802.11安全手册(影印版)
802.11安全手册(影印版)
Bruce Potter, Bob Fleck
出版时间:2003年06月
页数:196
无线网络为所有类型的用户展示了一种新的可能性。从传统的LAN环境到无线ISP、到特定的网络,802.11这种最流行的无线局域网协议正在逐渐改变着人们脑海中网络的概念。
同时,无线网络也向用户和网络管理员提出了新的安全性挑战。由于物理安全性的缺乏、可作为攻击工具的自由审核工具的普及,以及不受注意就可以监控流量的能力都使得无线网络成为了恶意用户最容易选择的目标。无线网络的每一条链接都需要受到保护,以保证数据的安全性。
本书介绍的是无线网络安全性的基础知识。阅读完本书,读者将可以理解802.11网络的工作方式,及其弱点的所在。在试图保护无线网络之前先了解无线网络部署中的实际风险和可能面临的攻击是非常重要的。
本书针对802.11网络中的所有主要组件都提供了实际的解决方案。基站安全性配置分别针对各种操作系统进行了归档,这些系统包括:Linux、FreeBSD、OpenBSD、Mac OS X和Windows。实际的网络中包含着很多不同种类的操作系统,而本书将会告诉你使用何种工具能够保护数据的安全性。
本书涵盖的主题包括:
* 接入点安全性
*网关安全性
* Linux、FreeBSD、OpenBSD、Mac OS X和Windows等系统的客户端安全性配置
* SNMP监视
*拒绝服务攻击和中间人攻击
* VPN配置和802.1x,802.1x是将在未来的无线网络部署中充当重要角色的身份验证和授权协议
本书对于任何要部署无线网络的用户来说都是很重要的,因为本书中提供了保护网络和重要数据所需的广泛的背景知识,并提供了特定的范例。
  1. Preface
  2. Part I. 802.11 Security Basics
  3. 1. A Wireless World
  4. What Is Wireless?
  5. Radio Transmission
  6. Inherent Insecurity
  7. 802.11
  8. Structure of 802.11 MAC
  9. WEP
  10. Problems with WEP
  11. Is It Hopeless?
  12. 2. Attacks and Risks
  13. An Example Network
  14. Denial-of-Service Attacks
  15. Man-in-the-Middle Attacks
  16. Illicit Use
  17. Wireless Risks
  18. Knowing Is Half the Battle
  19. Part II. Station Security
  20. 3. Station Security
  21. Client Security Goals
  22. Audit Logging
  23. Security Updates
  24. 4. FreeBSD Station Security
  25. FreeBSD Client Setup
  26. 5. Linux Station Security
  27. Linux Client Setup
  28. Kernel Configuration
  29. OS Protection
  30. Audit Logging
  31. Secure Communication
  32. 6. OpenBSD Station Security
  33. OpenBSD Client Setup
  34. Kernel Configuration
  35. OS Protection
  36. Audit Logging
  37. 7. Mac OS X Station Security
  38. Mac OS X Setup
  39. OS Protection
  40. Audit Logging
  41. 8. Windows Station Security
  42. Windows Client Setup
  43. OS Protection
  44. Audit Logging
  45. Secure Communication
  46. Part III. Access Point Security
  47. 9. Setting Up an Access Point
  48. General Access Point Security
  49. Setting Up a Linux Access Point
  50. Setting Up a FreeBSD Access Point
  51. Setting Up an OpenBSD Access Point
  52. Taking It to the Gateway
  53. Part IV. Gateway Security
  54. 10. Gateway Security
  55. Gateway Architecture
  56. Secure Installation
  57. Firewall Rule Creation
  58. Audit Logging
  59. 11. Building a Linux Gateway
  60. Laying Out the Network
  61. Building the Gateway
  62. Configuring Network Interfaces
  63. Building the Firewall Rules
  64. MAC Address Filtering
  65. DHCP
  66. DNS
  67. Static ARP
  68. Audit Logging
  69. Wrapping Up
  70. 12. Building a FreeBSD Gateway
  71. Building the Gateway
  72. Building the Firewall Rules
  73. Rate Limiting
  74. DHCP
  75. DNS
  76. Static ARP
  77. Auditing
  78. 13. Building an OpenBSD Gateway
  79. Building the Gateway
  80. Building the Firewall Rules
  81. Rate Limiting
  82. DHCP
  83. DNS
  84. Static ARP
  85. Auditing
  86. 14. Authentication and Encryption
  87. Portals
  88. IPsec VPN
  89. 802.1x
  90. 15. Putting It All Together
  91. Pieces of a Coherent System
  92. User Knowledge
  93. Looking Ahead
  94. Index
书名:802.11安全手册(影印版)
作者:Bruce Potter, Bob Fleck
国内出版社:清华大学出版社
出版时间:2003年06月
页数:196
书号:7-302-06534-9
原版书出版商:O'Reilly Media
Bruce Potter
 
Bruce Potter is Manager of Network and Security Operations for the Mass Markets Division of VeriSign.Trained in computer science at the University of Alaska Fair-banks, Bruce served as a senior technologist at Internet Alaska and Cigital prior tohis work at VeriSign. He is founder and President of Capitol Area Wireless Network, a nonprofit based in Washington, DC.CAWNet, an organization of community members and commercial wireless Internet Service Providers (WISPs), is attempting to create a large-scale public wireless network throughout the metro-DC area. In 1999, Bruce founded The Shmoo Group,an ad hoc group of security professionals scattered throughout the world.Bruce’s interests include wireless security, large-scale network architectures, open source software assistance, and promotion of secure software engineering.In his spare time,Bruce enjoys woodworking and listening to the Grateful Dead.
 
 
Bob Fleck
 
Bob Fleck is the Director of Methodology Development at Secure Software, Inc. His discussions on wireless security-related issues have been quoted in major media publications such as CNN and The Wall Street Journal and were presented at the IIS WiFi Forum in early 2002. In addition to his interest in network security, Bob researches and consults on the design and implementation of secure applications.Bob studied computer science at Case Western Reserve University in Cleveland, Ohio, and is a member of CAWNet and The Shmoo Group.
 
 
The animal on the cover of 802.11 Security is an Indian ringnecked parakeet.Indian ringnecked parakeets are native to northern Africa and India, but are kept as pets all over the world.They get their name from the distinct black ring that males develop upon reaching maturity.
Though Indian ringnecked parakeets are usually green, breeders have been able to produce blue, yellow, and albino mutations. Their beaks are dark coral on top and black underneath. The birds can reach between 16 and 20 inches from the top of their heads to the tips of their long tails.
These parakeets are very playful and require a lot of attention when kept in captivity. They can learn to talk and are talented whistlers. When treated well and kept active, they can live up to 30 years.