just detail specific attacks; it provides an understanding of the underlying attack vectors and techniques so that future attacks can be quickly understood.
This book is written as a no-nonsense guide to get you up to speed quickly without glossing over the important technical details. I tried to provide you with enough technical information without going into meaningless details. You, the reader, will be the best judge of how successful I have been.
You will learn the attack vectors inherent in all wireless technologies, which will remain true for technologies that haven’t even been released yet. We will cover specific weaknesses in WEP and WPA as well as weaknesses in the operation of wireless client devices. We will also cover the most common attack tools used to circumvent WEP and WPA wireless networks.
Next, you’ll learn about the real-world, actionable defenses you can put in place today to make your wireless network as secure as possible. We’ll cover the implementation of a secure WPA2-Enterprise network. You’ll also learn how to configure the “holy grail” of secure wireless networks: WPA2-Enterprise with certificate-based authentication. We’ll cover an entire deployment, including the configuration of a Microsoft RADIUS server, Microsoft Certificate Services, certificate auto-enrollment, and Group Policy wireless settings.
We’ll also cover some of the auxiliary technologies that can be used to support your secure wireless design as well as strategic options for technologies you’re probably already familiar with, such as firewalls, IDS/IPS, switches, and routers.
Wireless technologies are among the most interesting and fun technologies in wide use today. My hope is that besides learning valuable information to help further your career, you’ll have fun learning about the current attack vectors and appropriate defenses.
About the Series
I worked with the publisher to develop several special editorial elements for this series that I hope you find helpful while navigating the book—and furthering your career.
Lingo
The Lingo boxes are designed to help you become familiar with common security terminology so that you’re never held back by an unfamiliar word or expression.
IMHO
IMHO stands for In My Humble Opinion. When you come across an IMHO box, you’ll be reading my frank, personal opinion based on experiences in the security industry.
Budget Note
The Budget Note sections are designed to help put you at ease when discussing security budget requirements within your organization. They provide tips and ideas for initiating successful, informed conversations about budgets.
In Actual Practice
Theory might teach us smart tactics for business, but there are in-the-trenches exceptions to every rule. The In Actual Practice feature highlights how things actually get done in the real world (as well as exceptions to the rule) and why.
Your Plan
The Your Plan areas offer strategic ideas that can be helpful to review as you get into planning mode, as you refine a plan outline, and as you embark on a final course of action.
Into Action
The Into Action lists help you in taking action on the job. These lists contain steps, tips, and ideas to help you plan, prioritize, and work as effectively as possible.
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.