Preface | p. xvii |
Introduction to Wireless LAN Security Standards | p. 1 |
Wireless Defined | p. 2 |
Factors of Security | p. 2 |
Theft | p. 3 |
Access Control | p. 4 |
Authentication | p. 4 |
Encryption | p. 5 |
Safeguards | p. 6 |
Intrusion Detection Systems | p. 7 |
IEEE | p. 9 |
WECA | p. 9 |
Wi-Fi | p. 9 |
The Many Flavors of 802.11 | p. 9 |
FHSS | p. 10 |
DSSS | p. 11 |
OFDM | p. 12 |
Bluetooth | p. 12 |
Differences between the Wireless Standards | p. 13 |
Conclusion: How Security Applies | p. 14 |
Technology | p. 17 |
Comparisons | p. 17 |
HomeRF | p. 18 |
802.11 versus SWAP | p. 18 |
SWAP Specification | p. 19 |
Integrating Wireless Phone and Data | p. 19 |
Bluetooth | p. 19 |
Wireless Hacking | p. 20 |
NetStumbler | p. 20 |
NetStumbler Software Uses | p. 22 |
Script Kiddies | p. 22 |
Facts | p. 24 |
Bluetooth Technology | p. 25 |
Bluetooth Background | p. 25 |
What Gives Bluetooth Its Bite? | p. 26 |
Bluetooth Spectrum Hopping | p. 27 |
Bluetooth Connections | p. 28 |
Enforcing Security | p. 30 |
Link Me Up! | p. 31 |
Conclusion: The Future of the WLAN | p. 32 |
Wireless LAN Security Factors | p. 33 |
Enabling Encryption Security | p. 35 |
WEP Encryption | p. 36 |
Encrypting 802.11b? | p. 36 |
Network Interface Cards | p. 36 |
Cross-Platform Hacking | p. 37 |
Eavesdropping | p. 39 |
Breaking In! | p. 40 |
Counterfeiting | p. 40 |
Wireless DoS Attack | p. 41 |
Points of Vulnerability | p. 42 |
Your Best Defense Against an Attack | p. 45 |
Conclusion: Keeping Your WLAN Secure | p. 47 |
Issues in Wireless Security | p. 49 |
The State of Wireless LAN Security | p. 50 |
Securing Your WLAN | p. 50 |
Authenticating Data | p. 51 |
Client Authentication in a Closed System | p. 53 |
Shared Key Authentication | p. 53 |
RC4 | p. 53 |
Ensuring Privacy | p. 54 |
Keeping Data Intact | p. 55 |
Managing Keys | p. 56 |
WLAN Vulnerabilities | p. 58 |
Subtle Attacks | p. 59 |
Common Security Pitfalls | p. 59 |
Poor Security, Better than No Security at All! | p. 59 |
Short Keys | p. 59 |
Initialization Vectors | p. 60 |
Shared Keys | p. 60 |
Checks and Balances for Packets | p. 60 |
Authentication | p. 61 |
Location! Location! Location! | p. 61 |
Attack Patterns | p. 62 |
Active Attack Patterns | p. 62 |
Passive Attacks | p. 63 |
Conclusion | p. 63 |
The 802.11 Standard Defined | p. 65 |
The 802.11 Standard | p. 66 |
Issues to Consider | p. 66 |
Expanding the Network Standard | p. 69 |
Ad Hoc Networks | p. 69 |
Extended Service Set | p. 69 |
Wireless Radio Standard | p. 70 |
The Standard Algorithm | p. 71 |
Address Spaces | p. 72 |
The 802.11 Standard in Security | p. 72 |
Encryption | p. 73 |
Timing and Power Management | p. 73 |
Speed | p. 75 |
Compatibility | p. 75 |
Standard "Flavors" of 802.11 | p. 76 |
802.11a | p. 76 |
802.11b | p. 77 |
802.11d | p. 77 |
802.11e | p. 78 |
802.11f | p. 78 |
802.11g | p. 78 |
802.11h | p. 79 |
802.11i | p. 79 |
Conclusion: Evolution of the 802.11 Standard | p. 80 |
802.11 Security Infrastructure | p. 83 |
Point-to-Point Wireless Application Security | p. 84 |
Point of Interception | p. 84 |
Wireless Vulnerability | p. 86 |
Building a Private Wireless Infrastructure | p. 88 |
Vulnerable Encryption | p. 89 |
Commercial Security Infrastructure | p. 89 |
Building a Private Infrastructure | p. 90 |
Items to Compromise | p. 91 |
Deploying Your Wireless Infrastructure | p. 92 |
Determining Requirements | p. 92 |
Choosing a Flavor of 802.11 | p. 93 |
Security Design | p. 96 |
Monitoring Activity | p. 97 |
Conclusion: Maintaining a Secure Infrastructure | p. 97 |
802.11 Encryption: Wired Equivalent | p. 99 |
Privacy | p. 99 |
Why WEP? | p. 100 |
Defending Your Systems | p. 100 |
WEP Mechanics | p. 103 |
Wireless Security Encryption | p. 103 |
Insecure Keys | p. 104 |
Taking a Performance Hit | p. 104 |
Wireless Authentication | p. 105 |
Known WEP Imperfections | p. 107 |
Access Control | p. 108 |
IRL Security | p. 109 |
Points of Vulnerability | p. 109 |
Conclusion: Finding Security in an Unsecured World | p. 111 |
Unauthorized Access and Privacy | p. 113 |
Privacy in Jeopardy | p. 114 |
Passive Attacks | p. 114 |
Broadcast Monitoring | p. 115 |
Active Attacks | p. 116 |
The "Evil" Access Point | p. 117 |
Data Privacy | p. 117 |
Compromising Privacy in Public Places | p. 118 |
Protecting Your Privacy | p. 118 |
Public or Private? | p. 120 |
Safer Computing | p. 120 |
The "Human" Factor | p. 122 |
Defining the Bullet Points in a Security Policy | p. 122 |
Training | p. 124 |
Physical Security | p. 124 |
Wireless Range | p. 126 |
Conclusion: Common Sense Access Controls | p. 127 |
Open System Authentication | p. 131 |
What is Open System Authentication? | p. 132 |
802.11 Networks on Windows XP | p. 133 |
User Administration | p. 134 |
Managing Keys in an Open System | p. 135 |
Authentication Concerns | p. 135 |
802.11b Security Algorithms | p. 136 |
Authentication Support | p. 137 |
Shared-key Authentication | p. 138 |
Secret Keys | p. 138 |
The WEP Algorithm | p. 138 |
Static Vulnerabilities | p. 139 |
NIC Security | p. 139 |
Wireless NIC Power Settings | p. 140 |
Open System to WEP Authentication | p. 141 |
Port-based Network Access Control | p. 141 |
Securely Identifying Wireless Traffic | p. 143 |
Extensible Authentication Protocol | p. 144 |
Conclusion: Open System versus Closed System Authentication | p. 146 |
Direct Sequence Spread Spectrum | p. 147 |
802.11 DSSS | p. 148 |
Standardization | p. 148 |
MAC Layers | p. 149 |
CSMA | p. 150 |
Roaming | p. 150 |
Power Requirements | p. 151 |
Increasing Data Transmission | p. 151 |
FHSS Security | p. 154 |
Hop Sequences | p. 155 |
FHSS versus DSSS | p. 155 |
Frequency Allocation | p. 156 |
Open System Security | p. 158 |
It's All About...Timing | p. 159 |
System Roaming | p. 160 |
Conclusion: Spectrum Safety! | p. 160 |
Wi-Fi Equipment Issues | p. 163 |
Issues in Wi-Fi Deployment | p. 164 |
Wireless Equipment Vendors | p. 164 |
WLAN Equipment Considerations | p. 165 |
Equipment Vendors | p. 167 |
Market Trends | p. 168 |
Technology Issues | p. 169 |
Access Point-centric Configuration | p. 170 |
Mobile Device Configuration | p. 170 |
Building Extensions to Access Points | p. 171 |
Directional Broadcasting | p. 172 |
Cost Concerns | p. 172 |
The Costs of Effective Security | p. 174 |
Wired versus Wireless Security | p. 176 |
Vendor Trials | p. 176 |
Conclusion: Next-generation Wireless Equipment | p. 178 |
Cross-Platform Wireless User Security | p. 181 |
WLAN Assignment Applications | p. 182 |
Cost Concerns | p. 182 |
Macintosh WLANs | p. 183 |
Lindows OS | p. 185 |
Orinoco Wireless | p. 185 |
Handheld Devices | p. 186 |
Cross-platform Wireless Security Concerns | p. 187 |
Initialization Vector Collisions | p. 188 |
Key Reuse | p. 188 |
Evil Packets | p. 189 |
Real-time Decryption | p. 189 |
802.11 Security Issues | p. 189 |
Windows XP Wireless Connectivity | p. 192 |
Windows XP WEP Authentication | p. 192 |
Windows XP Wireless Functionality | p. 194 |
WLAN NIC Vendors | p. 194 |
Conclusion: All Vendors Must Get Along! | p. 195 |
Security Breach Vulnerabilities | p. 197 |
Intercepting Wireless Network Traffic | p. 198 |
Wireless 802.11b | p. 199 |
Proximity Attack | p. 199 |
Security Your Network | p. 201 |
WAP Attack! | p. 201 |
Encryption | p. 201 |
Commonsense Measures | p. 203 |
PnP Networked Devices | p. 203 |
Windows Users | p. 204 |
Macintosh Computers | p. 205 |
Linux Boxes | p. 205 |
Hacking the Network Printer | p. 206 |
Printer Servers | p. 207 |
Defending Against Attacks | p. 208 |
Conclusion: Limiting Your Vulnerabilities | p. 211 |
Access Control Schemes | p. 215 |
Authentication | p. 216 |
Windows XP Access and Authentication Schemes | p. 217 |
Access Control Procedures | p. 217 |
Physical Security | p. 218 |
Controlling Access to Access Points | p. 219 |
Physical Access Point Security | p. 220 |
Secure Access Point Management Issues | p. 221 |
Preventive Measures | p. 225 |
MAC the Knife | p. 225 |
VPN | p. 225 |
IP Addressing Issues | p. 227 |
Conclusion: Ensuring "Secure" Access Control | p. 229 |
Wireless Laptop Users (PC and Mac) | p. 231 |
Laptop Physical Security | p. 232 |
Protection | p. 232 |
Hardware Solutions | p. 233 |
Public Key Infrastructure | p. 237 |
Portable Biometrics | p. 237 |
Reducing WEP Vulnerabilities | p. 239 |
Securing the WLAN | p. 241 |
Platform Bias | p. 241 |
Wireless Laptop Network Support | p. 242 |
Enhancing Mobile Security | p. 243 |
Remote Users | p. 243 |
Conclusion: Evolving Laptop Security | p. 244 |
Administrative Security | p. 247 |
Authentication Solutions | p. 248 |
Passwords | p. 249 |
Building the Firewall | p. 249 |
Intrusion Detection Systems | p. 250 |
Host-based IDS | p. 252 |
Network-based IDS | p. 253 |
Host IDS versus Network IDS | p. 253 |
Why Have an IDS? | p. 253 |
The Computer as the Decision Maker | p. 254 |
Real Live People | p. 255 |
Security Vulnerability Assessment | p. 256 |
Risk Assessment | p. 257 |
Conclusion: Best Defense Is a Good Offense! | p. 260 |
Security Issues for Wireless Applications (Wireless PDAs) | p. 263 |
Protecting Information | p. 264 |
PDA Data | p. 264 |
Seeking Security | p. 265 |
Security Functionality | p. 266 |
Access Control | p. 266 |
HotSync | p. 266 |
Infrared | p. 266 |
Building an Effective Mobile Security Policy | p. 268 |
Protecting Mobile Resources | p. 268 |
Wireless Connectivity | p. 268 |
HotSync Security | p. 270 |
Infrared Authentication | p. 270 |
Establishing a Security Policy | p. 271 |
Privacy Concerns | p. 272 |
Why PDAs Require Privacy | p. 272 |
Maintaining Access Control | p. 273 |
Data Encryption | p. 273 |
SecurID | p. 273 |
Intranet Access with Your PDA | p. 274 |
How Hackers Fit into the Equation | p. 275 |
Security Concerns | p. 275 |
PDAs as Diagnostic Tools | p. 275 |
PocketDOS | p. 276 |
Wireless Service Providers | p. 277 |
GoAmerica Communications | p. 277 |
SprintPCS | p. 277 |
AT&T Wireless IP Network | p. 278 |
Conclusion: Mobile Wireless Computing | p. 279 |
The Future of Wi-Fi Security? | p. 281 |
Privacy Regulations | p. 282 |
Patriot Act, 2001 (USPA) | p. 282 |
Graham-Leach-Billey (GLB) Act, 2001 | p. 282 |
Fair Credit Reporting Act, 1970, 1996 (FCRA) | p. 282 |
Children's Online Privacy Protection Act of 1998 (COPPA) | p. 283 |
Health Insurance Portability and Accountability Act (HIPPA) [August 21, 1996] | p. 283 |
Pervasive Computing | p. 283 |
Wireless Mobile Computing | p. 284 |
Evolving Security | p. 284 |
Basic Encryption | p. 285 |
WEP | p. 285 |
Protecting Access | p. 285 |
Denial of Service Attacks | p. 286 |
Evolving Standards | p. 286 |
Competing Standards | p. 287 |
Enhancing Your Wireless Security | p. 289 |
Biometrics | p. 290 |
Assessing WLAN Strengths and Weaknesses | p. 290 |
Combining Future WLAN Technology | p. 291 |
Smart Systems | p. 292 |
Scrambled Data | p. 292 |
OS Platform Evolution | p. 292 |
Windows XP Security | p. 293 |
Macintosh OS X | p. 294 |
Palm and PocketPC | p. 294 |
Linux | p. 294 |
Lindows OS | p. 295 |
Preventing Network Intrusion Attempts | p. 295 |
Network Servers | p. 296 |
File Servers | p. 296 |
Printer Servers | p. 297 |
Conclusion: The Future of Wireless Networking | p. 297 |
Index | p. 299 |
Table of Contents provided by Syndetics. All Rights Reserved. |