BackTrack 5 Wireless Penetration Testing Beginner’s Guide (Inglés)

Biblioteca enigma, sección de libros de consulta general en diferentes formatos
Avatar de Usuario
Enigma
Administrador del Sitio
Administrador del Sitio
Usuario Especial
Usuario Especial
Mensajes: 844
Registrado: 20 Oct 2013 16:26
Es: Mujer
Profesion: Webmaster CEO SEO
Ubicacion: Matrix
Navegador: Chrome

BackTrack 5 Wireless Penetration Testing Beginner’s Guide (Inglés)

Mensaje sin leer por Enigma » 21 Nov 2017 16:50

BackTrack 5 Wireless Penetration Testing Beginner’s Guide (Inglés)

Imagen

Imagen

Book Description
Master bleeding edge wireless testing techniques with BackTrack 5.

Learn Wireless Penetration Testing with the most recent version of Backtrack
The first and only book that covers wireless testing with BackTrack
Concepts explained with step-by-step practical sessions and rich illustrations
Written by Vivek Ramachandran ¬– world renowned security research and evangelist, and discoverer of the wireless “Caffe Latte Attack”
In Detail

Wireless has become ubiquitous in today’s world. The mobility and flexibility provided by it makes our lives more comfortable and productive. But this comes at a cost – Wireless technologies are inherently insecure and can be easily broken. BackTrack is a penetration testing and security auditing distribution that comes with a myriad of wireless networking tools used to simulate network attacks and detect security loopholes.

Backtrack 5 Wireless Penetration Testing Beginner’s Guide will take you through the journey of becoming a Wireless hacker. You will learn various wireless testing methodologies taught using live examples, which you will implement throughout this book. The engaging practical sessions very gradually grow in complexity giving you enough time to ramp up before you get to advanced wireless attacks.

This book will take you through the basic concepts in Wireless and creating a lab environment for your experiments to the business of different lab sessions in wireless security basics, slowly turn on the heat and move to more complicated scenarios, and finally end your journey by conducting bleeding edge wireless attacks in your lab.

There are many interesting and new things that you will learn in this book – War Driving, WLAN packet sniffing, Network Scanning, Circumventing hidden SSIDs and MAC filters, bypassing Shared Authentication, Cracking WEP and WPA/WPA2 encryption, Access Point MAC spoofing, Rogue Devices, Evil Twins, Denial of Service attacks, Viral SSIDs, Honeypot and Hotspot attacks, Caffe Latte WEP Attack, Man-in-the-Middle attacks, Evading Wireless Intrusion Prevention systems and a bunch of other cutting edge wireless attacks.

If you were ever curious about what wireless security and hacking was all about, then this book will get you started by providing you with the knowledge and practical know-how to become a wireless hacker.

Hands-on practical guide with a step-by-step approach to help you get started immediately with Wireless Penetration Testing

Aqui lo tienes online completo:



Tipo: Documento PDF
Idioma: Ingles
páginas 220

Enlace:
https://doc.lagout.org/security/Backtra ... esting.pdf


Table of Contents

Código: Seleccionar todo

BackTrack 5 Wireless Penetration Testing
Credits
About the Author
About the Reviewer
Support files, eBooks, discount offers, and more
Why Subscribe?
Free Access for Packt account holders
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Time for action heading
What just happened?
Pop quiz heading
Have a go hero heading
Reader feedback
Customer support
Errata
Piracy
Questions
1. Wireless Lab Setup
Hardware requirements
Software requirements
Installing BackTrack
Time for action installing BackTrack
What just happened?
Have a go hero installing BackTrack on Virtual Box
Setting up the access point
Time for action configuring the access point
What just happened?
Have a go hero configuring the access point to use WEP and WPA
Setting up the wireless card
Time for action configuring your wireless card
What just happened?
Connecting to the access point
Time for action configuring your wireless card
What just happened?
Have a go hero establishing connection in WEP configuration
Pop quiz understanding the basics
Summary
2. WLAN and Its Inherent Insecurities
Revisiting WLAN frames
Time for action creating a monitor mode interface
What just happened?
Have a go hero creating multiple monitor mode interfaces
Time for action sniffing wireless packets
What just happened?
Have a go hero finding different devices
Time for action viewing Management, Control, and Data frames
What just happened?
Have a go hero playing with filters
Time for action sniffing data packets for our network
What just happened?
Have a go hero analyzing data packets
Time for action packet injection
What just happened?
Have a go hero installing BackTrack on Virtual Box
Important note on WLAN sniffing and injection
Time for action experimenting with your Alfa card
What just happened?
Have a go hero sniffing multiple channels
Role of regulatory domains in wireless
Time for action experimenting with your Alfa card
What just happened?
Have a go hero exploring regulatory domains
Pop quiz WLAN packet sniffing and injection
Summary
3. Bypassing WLAN Authentication
Hidden SSIDs
Time for action uncovering hidden SSIDs
What just happened?
Have a go hero selecting Deauthentication
MAC filters
Time for action beating MAC filters
What just happened?
Open Authentication
Time for action bypassing Open Authentication
What just happened?
Shared Key Authentication
Time for action bypassing Shared Authentication
What just happened?
Have a go hero filling up the access point's tables
Pop quiz WLAN authentication
Summary
4. WLAN Encryption Flaws
WLAN encryption
WEP encryption
Time for action cracking WEP
What just happened?
Have a go hero fake authentication with WEP cracking
WPA/WPA2
Time for action cracking WPA-PSK weak passphrase
What just happened?
Have a go hero trying WPA-PSK cracking with Cowpatty
Speeding up WPA/WPA2 PSK cracking
Time for action speeding up the cracking process
What just happened?
Decrypting WEP and WPA packets
Time for action decrypting WEP and WPA packets
What just happened?
Connecting to WEP and WPA networks
Time for action connecting to a WEP network
What just happened?
Time for action connecting to a WPA network
What just happened?
Pop quiz WLAN encryption flaws
Summary
5. Attacks on the WLAN Infrastructure
Default accounts and credentials on the access point
Time for action cracking default accounts on the access points
What just happened?
Have a go hero cracking accounts using bruteforce attacks
Denial of service attacks
Time for action De-Authentication DoS attack
What just happened?
Have a go hero Dis-Association attacks
Evil twin and access point MAC spoofing
Time for action evil twin with MAC spoofing
What just happened?
Have a go hero evil twin and channel hopping
Rogue access point
Time for action Rogue access point
What just happened?
Have a go hero Rogue access point challenge
Pop quiz attacks on the WLAN infrastructure
Summary
6. Attacking the Client
Honeypot and Mis-Association attacks
Time for action orchestrating a Mis-Association attack
What just happened?
Have a go hero forcing a client to connect to the Honeypot
Caffe Latte attack
Time for action conducting the Caffe Latte attack
What just happened?
Have a go hero practice makes you perfect!
De-Authentication and Dis-Association attacks
Time for action De-Authenticating the client
What just happened?
Have a go hero Dis-Association attack on the client
Hirte attack
Time for action cracking WEP with the Hirte attack
What just happened?
Have a go hero practice, practice, practice
AP-less WPA-Personal cracking
Time for action AP-less WPA cracking
What just happened?
Have a go hero AP-less WPA cracking
Pop quiz attacking the client
Summary
7. Advanced WLAN Attacks
Man-in-the-Middle attack
Time for action Man-in-the-Middle attack
What just happened?
Have a go hero Man-in-the-Middle over pure wireless
Wireless Eavesdropping using MITM
Time for action wireless eavesdropping
What just happened?
Have a go hero finding Google searches
Session Hijacking over wireless
Time for action session hijacking over wireless
What just happened?
Have a go hero application hijacking challenge
Finding security configurations on the client
Time for action enumerating wireless security profiles
What just happened?
Have a go hero baiting clients
Pop quiz Advanced WLAN Attacks
Summary
8. Attacking WPA-Enterprise and RADIUS
Setting up FreeRadius-WPE
Time for action setting up the AP with FreeRadius-WPE
What just happened?
Have a go hero playing with RADIUS
Attacking PEAP
Time for action cracking PEAP
What just happened?
Have a go hero variations of attack on PEAP
Attacking EAP-TTLS
Time for action cracking EAP-TTLS
What just happened?
Have a go hero EAP-TTLS
Security best practices for Enterprises
Pop quiz attacking WPA-Enterprise and RADIUS
Summary
9. WLAN Penetration Testing Methodology
Wireless penetration testing
Planning
Discovery
Time for action discovering wireless devices
What just happened?
Attack
Finding rogue access points
Time for action finding rogue access points
What just happened?
Finding unauthorized clients
Time for action unauthorized clients
What just happened?
Cracking the encryption
Time for action cracking WPA
What just happened?
Compromising clients
Time for action compromising the clients
What just happened?
Reporting
Pop quiz Wireless Penetration Testing
Summary
A. Conclusion and Road Ahead
Wrapping up
Building an advanced Wi-Fi lab
Staying up-to-date
Conclusion
B. Pop Quiz Answers
Chapter 1, Wireless Lab Setup
Chapter 2, WLAN and its Inherent Insecurities
Chapter 3, Bypassing WLAN Authentication
Chapter 4, WLAN Encryption Flaws
Chapter 5, Attacks on the WLAN Infrastructure
Chapter 6, Attacking the Client
Chapter 7, Advanced WLAN Attacks
Chapter 8, Attacking WPA Enterprise and RADIUS
Chapter 9, Wireless Penetrating Testing Methodology

ERRATAS

Errata
- 4 submitted: last submission 10 Dec 2015

Errata type: Typo | Page number: 62
"As you saw, it was not trivial to break Open Authentication and connect to the access point."

this should be
"As you saw, it was trivial to break Open Authentication and connect to the access point.".

Errata type: Typo | Page number: 57
"We will know look at how easy it is to bypass MAC filters."

This should read
"We will now look at how easy it is to bypass MAC filters."

Errata type: Typo | Page number: 2

In the Chapter 2 description,
"Most importantly, we will see how client and access point communication works at the packer level by analyzing Management, Control and Data frames. We will then learn about packet injection and packer sniffing in wireless networks, and look at some tools which enable us to do the same"

This should read
"Most importantly, we will see how client and access point communication works at the packet level by analyzing Management, Control and Data frames. We will then learn about packet injection and packet sniffing...".

Errata type: Typo | Page no: 25
The word promiscous

Should be
The word promiscuous

Errata type: Technical | Page no: 77
The word -bssid

Should be
The word --bssid



Volver a “Area Telecomunicaciones - Servidores Windows y Lunux - Redes”