1 of 1 people found the following review helpful
on October 23, 2011
This book must surely have been written with a subversive gleam in Ramachandran's eye. It is the equivalent of the Anarchist's Handbook from the 1960s. Granted, the Preface has the statutory disclaimer about how the book is really meant for someone learning to be a penetration tester for a wireless network. Where you then have the expertise to help network administrators secure their networks. Or maybe you are a network administrator yourself. All this is indeed possible with the text.
So really the main aboveground audience is probably sysadmins. The book describes how to use freely available network programs like Wireshark to probe a wireless net. More potently, it gives examples of using Man In The Middle techniques to insert yourself as the invisible intermediary in a conversation between a user surfing the Internet and a targeted web server. Once you see this, you can be likely impressed by why MITM is often thought to be a gold standard of attack vectors.
Another strong aspect of the book is how it demonstrates that it is all too easy for an experienced attacker with the right hardware and software tools to detect and intrude on an insecure WEP or WPA network. Turns out that a WPA network is usually stronger than a mere WEP-using network. But don't get complacent. For both types, the lesson of the book is that the simplest countermeasure is to beef up your users' passwords and, of course, your sysadmin password. The speed of modern computers means that brute force dictionary attacks often suffice to find weak passwords.