Hacking Wireless Networks
- Bluetooth operates at a frequency of 2.45GHz and divides the bandwidth into narrow channels to avoid interference with other devices that use the same frequency.
- Bluetooth has been shown to be vulnerable to attack. One early exploit is Bluejacking. It allows an individual to send unsolicited messages over Bluetooth to other Bluetooth devices.
- Bluesnarfing is the theft of data, calendar information, or phone book entries. This means that no one within range can make a connection to your Bluetooth device and download any information they want without your knowledge or permission.
Table FF.8. Wireless Standards and Frequencies
IEEE WLAN Standard
Over-the-Air Estimates
Frequencies
802.11b
11Mbps
2.40002.2835GHz
802.11a
54Mbps
5.7255.825GHz
802.11g
54Mbps
2.40002.2835GHz
802.11n
540Mbps
2.40002.2835GHz
- The 802.11b 802.11g and 802.11n systems divide the usable spectrum into 14 overlapping staggered channels whose frequencies are 5MHz apart.
- Direct-sequence spread spectrum (DSSS) This method of transmission divides the stream of information to be transmitted into small bits. These bits of data are mapped to a pattern of ratios called a spreading code.
- Frequency-hopping spread spectrum (FHSS) This method of transmission operates by taking a broad slice of the bandwidth spectrum and dividing it into smaller subchannels of about 1MHz.
- WPA uses Temporal Key Integrity Protocol (TKIP). TKIP scrambles the keys using a hashing algorithm and adds an integrity-checking feature which verifies that the keys haven't been tampered with. WPA improves on WEP by increasing the IV from 24 bits to 48. Rollover has also been eliminated, which means that key reuse is less likely to occur.
|
Mode |
WPA |
WPA2 |
|---|---|---|
|
Enterprise mode |
Authentication: IEEE 802.1x EAP |
Authentication: IEEE 802.1x EAP |
|
Encryption: TKIP/MIC |
Encryption: AES-CCMP |
|
|
Personal mode |
Authentication: PSK |
Authentication: PSK |
|
Encryption: TKIP/MIC |
Encryption: AES-CCMP |
|
Service |
EAP-MD5 |
LEAP |
EAP-TLS |
EAP-TTLS |
PEAP |
|---|---|---|---|---|---|
|
Server Authentication |
No |
Uses password hash |
Public key certificate |
Public key certificate |
Public key certificate |
|
Supplicant Authentication |
Uses password hash |
Uses password hash |
Smart card or public key certificate |
PAP, CHAP, or MS-CHAP |
Any EAP type such as public key certificate |
|
Dynamic Key Delivery |
No |
Yes |
Yes |
Yes |
Yes |
|
Security Concerns |
Vulnerable to man-in-the-middle attack, session hijack, or identity exposure |
Vulnerable to dictionary attack or identity exposure |
Vulnerable to identity exposure |
Vulnerable to man-in-the-middle attack |
Vulnerable to man-in-the-middle attack |
Virus and Worms |
Part I: Exam Preparation
The Business Aspects of Penetration Testing
- The Business Aspects of Penetration Testing
- Study Strategies
- Security Fundamentals
- Security Testing
- Hacker and Cracker Descriptions
- Ethical Hackers
- Test PlansKeeping It Legal
- Ethics and Legality
- Summary
- Key Terms
- Apply Your Knowledge
The Technical Foundations of Hacking
- The Technical Foundations of Hacking
- Study Strategies
- The Attackers Process
- The Ethical Hackers Process
- Security and the Stack
- Summary
- Key Terms
- Apply Your Knowledge
Footprinting and Scanning
- Footprinting and Scanning
- Study Strategies
- Determining Assessment Scope
- The Seven-Step Information Gathering Process
- Summary
- Key Terms
- Apply Your Knowledge
Enumeration and System Hacking
- Enumeration and System Hacking
- Study Strategies
- The Architecture of Windows Computers
- Enumeration
- Windows Hacking
- Summary
- Key Terms
- Apply Your Knowledge
Linux and Automated Security Assessment Tools
- Linux and Automated Security Assessment Tools
- Study Strategies
- Linux
- Automated Assessment Tools
- Picking the Right Platform
- Summary
- Key Terms
- Apply Your Knowledge
Trojans and Backdoors
- Trojans and Backdoors
- Study Strategies
- An Overview of TrojansThe History of Trojans
- Covert Communications
- Trojan and Backdoor Countermeasures
- Summary
- Key Terms
- Apply Your Knowledge
Sniffers, Session Hijacking, and Denial of Service
- Sniffers, Session Hijacking, and Denial of Service
- Study Strategies
- Sniffers
- Session Hijacking
- Denial of Service
- Summary
- Key Terms
- Apply Your Knowledge
Web Server Hacking, Web Applications, and Database Attacks
- Web Server Hacking, Web Applications, and Database Attacks
- Study Strategies
- Web Server Hacking
- Web Application Hacking
- Database Overview
- Summary
- Key Terms
- Apply Your Knowledge
Wireless Technologies, Security, and Attacks
- Wireless Technologies, Security, and Attacks
- Study Strategies
- Wireless TechnologiesA Brief History
- Wireless LANs
- Wireless Hacking Tools
- Securing Wireless Networks
- Summary
- Key Terms
- Apply Your Knowledge
IDS, Firewalls, and Honeypots
- IDS, Firewalls, and Honeypots
- Study Strategies
- Intrusion Detection Systems
- Firewalls
- Honeypots
- Summary
- Key Terms
- Apply Your Knowledge
Buffer Overflows, Viruses, and Worms
- Buffer Overflows, Viruses, and Worms
- Study Strategies
- Buffer Overflows
- Viruses and Worms
- Summary
- Key Terms
- Apply Your Knowledge
Cryptographic Attacks and Defenses
- Cryptographic Attacks and Defenses
- Study Strategies
- Functions of Cryptography
- History of Cryptography
- Algorithms
- Hashing
- Digital Signatures
- Steganography
- Digital Certificates
- Public Key Infrastructure
- Protocols, Standards, and Applications
- Encryption Cracking and Tools
- Summary
- Key Terms
- Apply Your Knowledge
Physical Security and Social Engineering
- Physical Security and Social Engineering
- Study Strategies
- Physical Security
- Social Engineering
- Summary
- Key Terms
- Apply Your Knowledge
Part II: Final Review
- Fast Facts
- Ethics and Legality
- Footprinting
- Scanning
- Enumeration
- System Hacking
- Trojans and Backdoors
- Sniffers
- Denial of Service
- Social Engineering
- Session Hijacking
- Hacking Web Servers
- Web Application Vulnerabilities
- Web-Based Password Cracking Techniques
- SQL Injection
- Hacking Wireless Networks
- Virus and Worms
- Physical Security
- Linux Hacking
- Evading Firewalls, IDS, and Honeypots
- Buffer Overflows
- Cryptography
- Penetration Testing
- Certified Ethical Hacker
- Practice Exam Questions
- Answers to Practice Exam Questions
- Glossary
Part III: Appendixes
Appendix A. Using the ExamGear Special Edition Software
- Appendix A. Using the ExamGear Special Edition Software
- Exam Simulation
- Study Tools
- How ExamGear Special Edition Works
- Installing ExamGear Special Edition
- Using ExamGear Special Edition
- Contacting Que Certification
- License
- Software and Documentation
- License Term and Charges
- Title
- Updates
- Limited Warranty and Disclaimer
- Limitation of Liability
- Miscellaneous
- U.S. Government Restricted Rights
EAN: 2147483647
Pages: 247
- Integration Strategies and Tactics for Information Technology Governance
- An Emerging Strategy for E-Business IT Governance
- Technical Issues Related to IT Governance Tactics: Product Metrics, Measurements and Process Control
- The Evolution of IT Governance at NB Power
- Governance Structures for IT in the Health Care Industry
