Despite their popularity and wider deployment, IEEE 802.11 WLANs have been found to be vulnerable to security threats soon after their emergence requiring adoption of security measures. However, the introduced security measures didn’t provide solutions for Denial of Service (DoS) attacks. This book characterizes the DoS attacks based on their ease of applicability and the degree of severity they introduce, and evaluates countermeasures for efficiency and effectiveness in defending against the attacks. Among various DoS attacks, Authentication Request Flooding (AuthRF) and Association Request Flooding (AssRF), which are practical and needing lesser effort to cause damage, were selected for study using OMNET++ simulation environment embedding INET Framework. Designs and models have been developed for the selected attacks and for two versions of defenses: countermeasure and enhanced countermeasures. The studied attacks, AuthRF and AssRF, required less effort and caused severe damage. Both versions of defenses, Countermeasure and Enhanced countermeasure, are effective although they incur delay.
With the advent of rich Internet applications, the explosion of social media, and the increased use of powerful cloud computing infrastructures, a new generation of attackers has added cunning new techniques to its arsenal. For anyone involved in defending an application or a network of systems, Hacking: The Next Generation is one of the few books to identify a variety of emerging attack vectors.
You’ll not only find valuable information on new hacks that attempt to exploit technical flaws, you’ll also learn how attackers take advantage of individuals via social networking sites, and abuse vulnerabilities in wireless technologies and cloud infrastructures. Written by seasoned Internet security professionals, this book helps you understand the motives and psychology of hackers behind these attacks, enabling you to better prepare and defend against them.
Learn how “inside out” techniques can poke holes into protected networks
Understand the new wave of “blended threats” that take advantage of multiple application vulnerabilities to steal corporate data
Recognize weaknesses in today’s powerful cloud infrastructures and how they can be exploited
Prevent attacks against the mobile workforce and their devices containing valuable data
Be aware of attacks via social networking sites to obtain confidential information from executives and their assistants
Get case studies that show how several layers of vulnerabilities can be used to compromise multinational corporations
Protect your wireless systems from crippling attacks using the detailed security information in this comprehensive volume. Thoroughly updated to cover today’s established and emerging wireless technologies, Hacking Exposed Wireless, second edition reveals how attackers use readily available and custom tools to target, infiltrate, and hijack vulnerable systems. This book discusses the latest developments in Wi-Fi, Bluetooth, ZigBee, and DECT hacking, and explains how to perform penetration tests, reinforce WPA protection schemes, mitigate packet injection risk, and lock down Bluetooth and RF devices. Cutting-edge techniques for exploiting Wi-Fi clients, WPA2, cordless phones, Bluetooth pairing, and ZigBee encryption are also covered in this fully revised guide.
Build and configure your Wi-Fi attack arsenal with the best hardware and software tools
Explore common weaknesses in WPA2 networks through the eyes of an attacker
Leverage post-compromise remote client attacks on Windows 7 and Mac OS X
Master attack tools to exploit wireless systems, including Aircrack-ng, coWPAtty, Pyrit, IPPON, FreeRADIUS-WPE, and the all new KillerBee
Evaluate your threat to software update impersonation attacks on public networks
Assess your threat to eavesdropping attacks on Wi-Fi, Bluetooth, ZigBee, and DECT networks using commercial and custom tools
Develop advanced skills leveraging Software Defined Radio and other flexible frameworks
Apply comprehensive defenses to protect your wireless devices and infrastructure
The Metasploit Framework is a powerful suite of tools that security researchers use to investigate and resolve potential network and system vulnerabilities. Metasploit: The Penetration Tester‘s Guide shows readers how to assess networks by using Metasploit to launch simulated attacks that expose weaknesses in their security. The book begins with the basics of information security and Metasploit, then proceeds to general and advanced techniques for penetration testing, including network reconnaissance and enumeration, server- and client-side attacks, devastating wireless attacks, and even targeted social engineering attacks. Whether readers are looking to secure their own networks or discover holes in others’, Metasploit is the definitive guide to penetration testing with this dynamic and flexible framework.
Wireless LANs can be found nearly everywhere today. Most mobile computers ship with built-in wireless LAN hardware by default and most other computers can be equipped with additional hardware. Because all data is transmitted wirelessly, extra security is needed in these networks. This was a concern to the creators of the IEEE 802.11 standard, who designed a simple protocol called WEP which stands for Wired Equivalent Privacy to protect such networks. Unfortunately, the WEP protocol has some serious design flaws and various attacks are possible against WEP protected networks. This book presents nearly all currently known attacks on the WEP protocol, including their theoretical background and their implementation. This book is intended for network operators, who want to learn more about wireless security, and also for cryptographers, who want to understand the theoretical background of these attacks.