How to Cheat at Securing a Wireless Network [Illustrated] [Paperback]

Chris Hurley (Author), Jan Kanclirz Jr. (Author)

Book Description

ISBN-10: 1597490873 | ISBN-13: 978-1597490870 | Publication Date: October 5, 2006 | Edition: 1

Wireless connectivity is now a reality in most businesses. Yet by its nature, wireless networks are the most difficult to secure and are often the favorite target of intruders. This book provides the busy network administrator with best-practice solutions to securing the wireless network

With the increased demand for mobile connectivity and the decrease in cost and in the time required for installation, wireless network connections will make up 20% of all corporate network connections by the end of 2006.

With this increase in usage comes a commensurate increase in the network's vulnerability to intrusion. This book provides the typical network administrator with the basic tools and instruction they need to maintain a secure network while allowing acceptable access to users.

· A practical product and technology specific guideline to securing a wireless networks for the busy System Administrator
· Takes a simplified multi-layered approach into easily deployed plans for a straight forward understanding
· Does not bog you down with history, but offers practical useful information for today

Editorial Reviews

About the Author

Chris Hurley is a Senior Penetration Tester in the Washington, DC area. He has more than 10 years of experience performing penetration testing, vulnerability assessments, and general INFOSEC grunt work. He is the founder of the WorldWide WarDrive, a four-year project to assess the security posture of wireless networks deployed throughout the world. Chris was also the original organizer of the DEF CON WarDriving contest. He is the lead author of WarDriving: Drive, Detect, Defend (Syngress Publishing, ISBN: 19318360305). He has contributed to several other Syngress publications, including Penetration Tester's Open Source Toolkit (ISBN: 1-5974490210), Stealing the Network: How to Own an Identity (ISBN: 1597490067), InfoSec Career Hacking (ISBN: 1597490113), and OS X for Hackers at Heart (ISBN: 1597490407). He has a BS from Angelo State University in Computer Science and a whole bunch of certifications to make himself feel important.

Product Details

• Paperback: 500 pages
• Publisher: Syngress; 1 edition (October 5, 2006)
• Language: English
• ISBN-10: 1597490873
• ISBN-13: 978-1597490870
• Product Dimensions: 8.7 x 7 x 1.4 inches
• Shipping Weight: 13.6 ounces (View shipping rates and policies)
• Average Customer Review: 3.0 out of 5 stars  See all reviews (1 customer review)
• Amazon Best Sellers Rank: #2,517,506 in Books (See Top 100 in Books)

Customer Reviews

Most Helpful Customer Reviews

12 of 12 people found the following review helpful:

3.0 out of 5 stars Duplicates of very old chapters drag down this book, August 25, 2006

By 

Richard Bejtlich "TaoSecurity" (Metro Washington, DC) - See all my reviews
(REAL NAME)   

This review is from: How to Cheat at Securing a Wireless Network (Paperback)

How to Cheat at Securing a Wireless Network (HTCASAWN) seemed to have a lot of promise. A quick initial look showed discussions of wireless VLANs, WPA, and command syntax for Cisco gear. I thought this would be a good book to read and review, since I try to avoid reading and reviewing books I won't find useful. About halfway through HTCASAWN I made a sad discovery: 7 of 12 chapters are duplicates of chapters from books published in 2001 and 2002, and an eighth chapter largely duplicates a book from 2004. What would probably have been a 4 star review immediately became a tenuous 3 star review, thanks to apparently verbatum reprinting of old material.

Here's the good news about HTCASAWN. About one third of the book is well-written and informative. My favorite chapters, 4 and 5, cover 802.1X, wireless VLANs, and broadcast domain segmentation. Various issues are explained using Cisco command syntax, meaning I could try these techniques given the right gear. In Ch 4 the author even avoids duplicating previous material by explicitly referencing details from Ch 2. Internal redundancy is usually a problem when a book offers 9 authors and no editor or lead author. Ch 2 was decent as well, with practical advice on wireless security configuration (although parts come from the 2004 book "Wardriving").

The other non-duplicate chapters, 3 and 12, are decent. The best part of Ch 3 is the description of the wireless attack station positioned outside a client location. Ch 12 is a good overview of some attack vectors.

Outside of those chapters, the rest of HTCASAWN is reprinted from older Syngress books -- and I mean OLDER -- namely 2001's Designing a Wireless Network (DAWN) and 2002's Hack Proofing Your Wireless Network (HPYWN). Here's the breakdown: Ch 1 is DAWN Ch 1; Ch 6 is the first half of HPYWN Ch 3; Ch 7 is HPYWN Ch 3; Ch 8 is HPYWN Ch 7; Ch 9 is DAWN Ch 6; Ch 10 is DAWN Ch 7; and Ch 11 is DAWN CH 9.

What's the problem with reprinting older chapters? When a book is published in 2006 with a completely new title and no reference to older books, I expect it to be original. I understand covering older material, and even incorporating parts that may have appeared previously. I don't expect to read the same chapters again.

Worse, security is seldom static. I do not want to read about securing wireless with DES and 64 bit WEP (p 317) or being told I can buy commercial Snort sensors from Silicon Defense (p 277) -- a company that left that business in 2003 and no longer exists! I also don't want to read case studies that recommend running Windows 2000 and Windows 98 (p 365).

Books like these are resume-padding for the duplicate chapter authors and they do a disservice to readers. They also tarnish the good original work packaged between the old material.

The only way I could see this model working would be to follow these recommendations. First, publish the book with some sort of disclosure regarding its contents, perhaps in the foreword or introduction. Let the reader know this contains the best ideas about older topics. Second, thoroughly review the older material for currency and accuracy. Third, be sure the authors of the old material are involved and agree to the new book's contents.

I can't recommend HTCASAWN. Only the third of the material that is new saved it from a two star review. Incidentally, you can read my reviews of HPYWN and Wardriving here at Amazon.