359
Index
history of, 64
NetStumbler display of, 230–232
Queensland attack, 217, 229
by signal generators, 232–233
sources of, 63–64, 229–230
unintentional, 229–230
wireless network susceptibility to, 229
RF monitoring software, 333–334
RF prediction software, 333
risks, 11–12. See also vulnerabilities
Rohde & Schwarz spectrum analyzer, 90
• S •
scanning
port scanning, 37–38, 99–102, 305
for unauthorized equipment, 75–76, 80
your systems, 37–38
scientific process, 24
screen capture software, 32
scripts (NetStumbler), 139–140
Secure Shell (SSH2) tunneling, 280
SecureACS (Secure Access Control Software)
of Cisco, 288
security awareness products, 80
SEI (Software Engineering Institute), 27
services, determining which are running, 39
service-set identifiers. See SSIDs
Sery, Paul (Knoppix For Dummies), 56
shared-key authentication
overview, 282–283
problems with, 259, 262, 283–284
shares (Windows), finding, 107–109
signal generators, 232–233. See also RF
jamming
signal jamming. See RF jamming
signal strength
adjusting, 94–95
NetStumbler graphing of, 132
unauthorized equipment and, 185–186
Simple Network Management Protocol. See
SNMP
SiteDigger tool (Foundstone), 72
SLAX Linux CD distribution, 56
SMAC MAC address changer, 90–91, 203–204
Snagit screen capture software, 32
Sniff-em wardriving software, 174
Sniffer Netasyst packet analyzer, 120
Sniffer Wireless packet analyzer, 120, 174
sniffers (network analyzers). See also specific
programs
anti-sniffing programs, 130
detecting, 129–130
finding network-level attack vulnerabilities
with, 218–222
finding unauthorized equipment with,
188–192
origin of name, 57
overview, 56–57, 305
programs, 113–120, 218–219, 337–338
tips for using, 219
trends to look for, 220–222
for VPNs, 102–103
SNMP (Simple Network Management
Protocol)
checking if running, 214
network-level attack vulnerabilities, 214–216
network-management programs using, 214
overview, 213–214
SNMPUTIL utility, 215
social engineering
active tests, 73–74
dangers of, 70
defined, 17, 67, 70
hiring third parties for testing, 70
overview, 70–71
passive tests, 71–72
SoftPerfect
Network Protocol Analyzer, 120
Network Scanner, 100
software attacks, 18
Software Engineering Institute (SEI), 27
spectrum analyzers, 90
spoofing MAC addresses. See MAC-address
spoofing
SSE-CMM (Systems Security Engineering
capability maturity model) standard, 27
SSH2 (Secure Shell) tunneling, 280
SSIDs (service-set identifiers). See also APs
(access points)
changing defaults, 128
cloaked, 132
default settings information, 128
disabling broadcasts, 13, 129
gathering from wireless networks,
126–128, 339
in NetStumbler, 145–146
passwords versus, 126
reporting with essid_jack, 127, 188
searching the Internet for yours, 34, 71
social engineering to obtain, 73
systems identified by names of, 13
of unauthorized systems, 182–183
on Wi-Fi databases, 34
SSIDsniff tool, 128
30_597302_bindex.qxd 8/4/05 7:27 PM Page 359
(17 stránky)
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Komentáře k této Příručce