9780470851272

Securing Wireless LANs : A Practical Guide for Network Managers, LAN Administrators and the Home Office User

by
  • ISBN13:

    9780470851272

  • ISBN10:

    0470851279

  • Edition: 1st
  • Format: Paperback
  • Copyright: 2003-10-10
  • Publisher: WILEY

Note: Supplemental materials are not guaranteed with Rental or Used book purchases.

Purchase Benefits

  • Free Shipping On Orders Over $35!
    Your order must be $35 or more to qualify for free economy shipping. Bulk sales, PO's, Marketplace items, eBooks and apparel do not qualify for this offer.
  • Get Rewarded for Ordering Your Textbooks! Enroll Now
List Price: $135.00 Save up to $13.50
  • Rent Book $121.50
    Add to Cart Free Shipping

    TERM
    PRICE
    DUE

Supplemental Materials

What is included with this book?

  • The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.
  • The Rental copy of this book is not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.

Summary

Wireless LANs will enable small teams and communities to communicate via their mobile devices without cables. This new technology will facilitate communication in small businesses/teams such as in hospitals, on construction sites, warehouses, etc. Held provides a comprehensive guide to the implementation, planning and monitoring of all aspects of wireless LAN security in small offices/small to medium business (SMBs). Securing Wireless LANs is timely in addressing the security issues of this important new technology and equips its readers with the tools they need to make the appropriate choice for their own situation. This ideal introduction to wireless LAN technology: Provides a broad overview of all the different issues and practical guidance of how to make wireless LANs secure at home as well as in small offices Explains how to monitor wireless LANs, configure different types of wireless equipment Discusses which technologies are best for different situations and requirements Gives practical hints and advice on how to implement them

Author Biography

<b>Gilbert Held</b> is an internationally known award-winning author and teacher with over 30 years experience in managing communications networks.

Table of Contents

Preface xv
Acknowledgements xvii
Chapter 1 Introduction to Wireless LANs 1(34)
1.1 SECURING THE INSECURE
2(5)
1.1.1 AAE AND A FUNCTIONS
2(1)
1.1.2 AUTHENTICATION
2(1)
1.1.3 AUTHORIZATION
3(1)
1.1.4 ENCRYPTION
3(1)
1.1.5 ACCOUNTING
4(1)
1.1.6 PRACTICAL NETWORK PROTECTION METHODS
4(3)
1.2 NETWORK ARCHITECTURE
7(20)
1.2.1 BASIC NETWORKING DEVICES
7(1)
1.2.2 THE WIRELESS LAN STATION
8(2)
1.2.3 THE ACCESS POINT
10(3)
1.2.4 THE WIRELESS BRIDGE
13(1)
1.2.5 THE WIRELESS ROUTER
13(5)
1.2.6 THE BASIC SERVICE SST
18(2)
1.2.7 THE EXTENDED SERVICE SET (ESS)
20(1)
1.2.8 STATION SERVICES
21(6)
1.3 IEEE WIRELESS LAN STANDARDS
27(5)
1.3.1 THE BASIC IEEE 802.11 STANDARD
28(2)
1.3.2 802.11B
30(1)
1.3.3 802.11A
30(1)
1.3.4 802.11C
30(1)
1.3.5 802.11D
31(1)
1.3.6 802.11E
31(1)
1.3.7 802.11E
31(1)
1.3.8 802.11G
31(1)
1.3.9 802.11H
31(1)
1.3.10 802.11I
32(1)
1.4 BOOK PREVIEW
32(3)
1.4.1 FRAME FORMATS AND BASIC SECURITY OPERATIONS
32(1)
1.4.2 UNDERSTANDING WIRELESS SIGNALS
33(1)
1.4.3 UNDERSTANDING WEP
33(1)
1.4.4 SECURITY RISKS
33(1)
1.4.5 PROPRIETARY SECURITY ENHANCEMENT TECHNIQUES
33(1)
1.4.6 STANDARDS BASED SECURITY
34(1)
Chapter 2 Frame Formats and Basic Security Operation 35(26)
2.1 FRAME FORMATS
35(18)
2.1.1 BASIC FRAME FORMAT
36(1)
2.1.2 FRAME CONTROL FIELD
36(7)
2.1.3 CONTROL FRAMES
43(3)
2.1.4 MANAGEMENT FRAMES
46(7)
2.1.5 THE AUTHENTICATION PROCESS
53(1)
2.2 WEP AND PRIVACY
53(8)
2.2.1 MISCONCEPTIONS
53(1)
2.2.2 DEVELOPMENT CONSTRAINTS
54(4)
2.2.3 DEFICIENCIES
58(3)
Chapter 3 Understanding Wireless Signals 61(24)
3.1 THE WIRELESS RF SPECTRUM AND BASIC MEASUREMENTS
62(9)
3.1.1 FREQUENCY
62(1)
3.1.2 PERIOD AND WAVELENGTH
63(1)
3.1.3 BANDWIDTH
64(1)
3.1.4 THE FREQUENCY SPECTRUM
64(2)
3.1.5 POWER MEASUREMENTS
66(3)
3.1.6 POWER LEVEL
69(1)
3.1.7 SIGNAL-TO-NOISE RATIO
69(2)
3.2 ANTENNA BASICS
71(14)
3.2.1 BASIC OPERATION
72(1)
3.2.2 CATEGORIES
73(1)
3.2.3 ANTENNA GAIN
73(1)
3.2.4 DIRECTIONALITY AND EIRP
74(1)
3.2.5 POWER LEVELS
74(1)
3.2.6 PROPAGATION LOSS
75(1)
3.2.7 INCREASING ANTENNA GAIN
76(1)
3.2.8 POWER LIMITS
77(1)
3.2.9 RECEIVER SENSITIVITY
78(1)
3.2.10 REDUCING EMITTED RADIATION
79(1)
3.2.11 HORIZONTAL TRANSMISSION DISTANCE
80(1)
3.2.12 EQUIPMENT POSITIONING
81(2)
3.2.13 USING MONITORING EQUIPMENT
83(2)
Chapter 4 Understanding WEP 85(28)
4.1 THE WEP FRAME BODY
86(5)
4.1.1 THE IV
86(1)
4.1.2 THE ICV
87(1)
4.1.3 THE NAKED DEFAULT
87(3)
4.1.4 WEP KEY LIMITATIONS
90(1)
4.2 LOCATING AND OBSERVING WIRELESS LAN TRAFFIC
91(6)
4.2.1 NETWORK STUMBLER
91(2)
4.2.2 MONITORING WITH AIROPEEK
93(4)
4.3 RC4
97(5)
4.3.1 OVERVIEW
97(1)
4.3.2 OPERATION
98(1)
4.3.3 ILLUSTRATIVE EXAMPLE
99(3)
4.3.4 STRENGTHS AND WEAKNESSES
102(1)
4.4 WEP WEAKNESS
102(11)
4.4.1 UNSAFE AT ANY SIZE
102(1)
4.4.2 THE INSECURITY OF 802.11
103(4)
4.4.3 EXPLOITING RC4 WEAKNESS
107(1)
4.4.4 BREAKING WEP
108(1)
4.4.5 AIRSNORT
109(1)
4.4.6 WEPCRACK
110(3)
Chapter 5 Security Risks and Countermeasures 113(36)
5.1 The SSID
113(4)
5.1.1 OVERVIEW
114(1)
5.1.2 OVERRIDING THE SSID
114(1)
5.1.3 OBTAINING THE SSID
115(2)
5.1.4 COUNTERMEASURES
117(1)
5.2 EAVESDROPPING
117(4)
5.2.1 OVERVIEW
117(1)
5.2.2 THREATS
118(1)
5.2.3 COUNTERMEASURES
118(3)
5.3 MASQUERADE
121(3)
5.3.1 OVERVIEW
121(1)
5.3.2 COUNTERMEASURES
122(2)
5.4 DATA MODIFICATION
124(1)
5.4.1 OVERVIEW
124(1)
5.4.2 COUNTERMEASURES
124(1)
5.5 FILE SHARING
124(7)
5.5.1 OVERVIEW
124(1)
5.5.2 WINDOWS 95
125(3)
5.5.3 WINDOWS 2000
128(3)
5.5.4 COUNTERMEASURES
131(1)
5.6 JAMMING
131(2)
5.6.1 OVERVIEW
131(1)
5.6.2 COUNTERMEASURES
132(1)
5.7 ENCRYPTION ATTACKS
133(2)
5.7.1 OVERVIEW
134(1)
5.7.2 COUNTERMEASURES
135(1)
5.8 SNMP
135(6)
5.8.1 CODING FLAWS
136(1)
5.8.2 SNMP VERSIONS
136(5)
5.8.3 COUNTERMEASURES
141(1)
5.9 BROADCAST MONITORING
141(4)
5.9.1 OVERVIEW
142(2)
5.9.2 COUNTERMEASURES
144(1)
5.10 ACCESSING A MANAGEMENT CONSOLE
145(1)
5.10.1 OVERVIEW
145(1)
5.10.2 COUNTERMEASURES
145(1)
5.11 THEFT OF HARDWARE
146(1)
5.11.1 OVERVIEW
146(1)
5.11.2 COUNTERMEASURES
146(1)
5.12 ROGUE ACCESS POINTS
147(2)
5.12.1 OVERVIEW
147(1)
5.12.2 COUNTERMEASURES
147(2)
Chapter 6 Proprietary Security Enhancement Techniques 149(34)
6.1 MAC ADDRESS AUTHENTICATION
150(4)
6.1.1 IEEE 802.11 AUTHENTICATION
150(1)
6.1.2 IMPLEMENTATION METHODS
151(1)
6.1.3 ACCESS POINT UTILIZATION
151(1)
6.1.4 USING A RADIUS SERVER
151(1)
6.1.5 DATAFLOW
151(1)
6.1.6 LIMITATIONS WHEN USING AN AP
151(1)
6.1.7 LIMITATIONS USING A RADIUS SERVER
152(1)
6.1.8 CHAP
153(1)
6.1.9 VISITOR CONSIDERATIONS
154(1)
6.2 CLOSED SYSTEM OPTION
154(1)
6.2.1 OVERVIEW
155(1)
6.2.2 LIMITATIONS
155(1)
6.3 SYSTEM ACCESS PASS PHRASE
155(1)
6.3.1 OVERVIEW
155(1)
6.3.2 NETWORK ACCESS
156(1)
6.3.3 LIMITATIONS
156(1)
6.4 DYNAMIC KEY EXCHANGE AND WEAK KEY AVOIDANCE
156(2)
6.4.1 DYNAMIC KEY EXCHANGE
157(1)
6.4.2 OVERVIEW
157(1)
6.4.3 LIMITATIONS
157(1)
6.4.4 WEAK KEY AVOIDANCE
158(1)
6.4.5 OVERVIEW
158(1)
6.4.6 LIMITATIONS
158(1)
6.5 PROTECTING WIRELESS CLIENTS FROM THE PUBLIC NETWORK
158(8)
6.5.1 OVERVIEW
159(1)
6.5.2 CISCO ACCESS LISTS
159(2)
6.5.3 SMC NETWORKS BARRICADE PACKET FILTERING
161(2)
6.5.4 LIMITATIONS
163(2)
6.5.5 SUMMARY
165(1)
6.6 ANTENNA ORIENTATION AND SHIELDING
166(2)
6.6.1 OVERVIEW
166(1)
6.6.2 ALTERING SIGNAL STRENGTH
166(1)
6.6.3 LIMITATIONS
167(1)
6.7 MINIMIZING TRANSMIT POWER AND ANTENNA CONTROL
168(4)
6.7.1 POWER MANAGEMENT
168(2)
6.7.2 ANTENNA CONTROL
170(1)
6.7.3 POWER LEVEL CONTROL
170(1)
6.7.4 LIMITATIONS
171(1)
6.8 WIRELESS INTRUSION DETECTION
172(1)
6.8.1 OVERVIEW
172(1)
6.8.2 LIMITATIONS
172(1)
6.9 LEAP
173(10)
6.9.1 OVERVIEW
173(1)
6.9.2 OPERATION
174(1)
6.9.3 CONFIGURATION
174(1)
6.9.4 CONFIGURING THE ACCESS POINT
175(1)
6.9.5 CLIENT CONFIGURATION
175(2)
6.9.6 ENABLING WEP
177(4)
6.9.7 LIMITATIONS
181(2)
Chapter 7 Standards Based Security 183(62)
7.1 THE IEEE 802.1X STANDARD
183(37)
7.1.1 OVERVIEW
183(1)
7.1.2 GENERAL OPERATION
184(1)
7.1.3 DATA FLOW
185(2)
7.1.4 THE EAP PROTOCOL
187(1)
7.1.5 MESSAGE TYPES
188(1)
7.1.6 EAP PACKET FORMAT
188(1)
7.1.7 THE DUAL-PORT AUTHENTICATION MODEL
189(1)
7.1.8 SECURITY LIMITATIONS
189(4)
7.1.9 USING THE CISCO AIRONET 350
193(1)
7.1.10 CLIENT SETUP
193(5)
7.1.11 NETWORKSECURITY
198(2)
7.1.12 USING WINDOWS XP
200(3)
7.1.13 ACCESS POINT SETUP
203(6)
7.1.14 SECURITY SETUP
209(1)
7.1.15 ACCESS
209(2)
7.1.16 SECURITY SETUP OPTIONS
211(8)
7.1.17 CLOSING THOUGHTS
219(1)
7.2 EVOLVING ENCRYPTION
220(4)
7.2.1 TKIP
221(1)
7.2.2 AES
222(2)
7.3 VPNS AND TUNNELING PROTOCOLS
224(21)
7.3.1 VPN OVERVIEW
224(1)
7.3.2 NEED FOR SECURITY
225(1)
7.3.3 TYPES OF VPNS
226(2)
7.3.4 APPLICABILITY TO WIRELESS LANS
228(1)
7.3.5 VPN PROTOCOLS
229(1)
7.3.6 PPTP
229(3)
7.3.7 L2TP AND IPSEC
232(2)
7.3.8 VPN OPERATIONS
234(11)
Appendix A Wireless LAN Security Checklist 245

Rewards Program

Write a Review