WarDriving and Wireless Penetration Testing [Illustrated] [Paperback]

Chris Hurley (Author), Russ Rogers (Author), Frank Thornton (Author), Brian Baker (Author)

Book Description

ISBN-10: 159749111X | ISBN-13: 978-1597491112 | Publication Date: January 15, 2007 | Edition: 1

Wireless networking has become standard in many business and government networks. This book is the first book that focuses on the methods used by professionals to perform WarDriving and wireless pentration testing.

Unlike other wireless networking and security books that have been published in recent years, this book is geared primarily to those individuals that are tasked with performing penetration testing on wireless networks. This book continues in the successful vein of books for penetration testers such as Google Hacking for Penetration Testers and Penetration Tester's Open Source Toolkit. Additionally, the methods discussed will prove invaluable for network administrators tasked with securing wireless networks. By understanding the methods used by penetration testers and attackers in general, these administrators can better define the strategies needed to secure their networks.

* According to a study by the Strategis Group more than one third of the words population will own a wireless device by the end of 2008.

* The authors have performed hundreds of wireless penetration tests, modeling their attack methods after those used by real world attackers.

* Unlike other wireless books, this is geared specifically for those individuals that perform security assessments and penetration tests on wireless networks.

Editorial Reviews

About the Author

Chris Hurley is a Senior Penetration Tester in the Washington, DC area. He has more than 10 years of experience performing penetration testing, vulnerability assessments, and general INFOSEC grunt work. He is the founder of the WorldWide WarDrive, a four-year project to assess the security posture of wireless networks deployed throughout the world. Chris was also the original organizer of the DEF CON WarDriving contest. He is the lead author of WarDriving: Drive, Detect, Defend (Syngress Publishing, ISBN: 19318360305). He has contributed to several other Syngress publications, including Penetration Tester's Open Source Toolkit (ISBN: 1-5974490210), Stealing the Network: How to Own an Identity (ISBN: 1597490067), InfoSec Career Hacking (ISBN: 1597490113), and OS X for Hackers at Heart (ISBN: 1597490407). He has a BS from Angelo State University in Computer Science and a whole bunch of certifications to make himself feel important.

Russ Rogers (CISSP, CISM, IAM, IEM, Hon. Sc.D.), author of the popular "Hacking a Terror Network: The Silent Threat of Covert Channels" (Syngress, ISBN: 978-1-928994-98-5), co-author of multiple books, including the best-selling "Stealing the Network: How to Own a Continent" (Syngress, ISBN: 978-1-931836-05-0) and "Network Security Evaluation Using the NSA IEM" (Syngress, ISBN: 978-1-59749-035-1), and former editor-in-chief of The Security Journal, is currently a penetration tester for a federal agency and the co-founder and chief executive officer of Peak Security, Inc., a veteran-owned small business based in Colorado Springs, CO. Russ has been involved in information technology since 1980 and has spent the past 20 years working as both an IT and InfoSec consultant. Russ has worked with the U.S. Air Force (USAF), National Security Agency (NSA), Defense Information Systems Agency (DISA), and other federal agencies. He is a globally renowned security expert, speaker, and author who has presented at conferences around the world in Amsterdam, Tokyo, Singapore, São Paulo, Abu Dhabi, and cities all over the United States. Russ has an honorary doctorate of science in information technology from the University of Advancing Technology, a master's degree in computer systems management from the University of Maryland, a bachelor of science degree in computer information systems from the University of Maryland, and an associate's degree in applied communications technology from the Community College of the Air Force. He is a member of ISSA and (ISC)2® (CISSP). Russ also teaches at and fills the role of professor of network security for the University of Advancing Technology (www.uat.edu).

Frank Thornton runs his own technology consulting firm, Blackthorn Systems, which specializes in information security and wireless networks. His specialties include wireless network architecture, design, and implementation, as well as network troubleshooting and optimization. An interest in amateur radio helped him bridge the gap between computers and wireless networks. Having learned at a young age which end of the soldering iron was hot, he has even been known to repair hardware on occasion. In addition to his computer and wireless interests, Frank was a law enforcement officer for many years. As a detective and forensics expert he has investigated approximately one hundred homicides and thousands of other crime scenes. Combining both professional interests, he was a member of the workgroup that established ANSI Standard "ANSI/NIST-CSL 1-1993 Data Format for the Interchange of Fingerprint Information."

Product Details

• Paperback: 504 pages
• Publisher: Syngress; 1 edition (January 15, 2007)
• Language: English
• ISBN-10: 159749111X
• ISBN-13: 978-1597491112
• Product Dimensions: 9.1 x 7 x 1.2 inches
• Shipping Weight: 1.2 pounds (View shipping rates and policies)
• Average Customer Review: 4.5 out of 5 stars  See all reviews (2 customer reviews)
• Amazon Best Sellers Rank: #897,010 in Books (See Top 100 in Books)

Customer Reviews

Most Helpful Customer Reviews

6 of 6 people found the following review helpful:

4.0 out of 5 stars Comprehensive and clear, a good book, January 2, 2007

By 

jose_monkey_org "jose_monkey_org" (ann arbor, mi, USA) - See all my reviews

This review is from: WarDriving and Wireless Penetration Testing (Paperback)

Disclaimer: I know the guy who wrote the forward, although I don't think in any way this has influenced my review of this book.

I'm not a wireless hacker, although I've dabbled some in examining networks and some of the software in the book. That said, I think I learned quite a bit by reading this book. I didn't know what to expect with "Wardriving & Wireless Penetration Testing", but what I found was a focused, well prepared book with clear examples. Now, this book is very heavy on network discovery and mapping and not as complete on wireless attacks, although this topic does get coverage in a full chapter and parts of others.

What I like about the book is that it's comprehensive without being exhaustive. It covers WiFi hacking from Windows and Linux, which you would expect, and also from OS X (not so common) and also from, very pleasantly, handheld devices. The software covered is mainly using Kismet/Kismac and the NetStumbler family of software, which is not unexpected. These are premier tools and offer everything you would want. Several minor tools are also discussed.

Various attacks covered include breaking the security mechanisms of WEP, WPA and LEAP, not surprisingly, and how to commit MITM attacks. In all of these, the instructions are clear and straightforward with clear illustrations.

Lest you think this book is all about software, there's good coverage of hardware, both wireless cards and adapters as well as antennas. Also, some GPS software and its integration with wireless mapping efforts is also covered in detail. Another surprise is the coverage of the OpenWRT software kit for the WRT54G device, which can easily be loaded into a functional, dedicated wireless pentest and attack tool. The authors provide valuable tips and insights along the way. A short "bonus" chapter on wireless video device hacking is also included. Appendix B covers driver static analysis and testing, which is becoming a hot topic right now in vulnerability research.

Screenshots, examples, and images were generally well done. A handful of Linux-specific screenshots (ie for the kernel configuration) were poorly reproduced, unfortunately.

While I'm not an expert at wireless (either the security protocols, the auth protocols, or the physics) I didn't spot any obvious mistakes in their background material.

I found "Wardriving & Wireless Penetration Testing" to be well written and full of useful information, all clearly and well presented. The authors have prepared a good, timely book on the subject, and cover the topic in full, sharing insights and tips along the way.

6 of 6 people found the following review helpful:

5.0 out of 5 stars VERY VERY HIGHLY RECOMMENDED!!, April 9, 2007

By 

John R. Vacca "Tech Write Independent Reviewer" (Pomeroy, Ohio) - See all my reviews
(REAL NAME)   

This review is from: WarDriving and Wireless Penetration Testing (Paperback)

Are you a wireless security administrator? If you are, then this book is for you. Authors Chris Hurley, Russ Rogers, Frank Thornton, Daniel Connelly and Brian Baker, have done an outstanding job of writing a book to show you how to analyze wireless networks through wardriving and penetration testing.

Hurley, Rogers, Thornton, Connelly and Baker, begin with a discussion about wardriving and how it applies to a wireless penetration test. Then, the authors discuss how antennas work and how to choose the right antenna for conduction wireless network penetration testing. Next, they show you how to use a handheld device for direction finding and tracking, down to rogue access points and clients. The authors also introduce some basic techniques for wardriving and penetration testing using Microsoft Windows. They continue by describing the steps necessary to configure and utilize the KisMAC WLAN discovery tool in order to successfully wardrive. Then, the authors show you how to identify your specific WLAN target and determine what security measures are being utilized. Next, they show you how to use two of the most popular mapping applications: Kismet and NetStumbler. The authors then discuss the hardware required for a wireless MITM attack. They continue by focusing on the Open WRT firmware. Finally, they focus on how to perform a wireless test against a client, and examine some of the vulnerabilities related to wireless video.

This most excellent book assesses wireless networks, while leveraging these free tools to low-cost supporting hardware. Perhaps more importantly, after reading this book, you'll get a taste of how wardriving really works in the real world.