360
Hacking Wireless Networks For Dummies
standards for ethical hacking
Cobit, 27
ISO/IEC 17799, 26–27
ISSAF, 27–28
OCTAVE, 27
OSSTMM, 28–30
overview, 26
SSE-CMM, 27
standards for wireless networks, 9–11. See
also specific standards
Steel Belted RADIUS (Funk Software), 289
Street Atlas USA (DeLorme), 63
Streets & Trips (Microsoft), 63, 150
stumbling tools, 56, 186–188, 304. See also
specific tools
StumbVerter software, 62, 149–150, 167
Sun Tzu (The Art of War), 155
SuperScan port scanner (Foundstone), 37–38,
100–101
Symantec’s PartitionMagic, 46
Systems Security Engineering capability
maturity model (SSE-CMM) standard, 27
• T •
table-based attacks on WEP, 264
Tcpdump packet sniffer, 119
Technical Stuff icon, 5
Tektronix power signal generators, 64
telephone, social engineering tests using, 73
Temporal Key Integrity Protocol (TKIP), 294
Ten Commandments of Ethical Hacking
ISSAF standard and, 28
overview, 19–20
Thou shalt do no harm, 23–24
Thou shalt keep records, 22–23
Thou shalt not covet thy neighbor’s tools,
24–25
Thou shalt obtain permission, 21–22
Thou shalt plan thy work, 21
Thou shalt report all thy findings, 25
Thou shalt respect the privacy of others, 23
Thou shalt set thy goals, 20–21
Thou shalt use a scientific process, 24
Thou shalt work ethically, 22
10pht’s AntiSniff, 130
Terabeam Wireless signal generator, 232
testing methodology implementation. See
implementing a testing methodology
Tethereal packet sniffer, 118
text files, ^M character at end, 49
THC-LEAPcracker tool, 292–293
THC-Scan wardriving software, 174
THC-Wardrive wardriving software, 174
threats, 11. See also vulnerabilities
time frame for tests, 24
Tip icon, 5
TKIP (Temporal Key Integrity Protocol), 294
TopoUSA mapping software (DeLorme), 63
training about human vulnerabilities, 79–80
transceivers. See wireless NICs
• U •
UCD-SNMP utility, 215
unauthorized equipment. See also APs
(access points)
APs, 178
characteristics indicating, 181–184
countermeasures, 193–194
dangers of, 75
determining if connected to your system,
191–192
excuses for setting up, 69, 74
finding with stumbling software, 186–188
main types of, 178
in online databases, 193
other software for finding, 193
rogue APs or clients, 178
scanning for, 75–76, 80
signal strength and, 185–186
system configurations and, 179–181
typical scenario for setting up, 74–75
wireless clients, 178
unauthorized users, checking for, 90–91
U.S. Patent and Trademark Office Web site, 33
usability versus security, 69
US-CERT Vulnerability Notes Database,
41, 110
• V •
Virtual PC (Microsoft), 47
VMware emulation software, 46, 52–55
Void11 packet-injection tool, 235–236, 242
VPNMonitor sniffer, 102–103
VPNs (Virtual Private Networks)
authentication using, 295–296
defined, 278
as encryption attack countermeasure,
278–280
IPSec for, 280, 295–296
30_597302_bindex.qxd 8/4/05 7:27 PM Page 360
(17 paginas)
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales