Real 802.11 Security: Wi-Fi Protected Access and 802.11i [Paperback]

Jon Edney (Author), William A. Arbaugh (Author)

Book Description

ISBN-10: 0321136209 | ISBN-13: 978-0321136206 | Publication Date: July 25, 2003 | Edition: 1

Real 802.11 Security describes an entirely new approach to wireless LAN security based on the latest developments in Wi-Fi technology. The author team addresses the theory, implementations, and reality of Wi-Fi security. It provides an overview of security issues, explains how security works in Wi-Fi networks, and explores various security and authentication protocols. The book concludes with an in-depth discussion of real-world security issues and attack tools.

Editorial Reviews

From the Back Cover

"Real 802.11 Security provides clear descriptions of current and emerging security techniques. The authors handle complex topics nicely, and offer significant clarification of IEEE draft standards."
--Russ Housley, IETF Security Area Director and founder of Vigil Security, LLC

"This is certainly the definitive text on the internals of 802.11 security!"
--John Viega, founder and chief scientist, Secure Software, Inc.

"This book keeps the exposition as straightforward as possible and enables you to cut through the maze of acronyms, hacking tools, rumored weaknesses, and vague vendor security claims to make educated security decisions when purchasing or deploying WLAN."
--Simon Blake-Wilson, Director of Information Security, BCI

Business professionals and advanced home users are captivated by the convenience of working on wireless networks. But how can privacy and security be maintained effectively? Real 802.11 Security describes an entirely new approach to wireless LAN security based on the latest developments in Wi-Fi technology. This is the book that will show you how to establish real security within your Wi-Fi LAN.

Recent developments in Wi-Fi security achieve what no amount of reconfiguration can do: They solve the problem at the source. Wi-Fi Protected Access (WPA) repairs weaknesses in existing Wi-Fi systems and is designed to allow software upgrades. The upcoming 802.11i standard will offer a much higher level of security than previously offered and will provide flexible, extremely secure solutions for future products.

Real 802.11 Security addresses the theory, implementations, and reality of Wi-Fi security. It provides an overview of security issues, explains how security works in Wi-Fi networks, and explores various security and authentication protocols. The book concludes with an in-depth discussion of real-world security issues and attack tools.

Written by two experts in wireless security, Jon Edney and William Arbaugh, this book shows you how to stay informed and aware when making security decisions, and what steps you can take to implement the most effective, proactive wireless security now and in the future.

0321136209B06242003

About the Author

Jon Edney specializes in wireless networking and is a key contributor to the development of IEEE 802.11 systems. As a member of the technology consultancy Symbionics Networks, he deployed the first low-cost 802.11 designs. In 1996, Edney cofounded InTalk, Inc., the first IEEE 802.11 company to develop WLAN access points. After InTalk was acquired by Nokia Corporation, he focused on the application of Wi-Fi to public access networks. He is an active member of the IEEE 802.11 TGi security group.

William A. Arbaugh is an assistant professor of computer science at the University of Maryland in College Park, where he conducts research in information systems security. Arbaugh served as a senior computer scientist for the National Security Agency's Office of Research and Technology, and then as senior technical advisor for the Office of Advanced Network Programs. He has many publications to his credit and has delivered papers at security-related conferences such as IEEE, SANS, USENIX, and Comdex.

0321136209AB06242003

See all Editorial Reviews

Product Details

• Paperback: 480 pages
• Publisher: Addison-Wesley Professional; 1 edition (July 25, 2003)
• Language: English
• ISBN-10: 0321136209
• ISBN-13: 978-0321136206
• Product Dimensions: 9.2 x 7.1 x 0.9 inches
• Shipping Weight: 1.5 pounds (View shipping rates and policies)
• Average Customer Review: 4.8 out of 5 stars  See all reviews (20 customer reviews)
• Amazon Best Sellers Rank: #1,014,327 in Books (See Top 100 in Books)

More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

Most Helpful Customer Reviews

16 of 16 people found the following review helpful:

4.0 out of 5 stars For the serious reader, October 23, 2003

By 

Stephen Northcutt (Kauai, HI USA) - See all my reviews
(REAL NAME)   

This review is from: Real 802.11 Security: Wi-Fi Protected Access and 802.11i (Paperback)

This is the fourth book on 802.11 I have read in 8 weeks and for an important reason. The company I work for is moving more and more to wireless to provide connectivity to our customers.

In terms of understanding architecture, and the cryptography behind the security protocols this was my favorite book. My favorite chapter was the how WEP works and why it doesn't. The writing was clear and the explanations were accurate. I also loved chapter 15, that equipped me to explain why wireless networks are dangerous beasts with detail.

It is a tougher read than some of the other books on the subject, the good news is that you understand the cryptography, the bad news is you have to work through the pages with the crytography.

This is a good book and it is well worth the price. Why did I give it 4 stars instead of 5? It could improve in a couple areas. I think it would have been a stronger, more focused work without chapters 2, 3, and 4. Any reader that is willing to wade through the inner workings of TLS, TKIP or WPA doesn't need a security overview. Also, I really wish more effort had been put into chapter 14, Public Wireless Hotspots. It is good, it covers the fundamentals, but I finished the chapter without increasing my understanding of a question every reader of the book will have. Do I dare check my (encrypted) email at a Starbucks or airport hot spot? That said, I think with second edition the authors will have every chance to take the lead in the crowded field of 802.11 books.

8 of 8 people found the following review helpful:

5.0 out of 5 stars The Best Details For Wireless Security, March 1, 2004

By 

David Curtis (CEO, AICS, Phoenix, Az) - See all my reviews

This review is from: Real 802.11 Security: Wi-Fi Protected Access and 802.11i (Paperback)

This is a very advanced book, not for the meek at heart. Exceptionally well written with five pages of references, three pages of acronyms and three appendices: AES encryption / block cipher, message modification and file integrity. The authors spare no details about wireless security, yet are still able to make thing easy to understand. Written from an engineering standpoint with emphasis on design and construction of wireless networks, Real 802.11 Security gets down to the nuts and bolts of how wireless works, the current standards now in use and the design implications of the newest standards in development.

Edney and Arbaugh show just how "loose" current wireless systems really are, their vulnerabilities and the most common attack methods used, including man in the middle, WEP cracking and MAC spoofing. They detail the layers of transmittion and how those layers interact in the most common wireless scenarios. They also define the terms and uses of current wireless security including the latest methods under development.

The authors start by making sense of the alphabet soup of wireless security including WEP, RSN, 802.1x, LEAP, PEAP and Radius. They dig down to the actual tools and processes used to hack wireless networks and give excellent summaries of the most commonly used methods. Their examples detail the uses of headers, their encryption and the algorithms used by each security protocol. They then show how each protocol is broken down, how server and client interact and the security holes present.

After a good overview of the current landscape, Edney and Arbaugh go on to show the reader how each protocol stacks up against one another, thus allowing the reader greater flexibility to decide just which type or types of security maybe right for their wireless environment(s). They also give very good examples of the problems inherent to communication and authentication in highly mobile, fast paced environments. The authors go into the details and difficulties of how to strengthen wireless networks thru the understanding and use of algorithms, hardware authentication and transport layer security.

Edney and Arbaugh finalize their book by showing how the protocols are applied and the details of implementing Wi-Fi security in day-to-day actual situations. They use screen shots of actual tools in use making it easier for the novice radio buff to understand the whole process. Any white hat will enjoy the final chapter as the authors proceed to show details on how to craft your own client and server side certificates, construct and harden a RADIUS server using open source software and plan your network.

A must read for all IT professionals running wireless in any sensitive environment. As a learning experience Real 802.11 Security should not be taken lightly by any professional currently designing and implementing wireless solutions.

5 of 5 people found the following review helpful:

5.0 out of 5 stars Excellent and up to date coverage of wireless security., December 11, 2003

By 

R. Davenport "couchbob" (Aumsville, OR USA) - See all my reviews
(REAL NAME)   

This review is from: Real 802.11 Security: Wi-Fi Protected Access and 802.11i (Paperback)

The book was a fairly easy read. It covered the basics of wireless security starting from the ground and working up. It was organized well so that if a section was already familiar you could simply jump forward. There is the occasional section where the theory starts to get a little deep, but they warn you and instruct you to skip over the section if it is of no interest.

This was my first book on wireless security and will provide a good basis to move forward to vendor specific security and eventual certification. A great place to start with enough depth to provide a learning opportunity for the more experienced.