Brian D Foy, Ther Perl Review, May 2002
North Bay Multimedia Association, August 2002
Joel Snyder Network World, August 12, 2002
Robert Vamosi, AnchorDesk, September 4, 2002
Peter Coffee, eweek, Jan 20, 2003
Michael Dominowski, Staten Island Advance, Jan 12, 2003
David J. Bianco, Infosec, March 2003
Ping, March – written by Elliott A. Nichol
Product Description
Mention wireless networks, and the question of security will soon follow. It's not surprising that in spite of compelling business arguments for going wireless, many companies are holding back because of security concerns. But, while it's true that wireless networks create security issues that don't exist in wired networks, the issues are not insurmountable. 802.11 Security shows how you can plan for and successfully contend with security obstacles in your wireless deployment. This authoritative book not only explains the security issues, but shows you how to design and build a your own secure wireless network.
802.11 Security covers the entire process of building secure 802.11-based wireless networks, in particular, the 802.11b ("Wi-Fi") specification. The authors provide detailed coverage of security issues unique to wireless networking, such as Wireless Access Points (WAP), bandwidth stealing, and the problematic Wired Equivalent Privacy component of 802.11. You'll learn how to configure a wireless client and to set up a WAP using either Linux or Free BSD. You'll also find thorough information on controlling network access and encrypting client traffic.
Beginning with an introduction to 802.11b in general, the book gives you a broad basis in theory and practice of wireless security, dispelling some of the myths along the way. In doing so, they provide you with the technical grounding required to think about how the rest of the book applies to your specific needs and situations. Next, the book details the technical setup instructions needed for both the Linux and FreeBSD operating systems. Some of the topics covered include:
- Station Security for Linux, FreeBSD, Open BSD, Mac OS X and Windows
- Setting Up Access Point Security
- Gateway Security, including building Gateways, firewall Rules, Auditing, etc.
- Authentication and Encryption
- FreeBSD IPsec client and gateway configuration
- Linux IPsec client and gateway configuration
- 802.1x authentication
About the Author
is the Manager of Network and Security Operations for VeriSign's Mass Market's division. He manages the security for over a hundred network devices and several hundred servers. He's the founder of the Shmoo Group (www.shmoo.com), a web site for security, cryptography, and privacy professionals, and NoVAWireless (www.novawireless.org), a community-based wireless network project in Northern Virginia.
is a security researcher and the Director of Methodology Development at Secure Software, Inc. He has been involved in wireless networking both through the Northern Virginia community wireless group and through commercial security research into the topology of wireless networks. His recent work includes investigation of layer two attacks against wireless networking devices.
Excerpted from 802.11 Security by Bruce Potter, Bob Fleck. Copyright © 2003. Reprinted by permission. All rights reserved.
Apple’s Mac OS X operating system has been rapidly gaining in popularity among security professionals. This can most likely be attributed to its excellent GUI, BSD underpinnings, and increased focus on security features. Apple has taken a proactive stance in developing a more secure OS, and is working hand-in-hand with the BSD community to explore secure standards for the BSD family of operating systems.
Mac OS X Setup
The underlying structure of Mac OS X uses many BSD-derived components. Because of this, the configuration, scripts, and firewall are very similar to FreeBSD. File paths are often different, but the concepts remain the same. The examples and walk-throughs in this chapter work on both Mac OS X Versions 10.1 and 10.2.
Kernel Configuration
Mac OS X installs with a pre-compiled kernel that contains support for everything needed to use the OS as a wireless client. The Mac OS X kernel builds are derived
from the OpenDarwin kernel but changed somewhat before release by Apple. Building a custom kernel is a path for the more daring,and technical,user.
Card Configuration
Support for the Apple AirPort wireless card is completely integrated into Mac OS X.
Configuration is accomplished through the System Preferences dialog boxes.The settings and options are primarily contained in two tabs of the Network section of System Preferences.
Figure 7-1 shows the AirPort configuration tab. The AirPort ID is the MAC address of the wireless card in the computer. The series of options below determine the way the OS will select which wireless network to join at startup or when to come out of a standby mode. The first option joins the network with the strongest signal. The second option will rejoin a recently used network. This option has a checkbox to remember network passwords,which is how Mac OS X refers to WEP keys. The final option restricts the computer to only connecting to a specified network SSID. (The SSID is Wireless in this example.)
There are two checkboxes at the bottom of the tab. The first enables the creation of IBSS networks, operating in peer-to-peer mode between workstations. The second adds an icon (Figure 7-2) to the menu bar to display the status of the network connection and provide a small drop-down menu of common actions.
