Seven Deadliest Wireless Technologies Attacks

By

  • Brad Haines, Chief researcher of Renderlab.net

Seven Deadliest Wireless Technologies Attacks provides a comprehensive view of the different attacks against popular wireless protocols and systems. Each chapter includes an example real attack scenario; an analysis of the attack; and methods for mitigating the attack. Common themes will emerge throughout the book, but each wireless technology has its own unique quirks that make it useful to attackers in different ways, making understanding all of them important to overall security as rarely is just one wireless technology in use at a home or office. The book contains seven chapters that cover the following: infrastructure attacks, client attacks, Bluetooth attacks, RFID attacks; along with attacks on analog wireless devices, cell phones, PDAs, and other hybrid devices. One chapter deals with the problem of bad encryption. It demonstrates how something that was supposed to protect communications can end up providing less security than advertised. This book is intended for novices and anyone in a technical role either as the family tech support to corporate IT managers. It also assumes some familiarity with basic networking and computer use.
View full description

Audience

Information security professionals of all levels; wireless device developers; recreational hackers

 

Book information

  • Published: March 2010
  • Imprint: SYNGRESS
  • ISBN: 978-1-59749-541-7

Reviews

"Seven Deadliest Wireless Technologies Attacks covers an array of wireless technologies and discusses the vulnerabilities and attacks associated with them, allowing the reader to fully understand not only HOW an attack works but WHY it works, using real-world examples supported by theory. This book is perfect for both penetration testers assessing these technologies and security managers who are tasked with managing the risks associated with them."--Tom Neaves, Senior Security Consultant at Verizon Business and Ph.D. Researcher at Royal Holloway, University of London

"I really, really liked this book. The chapters and the book are relatively short, but they are extremely to the point. The author has refrained from using overly technical language, and this fact makes this book perfect for novices and people who are forced to assume technical roles at home or at work. What I espeically liked is the large amount of real-world examples-they drive the point home and make for an interesting read. The text is peppered with notes, warnings and tips, and very enlightening 'Epic Fail' text boxes, where you can learn from other people's and companies' mistakes."--Help Net Security, October 04, 2010




Table of Contents


Acknowledgments

About the Authors

Introduction

Chapter 1 802.11 Wireless - Infrastructure Attacks

    How Wireless Networks Work

    Case Study: TJX Corporation

    Understanding WEP Cracking

    How to Crack WEP

    It Gets Better and Worse

    WPA and WPA2 in a Nutshell

    How to Crack WPA PSK and WPA2 PSK

    Summary

    Endnotes

Chapter 2 Wireless - Client Attacks

    Public Hotspot Dangers

    How Hotspots Work

    Attacking Public Hotspots

    The Crux of the Problem

    Solutions

    Injection Attacks

         Replacing Java Script

    Summary

    Endnote

Chapter 3 Bluetooth Attacks

    Bluetooth Technology

    Hacking Bluetooth

         Bluetooth Discovery

    Connecting

         Carwhisperer

         Bluebug

    Wholesale Sniffing

    Bluetooth Viruses

    Summary

Chapter 4 Radio Frequency Identification Attacks

    RFID Basics

         RFID Systems

    RFID Risks

    Physical Access Control

         Proximity Cards

         Cloning RFID

         Minimizing the Risk

    RFID Meets Crypto

    Summary

    Endnotes

Chapter 5 Analog Wireless Devices

    Analog Devices

    Digital versus Analog

         Analog Security

         Digital Security

    Cordless and Wireless

    Exploiting Analog Wireless

         Audio Vulnerabilities

    Scanner Selection

         Headsets

    Wireless Microphones

    Video Devices

    Defense

    Summary

Chapter 6 Bad Encryption

    History

    Proper Encryption

    Passports

    Passport Summary

    Speedpass

    Advanced WPA and WPA2 Cracking

    Summary

    Endnote

Chapter 7 Cell Phones, Personal Digital Assistants, and Other Hybrid Devices

    Hybrid Devices

    History

    Anatomy of the Attack

         Jailbreaking

    The Attacks

    Future Attacks

         Offensive Uses of Hybrid Devices

         Anonymity

    iPhone Summary

         Android Security

         Common Threats

    Summary

Index