Master bleeding edge wireless testing techniques with BackTrack 5.
Learn Wireless Penetration Testing with the most recent version of Backtrack
The first and only book that covers wireless testing with BackTrack
Concepts explained with step-by-step practical sessions and rich illustrations
Written by Vivek Ramachandran ¬– world renowned security research and evangelist, and discoverer of the wireless “Caffe Latte Attack”
Wireless has become ubiquitous in today’s world. The mobility and flexibility provided by it makes our lives more comfortable and productive. But this comes at a cost – Wireless technologies are inherently insecure and can be easily broken. BackTrack is a penetration testing and security auditing distribution that comes with a myriad of wireless networking tools used to simulate network attacks and detect security loopholes.
Backtrack 5 Wireless Penetration Testing Beginner’s Guide will take you through the journey of becoming a Wireless hacker. You will learn various wireless testing methodologies taught using live examples, which you will implement throughout this book. The engaging practical sessions very gradually grow in complexity giving you enough time to ramp up before you get to advanced wireless attacks.
This book will take you through the basic concepts in Wireless and creating a lab environment for your experiments to the business of different lab sessions in wireless security basics, slowly turn on the heat and move to more complicated scenarios, and finally end your journey by conducting bleeding edge wireless attacks in your lab.
There are many interesting and new things that you will learn in this book – War Driving, WLAN packet sniffing, Network Scanning, Circumventing hidden SSIDs and MAC filters, bypassing Shared Authentication, Cracking WEP and WPA/WPA2 encryption, Access Point MAC spoofing, Rogue Devices, Evil Twins, Denial of Service attacks, Viral SSIDs, Honeypot and Hotspot attacks, Caffe Latte WEP Attack, Man-in-the-Middle attacks, Evading Wireless Intrusion Prevention systems and a bunch of other cutting edge wireless attacks.
If you were ever curious about what wireless security and hacking was all about, then this book will get you started by providing you with the knowledge and practical know-how to become a wireless hacker.
Hands-on practical guide with a step-by-step approach to help you get started immediately with Wireless Penetration Testing
Aqui lo tienes online completo:
Tipo: Documento PDF
https://doc.lagout.org/security/Backtra ... esting.pdf
Table of Contents
Código: Seleccionar todo
BackTrack 5 Wireless Penetration Testing Credits About the Author About the Reviewer Support files, eBooks, discount offers, and more Why Subscribe? Free Access for Packt account holders Preface What this book covers What you need for this book Who this book is for Conventions Time for action heading What just happened? Pop quiz heading Have a go hero heading Reader feedback Customer support Errata Piracy Questions 1. Wireless Lab Setup Hardware requirements Software requirements Installing BackTrack Time for action installing BackTrack What just happened? Have a go hero installing BackTrack on Virtual Box Setting up the access point Time for action configuring the access point What just happened? Have a go hero configuring the access point to use WEP and WPA Setting up the wireless card Time for action configuring your wireless card What just happened? Connecting to the access point Time for action configuring your wireless card What just happened? Have a go hero establishing connection in WEP configuration Pop quiz understanding the basics Summary 2. WLAN and Its Inherent Insecurities Revisiting WLAN frames Time for action creating a monitor mode interface What just happened? Have a go hero creating multiple monitor mode interfaces Time for action sniffing wireless packets What just happened? Have a go hero finding different devices Time for action viewing Management, Control, and Data frames What just happened? Have a go hero playing with filters Time for action sniffing data packets for our network What just happened? Have a go hero analyzing data packets Time for action packet injection What just happened? Have a go hero installing BackTrack on Virtual Box Important note on WLAN sniffing and injection Time for action experimenting with your Alfa card What just happened? Have a go hero sniffing multiple channels Role of regulatory domains in wireless Time for action experimenting with your Alfa card What just happened? Have a go hero exploring regulatory domains Pop quiz WLAN packet sniffing and injection Summary 3. Bypassing WLAN Authentication Hidden SSIDs Time for action uncovering hidden SSIDs What just happened? Have a go hero selecting Deauthentication MAC filters Time for action beating MAC filters What just happened? Open Authentication Time for action bypassing Open Authentication What just happened? Shared Key Authentication Time for action bypassing Shared Authentication What just happened? Have a go hero filling up the access point's tables Pop quiz WLAN authentication Summary 4. WLAN Encryption Flaws WLAN encryption WEP encryption Time for action cracking WEP What just happened? Have a go hero fake authentication with WEP cracking WPA/WPA2 Time for action cracking WPA-PSK weak passphrase What just happened? Have a go hero trying WPA-PSK cracking with Cowpatty Speeding up WPA/WPA2 PSK cracking Time for action speeding up the cracking process What just happened? Decrypting WEP and WPA packets Time for action decrypting WEP and WPA packets What just happened? Connecting to WEP and WPA networks Time for action connecting to a WEP network What just happened? Time for action connecting to a WPA network What just happened? Pop quiz WLAN encryption flaws Summary 5. Attacks on the WLAN Infrastructure Default accounts and credentials on the access point Time for action cracking default accounts on the access points What just happened? Have a go hero cracking accounts using bruteforce attacks Denial of service attacks Time for action De-Authentication DoS attack What just happened? Have a go hero Dis-Association attacks Evil twin and access point MAC spoofing Time for action evil twin with MAC spoofing What just happened? Have a go hero evil twin and channel hopping Rogue access point Time for action Rogue access point What just happened? Have a go hero Rogue access point challenge Pop quiz attacks on the WLAN infrastructure Summary 6. Attacking the Client Honeypot and Mis-Association attacks Time for action orchestrating a Mis-Association attack What just happened? Have a go hero forcing a client to connect to the Honeypot Caffe Latte attack Time for action conducting the Caffe Latte attack What just happened? Have a go hero practice makes you perfect! De-Authentication and Dis-Association attacks Time for action De-Authenticating the client What just happened? Have a go hero Dis-Association attack on the client Hirte attack Time for action cracking WEP with the Hirte attack What just happened? Have a go hero practice, practice, practice AP-less WPA-Personal cracking Time for action AP-less WPA cracking What just happened? Have a go hero AP-less WPA cracking Pop quiz attacking the client Summary 7. Advanced WLAN Attacks Man-in-the-Middle attack Time for action Man-in-the-Middle attack What just happened? Have a go hero Man-in-the-Middle over pure wireless Wireless Eavesdropping using MITM Time for action wireless eavesdropping What just happened? Have a go hero finding Google searches Session Hijacking over wireless Time for action session hijacking over wireless What just happened? Have a go hero application hijacking challenge Finding security configurations on the client Time for action enumerating wireless security profiles What just happened? Have a go hero baiting clients Pop quiz Advanced WLAN Attacks Summary 8. Attacking WPA-Enterprise and RADIUS Setting up FreeRadius-WPE Time for action setting up the AP with FreeRadius-WPE What just happened? Have a go hero playing with RADIUS Attacking PEAP Time for action cracking PEAP What just happened? Have a go hero variations of attack on PEAP Attacking EAP-TTLS Time for action cracking EAP-TTLS What just happened? Have a go hero EAP-TTLS Security best practices for Enterprises Pop quiz attacking WPA-Enterprise and RADIUS Summary 9. WLAN Penetration Testing Methodology Wireless penetration testing Planning Discovery Time for action discovering wireless devices What just happened? Attack Finding rogue access points Time for action finding rogue access points What just happened? Finding unauthorized clients Time for action unauthorized clients What just happened? Cracking the encryption Time for action cracking WPA What just happened? Compromising clients Time for action compromising the clients What just happened? Reporting Pop quiz Wireless Penetration Testing Summary A. Conclusion and Road Ahead Wrapping up Building an advanced Wi-Fi lab Staying up-to-date Conclusion B. Pop Quiz Answers Chapter 1, Wireless Lab Setup Chapter 2, WLAN and its Inherent Insecurities Chapter 3, Bypassing WLAN Authentication Chapter 4, WLAN Encryption Flaws Chapter 5, Attacks on the WLAN Infrastructure Chapter 6, Attacking the Client Chapter 7, Advanced WLAN Attacks Chapter 8, Attacking WPA Enterprise and RADIUS Chapter 9, Wireless Penetrating Testing Methodology
- 4 submitted: last submission 10 Dec 2015
Errata type: Typo | Page number: 62
"As you saw, it was not trivial to break Open Authentication and connect to the access point."
this should be
"As you saw, it was trivial to break Open Authentication and connect to the access point.".
Errata type: Typo | Page number: 57
"We will know look at how easy it is to bypass MAC filters."
This should read
"We will now look at how easy it is to bypass MAC filters."
Errata type: Typo | Page number: 2
In the Chapter 2 description,
"Most importantly, we will see how client and access point communication works at the packer level by analyzing Management, Control and Data frames. We will then learn about packet injection and packer sniffing in wireless networks, and look at some tools which enable us to do the same"
This should read
"Most importantly, we will see how client and access point communication works at the packet level by analyzing Management, Control and Data frames. We will then learn about packet injection and packet sniffing...".
Errata type: Typo | Page no: 25
The word promiscous
The word promiscuous
Errata type: Technical | Page no: 77
The word -bssid
The word --bssid