Description

In many penetration tests, there is a lot of useful information to be gathered from the radios used by organizations. These radios can include two-way radios used by guards, wireless headsets, cordless phones and wireless cameras. Wireless Reconnaissance in Penetration Testing describes the many ways that a penetration tester can gather and apply the information available from radio traffic. Stopping attacks means thinking like an attacker, and understanding all the ways that attackers gather information, or in industry terms profile, specific targets. With information from what equipment to use and how to find frequency information, to tips for reducing radio information leakage, to actual case studies describing how this information can be used to attack computer systems, this book is the go-to resource for penetration testing and radio profiling.

Key Features

  • Author Matthew Neely is a respected and well-known expert and speaker on radio reconnaissance and penetration testing
  • Includes real-world case studies of actual penetration tests using radio profiling
  • Covers data leakage, frequency, attacks, and information gathering

Readership

Information Security Professionals, Penetration Testers, Risk Analysts, Security Operations, Wireless Network Engineers

Table of Contents

Dedication

Author Biography

Preface

Chapter 1. Why Radio Profiling?

Guard Radios, Wireless Headsets, Cordless Phones, Wireless Cameras, Building Control Systems

Case Study

Chapter 2. Basic Radio Theory and Introduction to Radio Systems

The Electromagnetic Spectrum

Regulatory Agencies

Applying the Science: Radio Technology Basics

Antennas

Modulation

Radio Systems

Summary

Further Learning

Chapter 3. Targets

Two-Way Radios Used for Verbal Communication

Devices that Use Radio Frequencies

Chapter 4. Offsite Profiling

What is Offsite Profiling?

Case Study: Offsite Profiling

Chapter 5. Onsite Radio Profiling

Initial Onsite Reconnaissance

The Guard Force

Using a Frequency Counter

Visual Recon

Search Common Frequency Ranges

Common Ranges

Scanner Tips

Finding Trunked Systems

Case Study: Onsite Profiling

Chapter 6. How to Use the Information You Gather

Who is Guarding the Guards?

Monitoring Phone Calls

Wireless Cameras

Chapter 7. Basic Overview of Equipment and How it Works

Common Scanner Controls and Features

Selecting a Scanner

Scanners Recommended for Wireless Reconnaissance

Building You Kit: Helpful Accessories

Chapter 8. The House Doesn’t Always Win: A Wireless Reconnaissance Case Study

Introduction

Office Work

Out in the Field

Glitz and Glamour

Learning the Local Lingo

Time to Gamble

Inside

Chapter 9. New Technology

Everything is Going Digital

Software-Defined Radios (SDRs)

Network-Enabled Dispatch Systems

Conclusions and Looking Forward

Glossary

Index

Details

No. of pages:
226
Language:
English
Copyright:
© 2013
Published:
Imprint:
Syngress
Print ISBN:
9781597497312
Electronic ISBN:
9781597497329

About the authors

Matthew Neely

Matthew Neely (CISSP, CTGA, GCIH, GCWN) is the Profiling Team Manager at SecureState, a Cleveland, Ohio-based security consulting company.

Reviews

"Despite the increasingly number of wireless devices, these security and information technology professionals contend that physical penetration tests for defending computer systems and companies neglect wireless traffic outside of Bluetooth and 802.11 devices and thus, often miss testing other wireless devices such as guard radios, wireless headsets, and cordless phones."--Reference and Research Book News, August 2013