353
Index
IDS/IPS (intrusion-detection/prevention
system), 80, 253–254, 336–337
IEEE (Institute of Electrical and Electronics
Engineers) standards. See also 802.11
standards
802 work group for, 9
802.11i (WPA2), 10–11
Organizationally Unique Identifiers
(OUI), 144
Web site, 328–329
ifconfig utility (Linux), 199
implementing a testing methodology
determining what services are running, 39
formal procedures overview, 31
gathering public information, 32–35
logging what you do, 32
mapping your network, 35–37
not using a methodology, avoiding, 308–309
scanning your systems, 37–38
system-penetration phase, 41–42
vulnerability assessment, 39–41
Independent Basic Service Set (IBSS)
configuration, 180–181
Information Systems Security Assessment
Framework (ISSAF) standard, 27–28
installing
AirSnort WEP-key cracking tool, 268–269
Cygwin emulation software, 47–51
Kismet GPSD, 159–160
Kismet stumbling tool, 157–159
MiniStumbler tool, 170–171
NetStumbler tool, 133
VMware emulation software, 52–53
Institute for Security and Open
Methodologies (ISECOM), 28–29
Institute of Electrical and Electronics
Engineers. See IEEE
integrity check value (ICV), 257
integrity of messages
CRC check for, 256–257, 260
cryptographic protection lacking with
WEP, 260
802.11 standard and, 256–257, 260
protecting, 256–257
interference. See RF jamming
International Organization for
Standardization (ISO), 26
Internet Authentication Service (IAS) of
Microsoft, 288
Internet resources
AiroPeek sniffer, 115
AirSnare WIDS program, 296
AirSnarf program, 178
AirTraf sniffer, 114
antennae, 335
arping tool, 126
attenuators, 94
Auditor Linux, 119
Auditor Security Collection (Knoppix), 297
Cain & Abel password recovery tool, 124
cantennae (yagi-style antennae), 60
certification organizations, 327
client vulnerability testing tools, 103
Cobit standard, 27
CommView for WiFi sniffer, 115
CoWPAtty WPA-PSK-auditing tool, 294
deauthentication attack tools, 242
for default settings, 77
default SSID information, 128
dictionary files and word lists, 339
DiGLE, 151–152
dsniff penetration-testing tools, 125
emulation software, 46–47, 52, 333
essid_jack SSID reporting tool, 127
Ethereal sniffer, 114
Foundstone query tool for Google, 34, 72
general resources, 328
general wireless tools, 331–332
Google, 33–34, 71–72
Gulpit sniffer, 119
hacker sites, 328
Hacking For Dummies passwords chapter,
78, 107
Hermes chipset information, 58
honeypot software, 176
IDS systems, 80
IDS/IPS vendors, 336–337
IEEE site, 328–329
IP address-gathering tools, 339
IPSec testing tools, 295–296
ISO/IEC 17799 standard, 26
ISSAF standard, 28
Kismet driver information, 157
LEAP-cracking tools, 292–293, 340
link-monitoring tools (Linux), 87–89
Linux distributions (freeware), 332
Linux distributions on CD, 56
Linux Wireless Extensions, 82
local wireless groups, 329–331
MAC address vendor IDs, 198
MiniStumbler wardriving tool, 170
Mognet sniffer, 119
NetStumbler tool, 133
network scanners, 340
30_597302_bindex.qxd 8/4/05 7:27 PM Page 353
(17 stránky)
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Komentáře k této Příručce