Hackproofing Your Wireless Network

The only way to stop a hacker is to think like one! Wireless technology is a new and rapidly growing field of concentration for network engineers and administrators. Innovative technology is now making the communication between computers a cordless affair. Wireless devices and networks are vulnerable to additional security risks because of their presence in the mobile environment. Hack Proofing Your Wireless Network is the only book written specifically for architects, engineers, and administrators responsible for securing their wireless networks. From making sense of the various acronyms (WAP, WEP, SSL, PKE, PKI, SSL, SSH, IPSEC) to the implementation of security policies, plans, and recovery protocols, this book will help users secure their wireless network before its security is compromised. The only way to stop a hacker is to think like one...this book details the multiple ways a hacker can attack a wireless network - and then provides users with the knowledge they need to prevent said attacks.

Table of Contents:
Foreword Chapter 1 The Wireless Challenge Introduction Wireless Technology Overview Defining Cellular-based Wireless Defining the Wireless LAN The Convergence of Wireless Technologies Trends and Statistics Understanding the Promise of Wireless Wireless Networking Understanding the Benefits of Wireless Convenience Affordability Speed Aesthetics Productivity Facing the Reality of Wireless Today Standards Conflicts Commercial Conflicts Market Adoption Challenges The Limitations of “Radio” The Limitations of Wireless Security Examining the Wireless Standards Cellular-based Wireless Networks Wireless LAN Networks Understanding Public Key Infrastructures and Wireless Networking Summary Solutions Fast Track Frequently Asked Questions Chapter 2 A Security Primer Introduction Understanding Security Fundamentals and Principles of Protection Ensuring Confidentiality Ensuring Integrity Ensuring Availability Ensuring Privacy Ensuring Authentication Ensuring Authorization Ensuring Non-repudiation Accounting and Audit Trails Using Encryption Reviewing the Role of Policy Identifying Resources Understanding Classification Criteria Implementing Policy Recognizing Accepted Security and Privacy Standards Reviewing Security Standards Reviewing Privacy Standards and Regulations Addressing Common Risks and Threats Experiencing Loss of Data Experiencing Denial and Disruption of Service Eavesdropping Preempting the Consequences of an Organization’s Loss Summary Solutions Fast Track Frequently Asked Questions Chapter 3 Wireless Network Architecture and Design Introduction Fixed Wireless Technologies Multichannel Multipoint Distribution Service Local Multipoint Distribution Services Wireless Local Loop Point-to-Point Microwave Wireless Local Area Networks Why the Need for a Wireless LAN Standard? Developing WLANs through the 802.11 Architecture The Basic Service Set The Extended Service Set The CSMA-CA Mechanism Configuring Fragmentation Using Power Management Options Multicell Roaming Security in the WLAN Developing WPANs through the 802.15 Architecture Bluetooth HomeRF High Performance Radio LAN Mobile Wireless Technologies First Generation Technologies Second Generation Technologies 2.5G Technology Third Generation Technologies Wireless Application Protocol Global System for Mobile Communications General Packet Radio Service Short Message Service Optical Wireless Technologies Exploring the Design Process Conducting the Preliminary Investigation Performing Analysis of the Existing Environment Creating a Preliminary Design Finalizing the Detailed Design Executing the Implementation Capturing the Documentation Creating the Design Methodology Creating the Network Plan Developing the Network Architecture Reviewing and Validating the Planning Phase Creating a High-Level Topology Creating a Collocation Architecture Defining the High-Level Services Formalizing the Detailed Design Phase Understanding Wireless Network Attributes from a Design Perspective Application Support Physical Landscape Network Topology Summary Solutions Fast Track Frequently Asked Questions Chapter 4 Common Attacks and Vulnerabilities Introduction The Weaknesses in WEP Criticisms of the Overall Design Weaknesses in the Encryption Algorithm Weaknesses in Key Management Weaknesses in User Behavior Conducting Reconnaissance Finding a Target Finding Weaknesses in a Target Exploiting Those Weaknesses Sniffing, Interception, and Eavesdropping Defining Sniffing Sample Sniffing Tools Sniffing Case Scenario Protecting Against Sniffing and Eavesdropping Spoofing and Unauthorized Access Defining Spoofing Sample Spoofing Tools Spoofing Case Scenario Protecting Against Spoofing and Unauthorized Attacks Network Hijacking and Modification Defining Hijacking Sample Hijacking Tools Hijacking Case Scenario Protection against Network Hijacking and Modification Denial of Service and Flooding Attacks Defining DoS and Flooding Sample DoS Tools DoS and Flooding Case Scenario Protecting Against DoS and Flooding Attacks The Introduction of Malware Stealing User Devices Summary Solutions Fast Track Frequently Asked Questions Chapter 5 Wireless Security Countermeasures Introduction Revisiting Policy Addressing the Issues with Policy Analyzing the Threat Threat Equals Risk Plus Vulnerability Designing and Deploying a Secure Network Implementing WEP Defining WEP Creating Privacy with WEP The WEP Authentication Process WEP Benefits and Advantages WEP Disadvantages The Security Implications of Using WEP Implementing WEP on the Aironet Implementing WEP on the ORiNOCO AP-1000 Securing a WLAN with WEP: A Case Scenario Filtering MACs Defining MAC Filtering MAC Benefits and Advantages MAC Disadvantages Security Implications of MAC Filtering Implementing MAC Filters on the AP-1000 Implementing MAC Filters on the Aironet 340 Filtering MAC Addresses: A Case Scenario Filtering Protocols Defining Protocol Filters Protocol Filter Benefits and Advantages Protocol Filter Disadvantages Security Implications of Using Protocol Filters Using Closed Systems and Networks Defining a Closed System Closed System Benefits and Advantages Closed System Disadvantages Security Implications of Using a Closed System A Closed Environment on a Cisco Aironet Series AP A Closed Environment on an ORiNOCO AP-1000 Implementing a Closed System: A Case Scenario Enabling WEP on the ORiNOCO Client Allotting IPs Defining IP Allocation on the WLAN Deploying IP over the WLAN: Benefits and Advantages Deploying IP over the WLAN: Disadvantages Security Implications of Deploying IP over the WLAN Deploying IP over the WLAN: A Case Scenario Using VPNs VPN Benefits and Advantages VPN Disadvantages Security Implications of Using a VPN Layering Your Protection Using a VPN Utilizing a VPN:A Case Scenario Securing Users End User Security Benefits and Advantages End User Security Disadvantages User Security: A Case Scenario Summary Solutions Fast Track Frequently Asked Questions Chapter 6 Circumventing Security Measures Introduction Planning and Preparations Finding a Target Detecting an Open System Detecting a Closed System Exploiting WEP Security of 64-bit versus 128-bit Keys Acquiring a WEP Key War Driving What Threat Do These “Open Networks” Pose to Network Security? Stealing User Devices What Are the Benefits of Device Theft? MAC Filtering Determining MAC Filtering Is Enabled MAC Spoofing Bypassing Advanced Security Mechanisms Firewalls What Happens Now? Exploiting Insiders Installing Rogue Access Points Where Is the Best Location for a Rogue AP? Configuring the Rogue AP Risks Created by a Rogue AP Are Rogue APs Detectable? Exploiting VPNs Summary Solutions Fast Track Frequently Asked Questions Chapter 7 Monitoring and Intrusion Detection Introduction Designing for Detection Starting with a Closed Network Ruling Out Environmental Obstacles Ruling Out Interference Defensive Monitoring Considerations Availability and Connectivity Monitoring for Performance Intrusion Detection Strategies Integrated Security Monitoring Popular Monitoring Products Conducting Vulnerability Assessments Incident Response and Handling Policies and Procedures Reactive Measures Reporting Cleanup Prevention Conducting Site Surveys for Rogue Access Points The Rogue Placement Summary Solutions Fast Track Frequently Asked Questions Chapter 8 Auditing Introduction Designing and Planning a Successful Audit Types of Audits When to Perform an Audit Auditing Activities Auditing Tools Critical Auditing Success Factors Defining Standards Standards Guidelines Best Practices Policies Procedures Auditing, Security Standards, and Best Practices Corporate Security Policies Auditing Charters and Irregularities Establishing the Audit Scope Establishing the Documentation Process Performing the Audit Auditors and Technologists Obtaining Support from IS/IT Departments Gathering Data Analyzing Audit Data Matrix Analysis Recommendations Reports Generating Audit Reports The Importance of Audit Report Quality Writing the Audit Report Final Thoughts on Auditing Sample Audit Reports Summary Solutions Fast Track Frequently Asked Questions Chapter 9 Case Scenarios Introduction Implementing a Non-secure Wireless Network Implementing an Ultra-secure Wireless LAN Physical Location and Access Configuring the AP Designing Securely Securing by Policy Taking a War Drive Scouting Your Location Installing in Difficult Situations Developing a Wireless Security Checklist Minimum Security Moderate Security Optimal Security Summary Solutions Fast Track Frequently Asked Questions Appendix: Hack Proofing Your Wireless Network Fast Track Index