Author: Vivek Ramachandran
Publisher: Packt Publishing
If you’re considering a career in penetration testing, you probably already know that BackTrack is the Linux distribution favored by most pentesters due to it being preloaded with hundreds of handy security tools. So, how about a peak into the concrete actions you can carry out when effecting wireless pentesting with BackTrack 5?
About the author
Vivek Ramachandran is a security researcher and the discoverer of the wireless “Caffe Latte Attack”. He is the founder of SecurityTube.net, and an accomplished trainer that travels around the world conducting workshops and training sessions for corporates and students.
Inside the book
Given the ubiquitousness of wireless networks, testing them for security vulnerabilities is of the utmost importance. In this beginner’s guide into wireless penetration testing, the author not only offers a thorough list of attacks that can be mounted against them, but also step-by-step instructions on how to do it, completed with helpful screenshots.
The first chapter is dedicated to the setting up of a wireless testing lab by using off the shelf hardware and open source software, setting up a wireless access point and installing a wireless card and making sure that everything works as it should.
The next few address the subject of WLANs’ inherent security flaws, their weak authentication schemes, vulnerable encryption mechanisms, and how to take advantage of all of them. They are followed by chapters on attacks against the WLAN infrastructure and the wireless client, and one dedicated to advanced attacks such as Man-in-the-Middle and session hijacking.
The subject of WLAN penetration testing methodology is also included in the book, as well as a final chapter that contains links to online sources helpful for keeping up-to-date on the entire subject.
Each chapter begins with a short introduction and is continued with “Time for action” calls that explain how to execute a particular task. This is followed by an explanation of “What just happened?”, and often by further invitations for tinkering on and learning additional things. Chapters end with a very short pop quiz and (sometimes pointless) summaries.
I can’t praise enough the author’s dedication to keeping things simple. “Learn by doing: less theory, more results” says on the cover, and the book really delivers on that promise. This is definitely a great source of information for the budding penetration tester – seasoned experts will likely find very little of interest in it.