Wireless Network Security: A Beginner's Guide
by Tyler Wrightson
ISBN 978-0-07-176094-2 . amazon.com USD 27.99 Table of Contents: http://www.mcgraw-hill.com.au/html/9780071760942.html#
Reviewed by Richard Austin July 19, 2012
Your humble correspondent normally avoids anything security-related with "a beginner's guide" in the title, expecting it to be a superficial rehash of some checklist or another. But with my familiarity with wireless being slightly beyond getting a laptop to (finally) connect to a hotspot, I took a chance on this book and was pleasantly surprised.
Wrightson opens the book with a general introduction to information security in the context of wireless communications. Risk assessment and mitigation and the other usual suspects are gently (and lightly introduced). He follows up with a discussion of the denizens of the wireless world (access points, clients, etc.) and provides suggestions on building a basic lab to support working through the examples in the book.
After the introductory material, Wrightson devotes three chapters to attacks on wireless networks and their users. He opens with "Theory of Attacks on Wireless Networks" providing background for understanding the next two chapters ("Attacking Wireless Networks" and "Attacking Wireless Clients"). Common techniques such as reconnaissance, SSID decloaking (a catchy term I will shamelessly appropriate from now on), passive interception, etc., are clearly presented with the aid of effective illustrations. He provides a clear introduction to WEP and WPA and illustrates principles behind common attacks on them.
"Attacking Wireless Networks" is an excellent introduction to the common tools (Kismet, airodump-ng, etc.) and how they're used in mounting attacks. Wrightson uses Back|Track 5 as the platform so the reader can follow along by simply booting up a virtual machine without having to navigate tool installations and their dependencies.
"Attacking Wireless Clients" focusses, as you might expect, on attacks that target the wireless clients rather than the networks they connect to. Techniques such as creating a bogus access point in preparation for mounting a middle-person attack are described in detail and clearly illustrated.
By this point the reader may be tempted to unplug the access point and eschew wireless communications completely, so it's fortunate that Wrightson devotes the next several chapters to defense of wireless communications. The discussion opens with a theory chapter that provides sage advice on how wireless deployments should be planned and implemented. Defenses that can actually mitigate risks (firewalls, IDS/IPS, etc.) are distinguished from security theater (MAC filtering, SSID cloaking, and so on).
The next three chapters provide a detailed walkthrough of deploying secure wireless networks (e.g., WPA2 Enterprise). Though I suspect it was done to make the chapters independent, there is much duplicated material that could have been pulled out into a common prologue.
Wrightson then turns to the challenging task of providing guest wireless access. He reviews alternatives such as captive portals and short-term credentials and provides pros and cons so that a defensible choice can be made. Guest wireless access has been done wrong so many times that I think this chapter alone justifies the price of the book.
The final chapter covers dealing with rogue access points and a bit on the future of wireless security. Wrightson wisely notes that an "ounce of prevention" in precluding use of an unauthorized access point (through 801.x port-based access control for example) is much less resource intensive than hunting one down after the fact.
An appendix provides a gentle introduction to Linux that will be quite useful to readers unfamiliar with that platform (and are encountering a specialized distribution such as Back|Track for the first time).
This is an excellent introduction to wireless security and their security implications. The technologies and tools are clearly presented with copious illustrations and the level of presentation will accommodate the wireless security neophyte while not boring a mid-level expert to tears. If the reader invests the time and resources in building a lab to follow along with the text, s/he will develop a solid, basic understanding of what "wireless security" is and how it can be implemented in practice. This is definitely a recommended read for its intended audience.