Hackproofing Your Wireless Network [Paperback]

Syngress (Author), Eric Ouellet (Author), Neal O'Farrell (Author)

Book Description

ISBN-10: 1928994598 | ISBN-13: 978-1928994596 | Publication Date: February 28, 2002 | Edition: 1

The only way to stop a hacker is to think like one!
Wireless technology is a new and rapidly growing field of concentration for network engineers and administrators. Innovative technology is now making the communication between computers a cordless affair. Wireless devices and networks are vulnerable to additional security risks because of their presence in the mobile environment.
Hack Proofing Your Wireless Network is the only book written specifically for architects, engineers, and administrators responsible for securing their wireless networks. From making sense of the various acronyms (WAP, WEP, SSL, PKE, PKI, SSL, SSH, IPSEC) to the implementation of security policies, plans, and recovery protocols, this book will help users secure their wireless network before its security is compromised. The only way to stop a hacker is to think like one...this book details the multiple ways a hacker can attack a wireless network - and then provides users with the knowledge they need to prevent said attacks.

Uses forensic-based analysis to give the reader an insight into the mind of a hacker
With the growth of wireless networks architects, engineers and administrators will need this book
Up to the minute Web based support at www.solutions@syngress.com

Editorial Reviews

Amazon.com Review

With the arrival of IEEE 802.11b (a.k.a. WiFi) and other wireless networking technologies on the market comes a wave of stories about snoops intercepting sensitive LAN traffic from out in the company parking lot or across the concourse at the airport. Hack Proofing Your Wireless Network takes a look at strategies for defending wireless LANs--those based on Bluetooth and IEEE 802.11a as well as WiFi--against signal interception and other attacks peculiar to their wireless nature. Unfortunately, there's also a lot of background information on WiFi (as well as on security principles in general), and this is related to wireless network security only tangentially. Though this material represents unneeded padding, the bulk of the book is made up of useful information about security strategies and defensive configuration. There's also a fair bit of information about the security characteristics of some top-selling wireless networking products.

In a section on choosing WiFi access points, the authors give a very explicit list of requirements (the ability to disable service-set identifier broadcasts, 128-bit Wired Equivalent Protocol--WEP--and so on), and list at least three real products (by make and model) that fit the specifications. They then proceed to show how to choose the most secure configuration options on each of the featured products, including the Cisco Systems Aironet and the Agere ORiNOCO. Configuration instructions are easy to follow and illustrated in detail. Information on the offensive side of the equation is shallower--the authors point out that it's possible to drive around, looking for unsecured wireless access points and that WEP has security flaws. Still, this book is one of the first on security for wireless networks, and it provides a lot of good information to the administrators of such networks. --David Wall

Topics covered: The special security characteristics of wireless networks (primarily including, but not limited to, those operating under the IEEE 802.11 standards) and some recommended procedures for the administrators of such networks. Wired Equivalent Protocol (WEP), MAC filtering, and virtual private networks (VPNs) tailored for use in wireless environments get particularly admirable coverage.

About the Author

Neal O’Farrell (Technical Editor) is founder and CEO of security training firm Hackademia Inc., where he oversees the development of more than 30 Web-based security training courses. Neal is a panel expert and regular columnist on SearchSecurity.com and was recently elected Chair of the first Cybercrime on Wall Street Conference. He has written more than one hundred articles and three books, appearing in publications as diverse as Business Week, Information Week, NetWorker, and Wireless Design News. With a career in information security that spans nearly two decades, Neal was recently described by the Institute for International Research as one of the world’s top 20 security experts. Neal got his first taste of wireless security in the mid-1980s when he was asked by the Irish government to develop a security system for the nation’s fledgling cellular network.

Eric Ouellet (CISSP) is a Senior Partner with Secure Systems Design Group, a network design and security consultancy based in Ottawa, Ontario, Canada. He specializes in the implementation of networks and security infrastructures from both a design and a hands-on perspective. Eric has been responsible for designing some of the leading Public Key Infrastructure deployments currently in use and for devising operational policy and procedures to meet the Electronic Signature Act (E-Sign) and the Health Insurance Portability and Accountability Act (HIPAA). He regularly speaks at leading security conferences and teaches networking and CISSP classes. He is currently working on two upcoming titles with Syngress Publishing, Building a Cisco Wireless LAN (ISBN: 1-928994-58-X) and Sniffer Network Optimization and Troubleshooting Handbook (ISBN: 1-931836-57-4).

Tony Bautts is a Senior Security Consultant with Astech Consulting. He currently provides security advice and architecture for clients in the San Francisco Bay area. His specialties include intrusion detection systems, firewall design and integration, post-intrusion forensics, bastion hosting, and secure infrastructure design. Tony’s security experience has led him to work with Fortune 500 companies in the United States as well as two years of security consulting in Japan.

Product Details

• Paperback: 512 pages
• Publisher: Syngress; 1 edition (February 28, 2002)
• Language: English
• ISBN-10: 1928994598
• ISBN-13: 978-1928994596
• Product Dimensions: 9.1 x 7.4 x 1.3 inches
• Shipping Weight: 2.3 pounds (View shipping rates and policies)
• Average Customer Review: 4.8 out of 5 stars  See all reviews (5 customer reviews)
• Amazon Best Sellers Rank: #1,806,979 in Books (See Top 100 in Books)

Customer Reviews

Most Helpful Customer Reviews

13 of 14 people found the following review helpful:

4.0 out of 5 stars Good info throughout, but this 1st Ed should be 256 pages, April 2, 2002

By 

Richard Bejtlich "TaoSecurity" (Metro Washington, DC) - See all my reviews
(REAL NAME)   

This review is from: Hackproofing Your Wireless Network (Paperback)

"Hack Proofing Your Wireless Network" (HPYWN) weighs in at 512 pages, but it could easily be half that size. While the book contains good information, its internal redundancy and inclusion of security advice not specific to wireless adds unnecessary pages. I recommend security professionals skim HPYWN for the material they need, and skip the generic network protection advice.

Unlike the attack-minded "Hack Proofing Your Network, 2nd Ed", HPYWN is indeed a defensive-oriented book. It offers strong overviews of widely deployed wireless technologies. These include modern cellular networks and wireless area networks created by 802.11, Bluetooth, and HomeRF. HPYWN offers sound advice on making the best use of available wireless defensive mechanisms, despite acknowledging that Wired Equivalent Privacy (WEP) is "broken." An overview of popular wireless assessment tools like Netstumbler is helpful although not especially thorough...

Of the book's nine chapters, chapters 2 (A Security Primer, 50 pages) and 8 (Auditing, 43 pages) don't add anything original to the current body of published security books. Furthermore, many wireless security topics are discussed repeatedly. For example, I didn't need to read in chapters 1, 4, 5, and 6 that WEP's insecurities stem from weak Initialization Vectors. Other recommendations on changing default configurations, enabling logging, and so on also appear in multiple sections. The editor should have consolidated this information to avoid wasting the reader's time.

Overall, Syngress should be credited for getting into the wireless game with this book. I would have preferred to see protocol decodes, thorough documentation and usage examples for wireless assessment tools, and in-depth VPN deployment guidance. Should the second edition of HPYWN contain this information, it will justify its current page count.

2 of 3 people found the following review helpful:

5.0 out of 5 stars Essential book for wireless security, March 19, 2002

By 

Leonard Russell (Newark) - See all my reviews

This review is from: Hackproofing Your Wireless Network (Paperback)

Our company is in the midst of several large scale wireless deployments, and security is one of our primary concerns. This book does a great job of detailing all of the vulnerabilities and attacks, and presents real solutions for preventing attacks and data or services being compromised. There are some good wireles books out there now, but this is the one to get if you want something really focused on security.

5.0 out of 5 stars Beam Your Data Through The Air Securely, February 10, 2005

By 

Tony Bradley "s3kur3" (Houston, TX) - See all my reviews
(VINE VOICE)   

This review is from: Hackproofing Your Wireless Network (Paperback)

Hack Proofing Your Wireless Network is an invaluable resource for implementing or administering a wireless network. War Driving (searching for random insecure wireless networks) is happening all over. To keep your personal and confidential information private and to keep prying eyes from surfing your wireless network or hujacking your bandwidth you need to make sure you do everything you can to secure your wireless network. The case studies, Security Alerts, FAQ's and other features of this book all help to provide a comprehensive, must-read book on wireless network security. If you are new to the concept this book is written in a way that you will understand. Even if you know this stuff, this book should be kept close as a reference.

(...)