Hacking Exposed Wireless, Second Edition: Wireless Security Secrets and Solutions Paperback – Jul 9 2010
|New from||Used from|
There is a newer edition of this item:
Customers Who Bought This Item Also Bought
No Kindle device required. Download one of the Free Kindle apps to start reading Kindle books on your smartphone, tablet, and computer.
Getting the download link through email is temporarily not available. Please check back later.
To get the free app, enter your mobile phone number.
About the Author
McGraw-Hill authors represent the leading experts in their fields and are dedicated to improving the lives, careers, and interests of readers worldwide
Joshua Wright (Rhode Island) is a senior technical analyst with Counter Hack, and a senior instructor and author for the SANS Institute. Through his experiences as a penetration tester, Josh has worked with hundreds of organizations on attacking and defending mobile devices and wireless systems, disclosing significant product and protocol security weaknesses to well-known organizations. As an open-source software advocate, Josh has conducted cutting-edge research resulting in several software tools that are commonly used to evaluate the security of widely deployed technology targeting WiFi, Bluetooth, ZigBee, and Z-Wave wireless systems, smart grid deployments, and the Android and Apple iOS mobile device platforms. In his spare time, Josh looks for any opportunity to void a warranty on his electronics.
Johnny Cache (Virginia) received his Masters in Computer Science from the Naval Postgraduate School in 2006. His thesis work, which focused on fingerprinting 802.11 device drivers, won the Gary Kildall award for the most innovative computer science thesis. Johnny wrote his first program on a Tandy 128K color computer sometime in 1988. Since then he has spoken at several security conferences including BlackHat, BlueHat, and ToorCon. He has also released a number of papers related to 802.11 security, and is the author of many wireless tools. He is the founder and Chief Science Officer of Cache Heavy Industries.
What Other Items Do Customers Buy After Viewing This Item?
Most Helpful Customer Reviews on Amazon.com (beta)
Books in the Hacking Exposed (HE) series that implement the winning HE formula do the following: 1) explain a technology, including aspects you may have never heard of before; 2) explain how to break that technology; and 3) explain how to mitigate the attack, if possible. HEW2 uses this methodology and the result is a great HE book. HEW2 is also cross-platform, usually providing advice on using Windows, Linux, or Mac OS X. Furthermore, this advice is exceptionally practical and relevant. The authors not only describe what works, but also what doesn't work. I got the sense that I was speaking with a pro who was willing to share tips from the trenches, not theory copied from a Web site.
Other aspects of HEW2 make it a winner. The authors post three free chapters on their Web site as background that they didn't want to include in the main text. Their Web site also contains code and other background material from the book, like pcap files. Although I am not on the front lines of wireless hacking, I got the sense that these authors do live on that edge. They explained Software Defined Radio, hardware specifically for attacking wireless devices, hardware mods, and other custom approaches that extend beyond normal wireless techniques. I also liked their "end-to-end" examples for attacking Mac OS X and Windows, integrating client-side attacks with wireless activities. Their use of NetMon and Metasploit was solid. Finally, I loved that HEW2 doesn't start and end with 802.11; it also incorporates Bluetooth, ZigBee, and DECT.
I have no complaints for the authors of HEW2. My only suggestion would be to incorporate attacks on GSM and other mobile technologies into the third edition.
If you want to learn how to attack and defend wireless devices, HEW2 is the right book. Bravo.
What you should expect from this book is an INTRODUCTION to wireless hacking. Like I stated earlier, this book offers broad coverage of various techniques. The authors touch on different subjects, but they do not delve waste-deep into the details of them. Don't expect a WHOLE chapter dedicated to instruction on the aircrack-ng suite, but do expect enough instruction on how to start and run it. There are whole books and websites dedicated to teaching many of the programs covered in this one text.
The authors do a very good job of teaching you how to defeat different forms of wireless security (SSID hiding, MAC filtering, WEP, WPA, etc.). For example, a majority of the text moves in a very logical pattern - first, you learn how to scan and identify a target wireless network. You're then taught how to defeat MAC filtering (if it is in place). Afterwards, you move on to encryption cracking. Finally, you're taught a bit of exploitation.
Don't think that reading this book will turn you into a "master Wi-Fi cracking Jedi" - this mindset will only set you up for disappointment. Think of this book as a "gateway," arming you with the knowledge needed to begin a new career/hobby/whatever. After reading, it's up to you to keep learning more about the different subjects this book touches on, and maybe even discovering some vulnerabilities and/or exploits on your own.
The following lists the chapters in the books, as well as any notes:
Part 1 - Hacking 802.11 Wireless Technology
1.) Introduction to 802.11 Hacking
** Very basic intro to 802.11 theory and devices. Recommended for beginners, as the device recommendations are on-point
2.) Scanning and Enumerating 802.11 Networks
3.) Attacking 802.11 Wireless Networks
** The "bread and butter" of the book, teaching you how to crack a WEP network with data/packets recovered from the previous chapter. Very nice "Bringing it all together" section at the end that gives you the "big picture" of defeating a wireless network with a hidden SSID, MAC filtering, and WEP encryption.
4.) Attacking WPA-Protected 802.11 Networks
** Nice chapter teaching you about the vulnerabilities of WPA (i.e., decrypting network traffic, cracking pre-shared keys, etc.)
Part II - Hacking 802.11 Clients
5.) Attack 802.11 Wireless Clients
** Nice coverage of Metasploit Framework, Evil DNSs, ARP spoofing, injection, and HTTPS cookie stealing
6.) Taking it All The Way: Bridging the Airgap from OS X
7.) Taking it All The Way: Bridging the Airgap from Windows
Part III - Hacking Additional Wireless Technologies
** The last 1/4 of the book was dedicated to the below-listed wireless technologies. Don't expect too much subject coverage on them, but then again, they are not as widely-deployed as Wi-Fi.
8.) Bluetooth Scanning and Reconnaissance
9.) Bluetooth Eavesdropping
10.) Attacking and Exploiting Bluetooth
11.) Hack ZigBee
12.) Hack DECT
The authors follow a consistent template for each technology they discuss. They provide a detailed, but approachable overview of the technology and then explore the technology from both an offensive and defensive point of view. The authors have successfully struck a balance between explaining wireless security in an approachable manner and providing detailed hands on examples of interacting with a wide variety of tools. This makes the book a good resource for someone who might only be interested in wireless security from a high level such as an information security manager. However, it also makes the book a valuable resource for the practitioner who wishes to learn wireless security in a more hands on manner.
As an added bonus, the book includes a foreward by Ed Skoudis where Ed reveals that he has the soul of an electrical engineer. He further explains he was partially led to this discovery by a picture of Nikola Tesla shooting lighting-bolts out of his eyes. How can you pass up reading that?
Chief Wi-Fi Architect
They are Great Books!! ---That is my opinion!
Look for similar items by category
- Books > Computers & Technology > Certification Central > Exams > Security+
- Books > Computers & Technology > History & Culture > Privacy
- Books > Computers & Technology > Internet & Social Media > Hacking
- Books > Computers & Technology > Networking & Cloud Computing > Internet, Groupware, & Telecommunications
- Books > Computers & Technology > Networking & Cloud Computing > Network Security
- Books > Computers & Technology > Networking & Cloud Computing > Networks, Protocols & APIs
- Books > Computers & Technology > Networking & Cloud Computing > Wireless Networks
- Books > Computers & Technology > Programming
- Books > Computers & Technology > Security & Encryption > Privacy & Online Safety
- Books > Textbooks > Computer Science & Information Systems > Networking