VERY VERY HIGHLY RECOMMENDED!!
Are you a wireless security administrator? If you are, then this book is for you. Authors Chris Hurley, Russ Rogers, Frank Thornton, Daniel Connelly and Brian Baker, have done an outstanding job of writing a book to show you how to analyze wireless networks through wardriving and penetration testing.
Hurley, Rogers, Thornton, Connelly and Baker, begin with a discussion about wardriving and how it applies to a wireless penetration test. Then, the authors discuss how antennas work and how to choose the right antenna for conduction wireless network penetration testing. Next, they show you how to use a handheld device for direction finding and tracking, down to rogue access points and clients. The authors also introduce some basic techniques for wardriving and penetration testing using Microsoft Windows. They continue by describing the steps necessary to configure and utilize the KisMAC WLAN discovery tool in order to successfully wardrive. Then, the authors show you how to identify your specific WLAN target and determine what security measures are being utilized. Next, they show you how to use two of the most popular mapping applications: Kismet and NetStumbler. The authors then discuss the hardware required for a wireless MITM attack. They continue by focusing on the Open WRT firmware. Finally, they focus on how to perform a wireless test against a client, and examine some of the vulnerabilities related to wireless video.
This most excellent book assesses wireless networks, while leveraging these free tools to low-cost supporting hardware. Perhaps more importantly, after reading this book, you'll get a taste of how wardriving really works in the real world.
Comprehensive and clear, a good book
Disclaimer: I know the guy who wrote the forward, although I don't think in any way this has influenced my review of this book.
I'm not a wireless hacker, although I've dabbled some in examining networks and some of the software in the book. That said, I think I learned quite a bit by reading this book. I didn't know what to expect with "Wardriving & Wireless Penetration Testing", but what I found was a focused, well prepared book with clear examples. Now, this book is very heavy on network discovery and mapping and not as complete on wireless attacks, although this topic does get coverage in a full chapter and parts of others.
What I like about the book is that it's comprehensive without being exhaustive. It covers WiFi hacking from Windows and Linux, which you would expect, and also from OS X (not so common) and also from, very pleasantly, handheld devices. The software covered is mainly using Kismet/Kismac and the NetStumbler family of software, which is not unexpected. These are premier tools and offer everything you would want. Several minor tools are also discussed.
Various attacks covered include breaking the security mechanisms of WEP, WPA and LEAP, not surprisingly, and how to commit MITM attacks. In all of these, the instructions are clear and straightforward with clear illustrations.
Lest you think this book is all about software, there's good coverage of hardware, both wireless cards and adapters as well as antennas. Also, some GPS software and its integration with wireless mapping efforts is also covered in detail. Another surprise is the coverage of the OpenWRT software kit for the WRT54G device, which can easily be loaded into a functional, dedicated wireless pentest and attack tool. The authors provide valuable tips and insights along the way. A short "bonus" chapter on wireless video device hacking is also included. Appendix B covers driver static analysis and testing, which is becoming a hot topic right now in vulnerability research.
Screenshots, examples, and images were generally well done. A handful of Linux-specific screenshots (ie for the kernel configuration) were poorly reproduced, unfortunately.
While I'm not an expert at wireless (either the security protocols, the auth protocols, or the physics) I didn't spot any obvious mistakes in their background material.
I found "Wardriving & Wireless Penetration Testing" to be well written and full of useful information, all clearly and well presented. The authors have prepared a good, timely book on the subject, and cover the topic in full, sharing insights and tips along the way.
(2 reviews)
