- ホーム
- > 洋書
- > 英文書
- > Internet / General
Full Description
The only way to stop a hacker is to think like one!Wireless technology is a new and rapidly growing field of concentration for network engineers and administrators. Innovative technology is now making the communication between computers a cordless affair. Wireless devices and networks are vulnerable to additional security risks because of their presence in the mobile environment.Hack Proofing Your Wireless Network is the only book written specifically for architects, engineers, and administrators responsible for securing their wireless networks. From making sense of the various acronyms (WAP, WEP, SSL, PKE, PKI, SSL, SSH, IPSEC) to the implementation of security policies, plans, and recovery protocols, this book will help users secure their wireless network before its security is compromised. The only way to stop a hacker is to think like one...this book details the multiple ways a hacker can attack a wireless network - and then provides users with the knowledge they need to prevent said attacks.
Contents
ForewordChapter 1 The Wireless ChallengeIntroductionWireless Technology OverviewDefining Cellular-based WirelessDefining the Wireless LANThe Convergence of Wireless TechnologiesTrends and StatisticsUnderstanding the Promise of WirelessWireless NetworkingUnderstanding the Benefits of WirelessConvenienceAffordabilitySpeedAestheticsProductivityFacing the Reality of Wireless TodayStandards ConflictsCommercial ConflictsMarket Adoption ChallengesThe Limitations of "Radio"The Limitations of Wireless SecurityExamining the Wireless StandardsCellular-based Wireless NetworksWireless LAN NetworksUnderstanding Public Key Infrastructures and Wireless NetworkingSummarySolutions Fast TrackFrequently Asked QuestionsChapter 2 A Security PrimerIntroductionUnderstanding Security Fundamentals and Principles of ProtectionEnsuring ConfidentialityEnsuring IntegrityEnsuring AvailabilityEnsuring PrivacyEnsuring AuthenticationEnsuring AuthorizationEnsuring Non-repudiationAccounting and Audit TrailsUsing EncryptionReviewing the Role of PolicyIdentifying ResourcesUnderstanding Classification CriteriaImplementing PolicyRecognizing Accepted Security and Privacy StandardsReviewing Security StandardsReviewing Privacy Standards and RegulationsAddressing Common Risks and ThreatsExperiencing Loss of DataExperiencing Denial and Disruption of ServiceEavesdroppingPreempting the Consequences of an Organization's LossSummarySolutions Fast TrackFrequently Asked QuestionsChapter 3 Wireless NetworkArchitecture and DesignIntroductionFixed Wireless TechnologiesMultichannel Multipoint Distribution ServiceLocal Multipoint Distribution ServicesWireless Local LoopPoint-to-Point MicrowaveWireless Local Area NetworksWhy the Need for a Wireless LAN Standard?Developing WLANs through the 802.11 ArchitectureThe Basic Service SetThe Extended Service SetThe CSMA-CA MechanismConfiguring FragmentationUsing Power Management OptionsMulticell RoamingSecurity in the WLANDeveloping WPANs through the 802.15 ArchitectureBluetoothHomeRFHigh Performance Radio LANMobile Wireless TechnologiesFirst Generation TechnologiesSecond Generation Technologies 2.5G TechnologyThird Generation TechnologiesWireless Application ProtocolGlobal System for Mobile Communications General Packet Radio Service Short Message Service Optical Wireless TechnologiesExploring the Design ProcessConducting the Preliminary InvestigationPerforming Analysis of the Existing EnvironmentCreating a Preliminary DesignFinalizing the Detailed DesignExecuting the ImplementationCapturing the DocumentationCreating the Design MethodologyCreating the Network PlanDeveloping the Network ArchitectureReviewing and Validating the Planning PhaseCreating a High-Level TopologyCreating a Collocation ArchitectureDefining the High-Level ServicesFormalizing the Detailed Design PhaseUnderstanding Wireless Network Attributes from a Design PerspectiveApplication SupportPhysical LandscapeNetwork TopologySummarySolutions Fast TrackFrequently Asked QuestionsChapter 4 Common Attacks and VulnerabilitiesIntroductionThe Weaknesses in WEPCriticisms of the Overall DesignWeaknesses in the Encryption AlgorithmWeaknesses in Key ManagementWeaknesses in User BehaviorConducting Reconnaissance Finding a TargetFinding Weaknesses in a TargetExploiting Those WeaknessesSniffing, Interception, and EavesdroppingDefining SniffingSample Sniffing ToolsSniffing Case ScenarioProtecting Against Sniffing and EavesdroppingSpoofing and Unauthorized AccessDefining SpoofingSample Spoofing ToolsSpoofing Case ScenarioProtecting Against Spoofing and Unauthorized AttacksNetwork Hijacking and ModificationDefining HijackingSample Hijacking ToolsHijacking Case ScenarioProtection against Network Hijacking and ModificationDenial of Service and Flooding AttacksDefining DoS and FloodingSample DoS ToolsDoS and Flooding Case ScenarioProtecting Against DoS and Flooding AttacksThe Introduction of MalwareStealing User DevicesSummarySolutions Fast TrackFrequently Asked QuestionsChapter 5 Wireless Security Countermeasures IntroductionRevisiting PolicyAddressing the Issues with PolicyAnalyzing the ThreatThreat Equals Risk Plus VulnerabilityDesigning and Deploying a Secure NetworkImplementing WEP Defining WEPCreating Privacy with WEP The WEP Authentication Process WEP Benefits and AdvantagesWEP DisadvantagesThe Security Implications of Using WEPImplementing WEP on the AironetImplementing WEP on the ORiNOCO AP-1000Securing a WLAN with WEP: A Case ScenarioFiltering MACsDefining MAC FilteringMAC Benefits and Advantages MAC DisadvantagesSecurity Implications of MAC FilteringImplementing MAC Filters on the AP-1000Implementing MAC Filters on the Aironet 340Filtering MAC Addresses: A Case ScenarioFiltering ProtocolsDefining Protocol Filters Protocol Filter Benefits and Advantages Protocol Filter Disadvantages Security Implications of Using Protocol FiltersUsing Closed Systems and NetworksDefining a Closed SystemClosed System Benefits and AdvantagesClosed System DisadvantagesSecurity Implications of Using a Closed SystemA Closed Environment on a Cisco Aironet Series APA Closed Environment on an ORiNOCO AP-1000Implementing a Closed System: A Case ScenarioEnabling WEP on the ORiNOCO ClientAllotting IPsDefining IP Allocation on the WLANDeploying IP over the WLAN: Benefits and AdvantagesDeploying IP over the WLAN: DisadvantagesSecurity Implications of Deploying IP over the WLANDeploying IP over the WLAN: A Case ScenarioUsing VPNsVPN Benefits and AdvantagesVPN DisadvantagesSecurity Implications of Using a VPNLayering Your Protection Using a VPNUtilizing a VPN:A Case ScenarioSecuring UsersEnd User Security Benefits and AdvantagesEnd User Security DisadvantagesUser Security: A Case ScenarioSummary Solutions Fast Track Frequently Asked QuestionsChapter 6 Circumventing Security MeasuresIntroductionPlanning and PreparationsFinding a TargetDetecting an Open System Detecting a Closed SystemExploiting WEPSecurity of 64-bit versus 128-bit KeysAcquiring a WEP KeyWar Driving What Threat Do These "Open Networks" Pose to Network Security?Stealing User DevicesWhat Are the Benefits of Device Theft?MAC Filtering Determining MAC Filtering Is EnabledMAC SpoofingBypassing Advanced Security MechanismsFirewallsWhat Happens Now?Exploiting InsidersInstalling Rogue Access PointsWhere Is the Best Location for a Rogue AP?Configuring the Rogue APRisks Created by a Rogue APAre Rogue APs Detectable?Exploiting VPNsSummarySolutions Fast TrackFrequently Asked Questions Chapter 7 Monitoring and Intrusion DetectionIntroduction Designing for Detection Starting with a Closed Network Ruling Out Environmental Obstacles Ruling Out InterferenceDefensive Monitoring ConsiderationsAvailability and ConnectivityMonitoring for PerformanceIntrusion Detection StrategiesIntegrated Security MonitoringPopular Monitoring ProductsConducting Vulnerability AssessmentsIncident Response and HandlingPolicies and ProceduresReactive MeasuresReporting Cleanup PreventionConducting Site Surveys for Rogue Access PointsThe Rogue PlacementSummarySolutions Fast TrackFrequently Asked QuestionsChapter 8 AuditingIntroduction Designing and Planning a Successful AuditTypes of AuditsWhen to Perform an AuditAuditing ActivitiesAuditing ToolsCritical Auditing Success Factors Defining StandardsStandardsGuidelinesBest PracticesPoliciesProceduresAuditing, Security Standards, and Best PracticesCorporate Security PoliciesAuditing Charters and IrregularitiesEstablishing the Audit ScopeEstablishing the Documentation ProcessPerforming the AuditAuditors and Technologists Obtaining Support from IS/IT DepartmentsGathering DataAnalyzing Audit DataMatrix AnalysisRecommendations ReportsGenerating Audit ReportsThe Importance of Audit Report QualityWriting the Audit ReportFinal Thoughts on AuditingSample Audit ReportsSummary Solutions Fast TrackFrequently Asked QuestionsChapter 9 Case ScenariosIntroductionImplementing a Non-secure Wireless NetworkImplementing an Ultra-secure Wireless LAN Physical Location and Access Configuring the APDesigning SecurelySecuring by PolicyTaking a War DriveScouting Your LocationInstalling in Difficult SituationsDeveloping a Wireless Security ChecklistMinimum Security Moderate SecurityOptimal SecuritySummarySolutions Fast TrackFrequently Asked QuestionsAppendix: Hack Proofing Your Wireless Network Fast TrackIndex
