How Secure is Your Wireless Network? Safeguarding Your Wi-Fi LAN

About the Author LEE BARKEN, CISSP, CCNA, MCP, CPA, has been in the IT industry since 1987. He has worked as anIT consultant and network security specialist for Ernst and Young's Information Technology RiskManagement (ITRM) practice and KPMG's Risk and Advisory Services (RAS) practice. He co-foundedthe San Diego Wireless Users Group and writes and speaks on the topic of wireless LANtechnology and security. He is the technical editor for Mobile Business Advisor Magazine, andteaches Wireless LAN Security and Deployment classes for the University of California at SanDiego (UCSD) extension.

(NOTE: Each chapter begins with an Introduction and concludes with a Summary.)

Foreword.


Introduction.


1. The Need For Wireless LAN Security.


Security in Layers. Size Matters—What Are You Protecting? Wireless LAN 101. Shared Key Authentication. Wi-Fi Protected Access (WPA). Beware: The Walls are Listening… Stop the RF Bleeding.



2. Introduction to WLAN.


Pre-802.11. 802.11 (1997). Spread Spectrum. 801.11b. Interoperability. Critical Mass. 802.11a. 802.11g. Other Working Groups. 802.11 Specification. A Tale of Two Topologies. CSMA/CA. RTS/CTS. Fragmentation.



3. WEP Vulnerabilities—Wired Equivalent Privacy?


WEP 101. Decrypting the WEP Message. Key Management Problems. RC4 Stream Cipher. IV Collisions. Message Injection. Authentication Spoofing. Brute Force Attacks. Cracking WEP Keys. Now What?



4. War Driving: Tools and Techniques.


What Is War Driving? Wireless Sniffers. Putting It All Together. Ethical Considerations. War Chalking.



5. 802.11I, WPA, TKIP, AND AES.


WPA to the Rescue! TKIP. WPA for the Home. 802.11i and AES.



6. 802.1x Explained.


Where Did 802.1x Come From? Guilty Until Proven Innocent (or Authenticated). 802.1x Authentication Conversation. Solving Security Problems with 802.1x. But Wait, There's More! Competing Standards.



7. Connecting a WLAN to the Wired Network.


Assessing the Information Assets. A Layered Approach. Multiple SSIDs. 802.1x vs. VPN. Hands-on Projects.



8. How to Deploy a VPN for Wireless Environments.


PPTP vs. L2TP/IPSec. PPTP: Point-to-Point Tunneling Protocol. L2TP: Layer 2 Tunneling Protocol with IPSec. Choosing an Authentication Protocol. Building a VPN Server. Configuring the VPN Server. Configuring Clients. The Downside to VPNs.



9. How to Secure and Manage a Home Environment.


Basic Security Steps. Beyond Security: Managing the Network. AP on Steroids? Linux Embedded Appliance Firewall (LEAF). Adding Wireless Client Support to Bering. Sputnik around the World. ReefEdge Dolphin.



10. How to Secure an Enterprise Environment.


802.1x Revisited. Setting Up the Authentication Server. Configuring the CA. Configuring the Authenticator. Using EAP-TLS with Windows 2000 Server.



11. Setting Up a Secure Public Hotspot: Building A Linux-Based Access Point.


HostAP Prism Driver for Linux. NoCat. The 800-Pound Pebble. LEAF to the Rescue. Troubleshooting Tips.



Appendix A: Introduction to RF.


The History of Radio Frequency. Electromagnetism. Induction. Conduction. Radio Waves. Structure of a Wave. Modulation. Attenuation. Antennae. How Antennae Work. Different Kinds of Antennae. Antenna Types. Summary.



Appendix B: 802.11 Frame Types.


Management Frames. Control Frames. Data Frames.



Appendix C: Community Wireless Networking.


For Pay. Amenity. Utility. User Groups. The Mission. The Legal Issues. Sentre Partners in San Diego. Software Options for Free Hotspots. The Big Picture.



Appendix D: Building a Pringles Can Antenna.


Index.