ebook img

Hacking Wireless Networks For Dummies PDF

387 Pages·2005·14.18 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Hacking Wireless Networks For Dummies

mcom 1 0599855123 01_597302 _ffirs.qxd 8/4/05 7:08 PM Page i Hacking Wireless Networks FOR DUMmIES ‰ by Kevin Beaver and Peter T.Davis Foreword by Devin K.Akin Chief Technology Officer, The Certified Wireless Network Professional (CWNP) Program mcom 2 0599855123 01_597302 _ffirs.qxd 8/4/05 7:08 PM Page i mcom 3 0599855123 01_597302 _ffirs.qxd 8/4/05 7:08 PM Page i Hacking Wireless Networks FOR DUMmIES ‰ by Kevin Beaver and Peter T.Davis Foreword by Devin K.Akin Chief Technology Officer, The Certified Wireless Network Professional (CWNP) Program mcom 4 0599855123 01_597302 _ffirs.qxd 8/4/05 7:08 PM Page ii Hacking Wireless Networks For Dummies® Published by Wiley Publishing, Inc. 111 River Street Hoboken, NJ 07030-5774 www.wiley.com Copyright © 2005 by Wiley Publishing, Inc., Indianapolis, Indiana Published by Wiley Publishing, Inc., Indianapolis, Indiana Published simultaneously in Canada No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permit- ted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permission should be addressed to the Legal Department, Wiley Publishing, Inc., 10475 Crosspoint Blvd., Indianapolis, IN 46256, (317) 572-3447, fax (317) 572-4355, or online at http://www.wiley.com/go/permissions. Trademarks:Wiley, the Wiley Publishing logo, For Dummies, the Dummies Man logo, A Reference for the Rest of Us!, The Dummies Way, Dummies Daily, The Fun and Easy Way, Dummies.com, and related trade dress are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates in the United States and other countries, and may not be used without written permission. All other trademarks are the property of their respective owners. Wiley Publishing, Inc., is not associated with any product or vendor mentioned in this book. LIMIT OF LIABILITY/DISCLAIMER OF WARRANTY: THE PUBLISHER AND THE AUTHOR MAKE NO REP- RESENTATIONS OR WARRANTIES WITH RESPECT TO THE ACCURACY OR COMPLETENESS OF THE CON- TENTS OF THIS WORK AND SPECIFICALLY DISCLAIM ALL WARRANTIES, INCLUDING WITHOUT LIMITATION WARRANTIES OF FITNESS FOR A PARTICULAR PURPOSE. NO WARRANTY MAY BE CRE- ATED OR EXTENDED BY SALES OR PROMOTIONAL MATERIALS. THE ADVICE AND STRATEGIES CON- TAINED HEREIN MAY NOT BE SUITABLE FOR EVERY SITUATION. THIS WORK IS SOLD WITH THE UNDERSTANDING THAT THE PUBLISHER IS NOT ENGAGED IN RENDERING LEGAL, ACCOUNTING, OR OTHER PROFESSIONAL SERVICES. IF PROFESSIONAL ASSISTANCE IS REQUIRED, THE SERVICES OF A COMPETENT PROFESSIONAL PERSON SHOULD BE SOUGHT. NEITHER THE PUBLISHER NOR THE AUTHOR SHALL BE LIABLE FOR DAMAGES ARISING HEREFROM. THE FACT THAT AN ORGANIZATION OR WEBSITE IS REFERRED TO IN THIS WORK AS A CITATION AND/OR A POTENTIAL SOURCE OF FUR- THER INFORMATION DOES NOT MEAN THAT THE AUTHOR OR THE PUBLISHER ENDORSES THE INFOR- MATION THE ORGANIZATION OR WEBSITE MAY PROVIDE OR RECOMMENDATIONS IT MAY MAKE. FURTHER, READERS SHOULD BE AWARE THAT INTERNET WEBSITES LISTED IN THIS WORK MAY HAVE CHANGED OR DISAPPEARED BETWEEN WHEN THIS WORK WAS WRITTEN AND WHEN IT IS READ. For general information on our other products and services, please contact our Customer Care Department within the U.S. at 800-762-2974, outside the U.S. at 317-572-3993, or fax 317-572-4002. For technical support, please visit www.wiley.com/techsupport. Wiley also publishes its books in a variety of electronic formats. Some content that appears in print may not be available in electronic books. Library of Congress Control Number: 2005924619 ISBN-13: 978-0-7645-9730-5 ISBN-10: 0-7645-9730-2 Manufactured in the United States of America 10 9 8 7 6 5 4 3 2 1 1O/ST/QY/QV/IN mcom 5 0599855123 01_597302 _ffirs.qxd 8/4/05 7:08 PM Page iii About the Authors Kevin Beaver is founder and information security advisor with Principle Logic, LLC, an Atlanta-based information-security services firm. He has over 17 years of experience in the IT industry and specializes in information security assessments for those who take security seriously — and incident response for those who don’t. Before starting his own information-security services business, Kevin served in various information-technology and secu- rity roles for several healthcare, e-commerce, financial, and educational institutions. Kevin is author of Hacking For Dummiesas well as the e-book The Definitive Guide to Email Management and Security(Realtimepublishers.com). In addi- tion, Kevin co-authored The Practical Guide to HIPAA Privacy and Security Compliance(Auerbach Publications). He was also a contributing author and editor of Healthcare Information Systems, 2nd ed., (Auerbach Publications), and technical editor of Network Security For Dummies. Kevin is a regular columnist and information-security expert for SearchSecurity. com, SearchWindowsSecurity.com, SearchNetworking.com, SearchExchange. com, and SearchSmallBizIT.com. He also serves as a contributing editor for HCPro’s Briefings on HIPAA newsletter and is a Security Clinic Expert for ITsecurity.com. In addition, Kevin’s information-security work has been published in Information Security Magazine, SecurityFocus.com, and Computerworld.com. Kevin is an information-security instructor for the Southeast Cybercrime Institute, and frequently speaks on information security at various conferences for CSI, TechTarget, IIA, SecureWorld Expo, and the Cybercrime Summit. Kevin earned his bachelor’s degree in Computer Engineering Technology from Southern Polytechnic State University and his master’s degree in Management of Technology from Georgia Tech. He also holds MCSE, Master CNE, and IT Project+ certifications. Kevin can be reached at [email protected]. Peter T. Davis (CISA, CMA, CISSP, CWNA,CCNA, CMC, CISM) founded Peter Davis+Associates (a very original name) as a firm specializing in the security, audit, and control of information. A 30-year information-systems veteran, Mr. Davis’s career includes positions as programmer, systems analyst, security administrator, security planner, information-systems auditor, and consultant. Peter is also the founder (and past President) of the Toronto ISSA chapter, past Recording Secretary of the ISSA’s International Board, and past Computer Security Institute Advisory Committee member. Mr. Davis has written or co-written numerous articles and 10 books, including Wireless Networks For Dummiesand Securing and Controlling Cisco Routers. In addition, Peter was mcom 6 0599855123 01_597302 _ffirs.qxd 8/4/05 7:08 PM Page iv the technical editor for Hacking For Dummiesand Norton Internet Security For Dummies. Peter is listed in the International Who’s Who of Professionals. In addition, he was only the third editor in the three-decade history of EDPACS, a publication in the field of security, audit, and control. He finds time to be a part-time lecturer in data communications at Seneca College (http://cs.senecac.on.ca). He lives with his wife Janet, daughter Kelly, two cats, and a dog in Toronto, Ontario. Dedication Little G — this one’s for you. You’re such a great motivator and inspiration to me — more than words can say. Thanks for reminding me of what’s really important. Thanks for being you. —Kevin To all my friends and enemies. Hopefully, the first group is bigger than the second. —Peter Authors’ Acknowledgments Kevin: Thanks to Melody Layne, our acquisitions editor, for approaching me about this project and getting the ball rolling. I’d like to thank our project editor, Chris Morris, as well as Kevin Kirschner and all the behind-the-scenes copy editors for pulling this thing together. Many thanks to my co-author Peter T. Davis for working with me on this book. It has been an honor and a pleasure. I’d also like to thank Hugh Pepper, our technical editor, for the feedback and insight he gave us during the technical editing process. Also, many thanks to Devin Akin with Planet3 Wireless for writing the fore- word. Major kudos too for all the positive things you’ve done for the industry with the CWNP program. You’re a true wireless network pioneer. Many thanks to Ronnie Holland with WildPackets, Chia Chee Kuan with AirMagnet, Michael Berg with TamoSoft, Matt Foster with BLADE Software, Ashish Mistry with AirDefense, and Wayne Burkan with Interlink Networks for helping out with my requests. mcom 7 0599855123 01_597302 _ffirs.qxd 8/4/05 7:08 PM Page v Thanks, appreciation, and lots of love to Mom and Dad for all the values and common sense you instilled in me long ago. I wouldn’t be where I’m at today without it. Finally, to my dear wife Amy for all her support during this book. Yet another one I couldn’t have done without you! You’re the best. Peter: Melody Layne (our acquisitions editor) for pitching the book to the editorial committee and getting us a contract. As always, much appreciated. Chris Morris for helping us bring this project to fruition. Kudos, Chris. Hugh Pepper, tech editor, for his diligence in reviewing the material. Thanks, Hugh, for stepping in and stepping up. Peter would like to thank Kevin Beaver for suggesting we write this together. Thanks Kevin. Peter would also like to thank Ken Cutler, Gerry Grindler, Ronnie Holland, Carl Jackson, Ray Kaplan, Kevin Kobelsky, Carrie Liddie, Dexter Mills Jr. and Larry Simon for responding to a request for wireless infor- mation. Thanks for answering the call for help. And a really big shout-out to John Selmys and Danny Roy for their efforts. Thanks, guys. The provided information shows in this book. Peter would be remiss should he not thank the NHL and NHLPA for canceling the hockey season. Thanks for freeing up his time to write this book. But the book is done, so get it together so he has something to watch this fall! (Come on guys, the Raptors don’t quite fill the void.) A special thanks to Janet and Kelly for allowing Peter to work on the book as they painted the family room. Now he can kick back and enjoy the room! mcom 8 0599855123 01_597302 _ffirs.qxd 8/4/05 7:08 PM Page vi Publisher’s Acknowledgments We’re proud of this book; please send us your comments through our online registration form located at www.dummies.com/register/. Some of the people who helped bring this book to market include the following: Acquisitions, Editorial, Composition Services and Media Development Project Coordinator: Adrienne Martinez Project Editor:Christopher Morris Layout and Graphics: Carl Byers, Andrea Dahl, Acquisitions Editor:Melody Layne Mary Gillot Virgin Copy Editors:Barry Childs-Helton, Proofreaders: Jessica Kramer, Joe Niesen, Andy Hollandbeck, Beth Taylor Carl William Pierce, Dwight Ramsey, TECHBOOKS Production Services Technical Editor:Hugh Pepper Indexer: TECHBOOKS Production Services Editorial Manager:Kevin Kirschner Editorial Assistant:Amanda Foxworth Cartoons:Rich Tennant (www.the5thwave.com) Publishing and Editorial for Technology Dummies Richard Swadley,Vice President and Executive Group Publisher Andy Cummings,Vice President and Publisher Mary Bednarek,Executive Acquisitions Director Mary C. Corder,Editorial Director Publishing for Consumer Dummies Diane Graves Steele,Vice President and Publisher Joyce Pepple,Acquisitions Director Composition Services Gerry Fahey,Vice President of Production Services Debbie Stailey,Director of Composition Services mcom 9 0599855123 02_597302_ftoc.qxd 8/4/05 7:28 PM Page vii Contents at a Glance Foreword ..................................................................xvii Introduction ................................................................1 Part I: Building the Foundation for Testing Wireless Networks .......................................7 Chapter 1: Introduction to Wireless Hacking .................................................................9 Chapter 2: The Wireless Hacking Process ....................................................................19 Chapter 3: Implementing a Testing Methodology .......................................................31 Chapter 4: Amassing Your War Chest ...........................................................................43 Part II: Getting Rolling with Common Wi-Fi Hacks .......65 Chapter 5: Human (In)Security ......................................................................................67 Chapter 6: Containing the Airwaves .............................................................................81 Chapter 7: Hacking Wireless Clients .............................................................................97 Chapter 8: Discovering Default Settings .....................................................................113 Chapter 9: Wardriving ...................................................................................................131 Part III: Advanced Wi-Fi Hacks ................................153 Chapter 10: Still at War .................................................................................................155 Chapter 11: Unauthorized Wireless Devices ..............................................................177 Chapter 12: Network Attacks .......................................................................................195 Chapter 13: Denial-of-Service Attacks .........................................................................225 Chapter 14: Cracking Encryption ................................................................................255 Chapter 15: Authenticating Users ...............................................................................281 Part IV: The Part of Tens ..........................................301 Chapter 16: Ten Essential Tools for Hacking Wireless Networks ............................303 Chapter 17: Ten Wireless Security-Testing Mistakes ................................................307 Chapter 18: Ten Tips for Following Up after Your Testing .......................................321 Part V: Appendixes ..................................................325 Appendix A: Wireless Hacking Resources ..................................................................327 Appendix B: Glossary of Acronyms ............................................................................341 Index.......................................................................347 mcom 10 0599855123

Description:
Become a cyber-hero - know the common wireless weaknesses "Reading a book like this one is a worthy endeavor toward becoming an experienced wireless security professional." --Devin Akin - CTO, The Certified Wireless Network Professional (CWNP) Program Wireless networks are so convenient - not only f
See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.