Search icon
Arrow left icon
All Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletters
Free Learning
Arrow right icon
Mastering Kali Linux Wireless Pentesting

You're reading from  Mastering Kali Linux Wireless Pentesting

Product type Book
Published in Feb 2016
Publisher
ISBN-13 9781785285561
Pages 310 pages
Edition 1st Edition
Languages
Authors (2):
Brian Sak Brian Sak
Profile icon Brian Sak
Jilumudi Raghu Ram Jilumudi Raghu Ram
Profile icon Jilumudi Raghu Ram
View More author details

Table of Contents (16) Chapters

Mastering Kali Linux Wireless Pentesting
Credits
About the Authors
About the Reviewer
www.PacktPub.com
Preface
1. Wireless Penetration Testing Fundamentals 2. Wireless Network Scanning 3. Exploiting Wireless Devices 4. Wireless Cracking 5. Man-in-the-Middle Attacks 6. Man-in-the-Middle Attacks Using Evil Twin Access Points 7. Advanced Wireless Sniffing 8. Denial of Service Attacks 9. Wireless Pentesting from Non-Traditional Platforms Index

Wireless communication


The term wireless can be construed in many different ways depending on who you are speaking to. In general, this can encompass any transmission of data using a technology where the sender and the receiver of the data are not connected by a physical medium. From an information technology context, this will cover technologies such as microwave, cellular, mobile broadband, Bluetooth, LoRa, Zigbee, and of course, Wi-Fi, or Wireless Fidelity. While some of the other areas of wireless are intriguing from a security perspective, we have chosen to keep the scope of this book down to only Wi-Fi technologies. This section will discuss the basics of Wi-Fi communications and the protocols and standards at a level appropriate for security professionals. Thankfully for us, we are able to benefit from lots of work done by our electrical engineering and software engineering counterparts, who have reduced the complexity of magically sending packets through the air at great speeds down to something manageable.

Let's start by discussing the wireless LAN networking technology defined by the IEEE 802.11 working group. Wireless Local Area Networks, typically referred to simply as WLANs, are very popular technologies that are used to create a network of clients and devices that do not require each host to be connected to the network via a wired Ethernet connection. The biggest advantages of WLANs are their ease of use, low cost of deployment, and dynamic operational model. As mentioned, WLANs are easy to deploy, and even home users can buy an access point and start networking it with available mobile devices, such as laptops, smartphones, and tablets, with little skill and in a short amount of time. It's typically just a matter of plugging in the access point and correctly configuring your mobile devices, and the WLAN will be operational within a few minutes. For WLANs in a corporate environment, many of the same principles apply, though the complexity and security considerations will typically increase linearly to the size of the deployment. Organizations typically have many access points and configurations to manage, and it's common to see them deployed, leveraging a controller model to ensure consistency. While this model varies from what you will typically see in a residential or SMB scenario, the underlying technologies (and weaknesses) still exist. To better understand the security risks associated with WLANs, we need to know how wireless stations and clients communicate and the underlying technologies that enable this communication.

Some WLAN components are as follows:

  • Radio: This is defined as a station in 802.11 standards, and it will sometimes be abbreviated as STA. It is the component that transmits the wireless signal.

  • Access Points (AP): This provides connectivity between STAs (most likely, laptops and other mobile devices).

The preceding components alone provide the hardware required to build a WLAN. From a software perspective, wireless drivers and firmware on access points enable this hardware, and an operating system and an application stack will provide the management, user control, encryption, and other functionalities.

As we look at the security considerations for each part of the stack that enables wireless connectivity, we have to ensure that all components are scrutinized. It is possible that vulnerabilities in something as fundamental as device drivers may lead to the compromise of the AP or client. Additionally, firmware in an access point can potentially be infected with malware, which can lead to the compromise of the clients that are connected to them. If you are a security professional reading this book, to be better informed and better understand how to test and protect a wireless network you are responsible for, subsequent chapters will provide you with some guidance on known vulnerabilities, what to look out for, and operational best practices in addition to the demonstrated penetration testing exercises.

You have been reading a chapter from
Mastering Kali Linux Wireless Pentesting
Published in: Feb 2016 Publisher: ISBN-13: 9781785285561
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $15.99/month. Cancel anytime}