Hackproofing Your Wireless Network book cover

Hackproofing Your Wireless Network

The only way to stop a hacker is to think like one!Wireless technology is a new and rapidly growing field of concentration for network engineers and administrators. Innovative technology is now making the communication between computers a cordless affair. Wireless devices and networks are vulnerable to additional security risks because of their presence in the mobile environment. Hack Proofing Your Wireless Network is the only book written specifically for architects, engineers, and administrators responsible for securing their wireless networks. From making sense of the various acronyms (WAP, WEP, SSL, PKE, PKI, SSL, SSH, IPSEC) to the implementation of security policies, plans, and recovery protocols, this book will help users secure their wireless network before its security is compromised. The only way to stop a hacker is to think like one...this book details the multiple ways a hacker can attack a wireless network - and then provides users with the knowledge they need to prevent said attacks.

Paperback, 608 Pages

Published: March 2002

Imprint: Syngress

ISBN: 978-1-928994-59-6

Contents


  • Foreword

    Chapter 1 The Wireless Challenge

    Introduction

    Wireless Technology Overview

    Defining Cellular-based Wireless

    Defining the Wireless LAN

    The Convergence of Wireless Technologies

    Trends and Statistics

    Understanding the Promise of Wireless

    Wireless Networking

    Understanding the Benefits of Wireless

    Convenience

    Affordability

    Speed

    Aesthetics

    Productivity

    Facing the Reality of Wireless Today

    Standards Conflicts

    Commercial Conflicts

    Market Adoption Challenges

    The Limitations of “Radio”

    The Limitations of Wireless Security

    Examining the Wireless Standards

    Cellular-based Wireless Networks

    Wireless LAN Networks

    Understanding Public Key Infrastructures and Wireless Networking

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 2 A Security Primer

    Introduction

    Understanding Security Fundamentals and Principles of Protection

    Ensuring Confidentiality

    Ensuring Integrity

    Ensuring Availability

    Ensuring Privacy

    Ensuring Authentication

    Ensuring Authorization

    Ensuring Non-repudiation

    Accounting and Audit Trails

    Using Encryption

    Reviewing the Role of Policy

    Identifying Resources

    Understanding Classification Criteria

    Implementing Policy

    Recognizing Accepted Security and Privacy Standards

    Reviewing Security Standards

    Reviewing Privacy Standards and Regulations

    Addressing Common Risks and Threats

    Experiencing Loss of Data

    Experiencing Denial and Disruption of Service

    Eavesdropping

    Preempting the Consequences of an Organization’s Loss

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 3 Wireless Network

    Architecture and Design

    Introduction

    Fixed Wireless Technologies

    Multichannel Multipoint Distribution Service

    Local Multipoint Distribution Services

    Wireless Local Loop

    Point-to-Point Microwave

    Wireless Local Area Networks

    Why the Need for a Wireless LAN Standard?

    Developing WLANs through the 802.11 Architecture

    The Basic Service Set

    The Extended Service Set

    The CSMA-CA Mechanism

    Configuring Fragmentation

    Using Power Management Options

    Multicell Roaming

    Security in the WLAN

    Developing WPANs through the 802.15 Architecture

    Bluetooth

    HomeRF

    High Performance Radio LAN

    Mobile Wireless Technologies

    First Generation Technologies

    Second Generation Technologies

    2.5G Technology

    Third Generation Technologies

    Wireless Application Protocol

    Global System for Mobile Communications

    General Packet Radio Service

    Short Message Service

    Optical Wireless Technologies

    Exploring the Design Process

    Conducting the Preliminary Investigation

    Performing Analysis of the Existing Environment

    Creating a Preliminary Design

    Finalizing the Detailed Design

    Executing the Implementation

    Capturing the Documentation

    Creating the Design Methodology

    Creating the Network Plan

    Developing the Network Architecture

    Reviewing and Validating the Planning Phase

    Creating a High-Level Topology

    Creating a Collocation Architecture

    Defining the High-Level Services

    Formalizing the Detailed Design Phase

    Understanding Wireless Network Attributes from a Design Perspective

    Application Support

    Physical Landscape

    Network Topology

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 4 Common Attacks and Vulnerabilities

    Introduction

    The Weaknesses in WEP

    Criticisms of the Overall Design

    Weaknesses in the Encryption Algorithm

    Weaknesses in Key Management

    Weaknesses in User Behavior

    Conducting Reconnaissance

    Finding a Target

    Finding Weaknesses in a Target

    Exploiting Those Weaknesses

    Sniffing, Interception, and Eavesdropping

    Defining Sniffing

    Sample Sniffing Tools

    Sniffing Case Scenario

    Protecting Against Sniffing and Eavesdropping

    Spoofing and Unauthorized Access

    Defining Spoofing

    Sample Spoofing Tools

    Spoofing Case Scenario

    Protecting Against Spoofing and Unauthorized Attacks

    Network Hijacking and Modification

    Defining Hijacking

    Sample Hijacking Tools

    Hijacking Case Scenario

    Protection against Network Hijacking and Modification

    Denial of Service and Flooding Attacks

    Defining DoS and Flooding

    Sample DoS Tools

    DoS and Flooding Case Scenario

    Protecting Against DoS and Flooding Attacks

    The Introduction of Malware

    Stealing User Devices

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 5 Wireless Security Countermeasures

    Introduction

    Revisiting Policy

    Addressing the Issues with Policy

    Analyzing the Threat

    Threat Equals Risk Plus Vulnerability

    Designing and Deploying a Secure Network

    Implementing WEP

    Defining WEP

    Creating Privacy with WEP

    The WEP Authentication Process

    WEP Benefits and Advantages

    WEP Disadvantages

    The Security Implications of Using WEP

    Implementing WEP on the Aironet

    Implementing WEP on the ORiNOCO AP-1000

    Securing a WLAN with WEP: A Case Scenario

    Filtering MACs

    Defining MAC Filtering

    MAC Benefits and Advantages

    MAC Disadvantages

    Security Implications of MAC Filtering

    Implementing MAC Filters on the AP-1000

    Implementing MAC Filters on the Aironet 340

    Filtering MAC Addresses: A Case Scenario

    Filtering Protocols

    Defining Protocol Filters

    Protocol Filter Benefits and Advantages

    Protocol Filter Disadvantages

    Security Implications of Using Protocol Filters

    Using Closed Systems and Networks

    Defining a Closed System

    Closed System Benefits and Advantages

    Closed System Disadvantages

    Security Implications of Using a Closed System

    A Closed Environment on a Cisco Aironet Series AP

    A Closed Environment on an ORiNOCO AP-1000

    Implementing a Closed System: A Case Scenario

    Enabling WEP on the ORiNOCO Client

    Allotting IPs

    Defining IP Allocation on the WLAN

    Deploying IP over the WLAN: Benefits and Advantages

    Deploying IP over the WLAN: Disadvantages

    Security Implications of Deploying IP over the WLAN

    Deploying IP over the WLAN: A Case Scenario

    Using VPNs

    VPN Benefits and Advantages

    VPN Disadvantages

    Security Implications of Using a VPN

    Layering Your Protection Using a VPN

    Utilizing a VPN:A Case Scenario

    Securing Users

    End User Security Benefits and Advantages

    End User Security Disadvantages

    User Security: A Case Scenario

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 6 Circumventing Security Measures

    Introduction

    Planning and Preparations

    Finding a Target

    Detecting an Open System

    Detecting a Closed System

    Exploiting WEP

    Security of 64-bit versus 128-bit Keys

    Acquiring a WEP Key

    War Driving

    What Threat Do These “Open Networks” Pose to Network Security?

    Stealing User Devices

    What Are the Benefits of Device Theft?

    MAC Filtering

    Determining MAC Filtering Is Enabled

    MAC Spoofing

    Bypassing Advanced Security Mechanisms

    Firewalls

    What Happens Now?

    Exploiting Insiders

    Installing Rogue Access Points

    Where Is the Best Location for a Rogue AP?

    Configuring the Rogue AP

    Risks Created by a Rogue AP

    Are Rogue APs Detectable?

    Exploiting VPNs

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 7 Monitoring and Intrusion Detection

    Introduction

    Designing for Detection

    Starting with a Closed Network

    Ruling Out Environmental Obstacles

    Ruling Out Interference

    Defensive Monitoring Considerations

    Availability and Connectivity

    Monitoring for Performance

    Intrusion Detection Strategies

    Integrated Security Monitoring

    Popular Monitoring Products

    Conducting Vulnerability Assessments

    Incident Response and Handling

    Policies and Procedures

    Reactive Measures

    Reporting

    Cleanup

    Prevention

    Conducting Site Surveys for Rogue Access Points

    The Rogue Placement

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 8 Auditing

    Introduction

    Designing and Planning a Successful Audit

    Types of Audits

    When to Perform an Audit

    Auditing Activities

    Auditing Tools

    Critical Auditing Success Factors

    Defining Standards

    Standards

    Guidelines

    Best Practices

    Policies

    Procedures

    Auditing, Security Standards, and Best Practices

    Corporate Security Policies

    Auditing Charters and Irregularities

    Establishing the Audit Scope

    Establishing the Documentation Process

    Performing the Audit

    Auditors and Technologists

    Obtaining Support from IS/IT Departments

    Gathering Data

    Analyzing Audit Data

    Matrix Analysis

    Recommendations Reports

    Generating Audit Reports

    The Importance of Audit Report Quality

    Writing the Audit Report

    Final Thoughts on Auditing

    Sample Audit Reports

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 9 Case Scenarios

    Introduction

    Implementing a Non-secure Wireless Network

    Implementing an Ultra-secure Wireless LAN

    Physical Location and Access

    Configuring the AP

    Designing Securely

    Securing by Policy

    Taking a War Drive

    Scouting Your Location

    Installing in Difficult Situations

    Developing a Wireless Security Checklist

    Minimum Security

    Moderate Security

    Optimal Security

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Appendix: Hack Proofing Your Wireless Network Fast Track

    Index


Advertisement

advert image