Hacking Exposed Wireless: Wireless Security Secrets & Solutions, 2nd edition

This document was uploaded by one of our users. The uploader already confirmed that they had the permission to publish it. If you are author/publisher or own the copyright of this documents, please report to us by using this DMCA report form.

Simply click on the Download Book button.

Yes, Book downloads on Ebookily are 100% Free.

Sometimes the book is free on Amazon As well, so go ahead and hit "Search on Amazon"

Protect your wireless systems from crippling attacks using the detailed security information in this comprehensive volume. Thoroughly updated to cover todays established and emerging wireless technologies, Hacking Exposed Wireless, second edition reveals how attackers use readily available and custom tools to target, infiltrate, and hijack vulnerable systems. This book discusses the latest developments in Wi-Fi, Bluetooth, ZigBee, and DECT hacking, and explains how to perform penetration tests, reinforce WPA protection schemes, mitigate packet injection risk, and lock down Bluetooth and RF devices. Cutting-edge techniques for exploiting Wi-Fi clients, WPA2, cordless phones, Bluetooth pairing, and ZigBee encryption are also covered in this fully revised guide.- Build and configure your Wi-Fi attack arsenal with the best hardware and software tools - Explore common weaknesses in WPA2 networks through the eyes of an attacker - Leverage post-compromise remote client attacks on Windows 7 and Mac OS X - Master attack tools to exploit wireless systems, including Aircrack-ng, coWPAtty, Pyrit, IPPON, FreeRADIUS-WPE, and the all new KillerBee - Evaluate your threat to software update impersonation attacks on public networks - Assess your threat to eavesdropping attacks on Wi-Fi, Bluetooth, ZigBee, and DECT networks using commercial and custom tools - Develop advanced skills leveraging Software Defined Radio and other flexible frameworks - Apply comprehensive defenses to protect your wireless devices and infrastructure

Author(s): Johnny Cache, Joshua Wright, Vincent Liu
Edition: 2
Publisher: McGraw-Hill Osborne Media
Year: 2010

Language: English
Pages: 512
Tags: Связь и телекоммуникации;Мобильная связь;

Contents......Page 14
Foreword......Page 20
Acknowledgments......Page 22
Introduction......Page 24
Part I: Hacking 802.11 Wireless Technology......Page 30
A Parking Lot Approach......Page 31
The Robot Invasion......Page 32
Final Wrap-Up......Page 33
1 Introduction to 802.11 Hacking......Page 36
802.11 in a Nutshell......Page 37
Discovery Basics......Page 42
Hardware and Drivers......Page 50
Summary......Page 69
2 Scanning and Enumerating 802.11 Networks......Page 70
Choosing an Operating System......Page 71
Windows Discovery Tools......Page 72
Windows Sniffing/Injection Tools......Page 79
OS X Discovery Tools......Page 90
Linux Discovery Tools......Page 96
Mobile Discovery Tools......Page 102
Online Mapping Services (WIGLE and Skyhook)......Page 104
Summary......Page 106
3 Attacking 802.11 Wireless Networks......Page 108
Security Through Obscurity......Page 109
Defeating WEP......Page 117
Bringing It All Together: Cracking a Hidden Mac-Filtering, WEP-Encrypted Network......Page 133
Keystream Recovery Attacks Against WEP......Page 136
Attacking the Availability of Wireless Networks......Page 140
Summary......Page 142
4 Attacking WPA-Protected 802.11 Networks......Page 144
Breaking Authentication: WPA-PSK......Page 145
Breaking Authentication: WPA Enterprise......Page 158
Breaking Encryption: TKIP......Page 170
Attacking Components......Page 175
Summary......Page 180
Part II: Hacking 802.11 Clients......Page 182
Case Study: Riding the Insecure Airwaves......Page 183
5 Attack 802.11 Wireless Clients......Page 184
Attacking the Application Layer......Page 186
Attacking Clients Using an Evil DNS Server......Page 190
Ettercap Support for Content Modification......Page 194
Dynamically Generating Rogue APs and Evil Servers with Karmetasploit......Page 196
Direct Client Injection Techniques......Page 201
Device Driver Vulnerabilities......Page 211
Web Hacking and Wi-Fi......Page 216
Summary......Page 230
6 Taking It All The Way: Bridging the Airgap from OS X......Page 232
The Game Plan......Page 233
Making the Most of User-level Code Execution......Page 246
Summary......Page 267
7 Taking It All the Way: Bridging the Airgap from Windows......Page 268
The Attack Scenario......Page 269
Preparing for the Attack......Page 270
Local Wireless Reconnaissance......Page 277
Remote Wireless Reconnaissance......Page 284
Target Wireless Network Attack......Page 292
Summary......Page 296
Part III: Hacking Additional Wireless Technologies......Page 298
Case Study: Snow Day......Page 299
8 Bluetooth Scanning and Reconnaissance......Page 302
Bluetooth Technical Overview......Page 303
Preparing for an Attack......Page 308
Reconnaissance......Page 311
Service Enumeration......Page 338
Summary......Page 342
9 Bluetooth Eavesdropping......Page 344
Commercial Bluetooth Sniffing......Page 345
Open-Source Bluetooth Sniffing......Page 355
Summary......Page 372
10 Attacking and Exploiting Bluetooth......Page 374
PIN Attacks......Page 375
Identity Manipulation......Page 389
Abusing Bluetooth Profiles......Page 403
Future Outlook......Page 425
Summary......Page 427
11 Hack ZigBee......Page 428
ZigBee Introduction......Page 429
ZigBee Security......Page 436
ZigBee Attacks......Page 439
Attack Walkthrough......Page 459
Summary......Page 467
12 Hack DECT......Page 468
DECT Introduction......Page 469
DECT Security......Page 473
DECT Attacks......Page 476
Summary......Page 487
A: Scoping and Information Gathering......Page 488
Scoping......Page 489
Things to Bring to a Wireless Assessment......Page 491
Conducting Scoping Interviews......Page 493
Gathering Information via Satellite Imagery......Page 494
Putting It All Together......Page 498
A......Page 500
B......Page 501
C......Page 503
D......Page 504
G......Page 505
I......Page 506
L......Page 507
N......Page 508
P......Page 509
S......Page 510
V......Page 511
W......Page 512
Z......Page 513