Hacking Exposed Wireless is the latest edition in the esteemed "Hacking Exposed" series. In my opinion, McGraw-Hill Osborne Media's "Hacking Exposed" series are excellent resources. The authors know what they are talking about and they use real-world case studies to illustrate the concepts. The Hacking Exposed Wireless authors continue that tradition in exemplary fashion. Author Johnny Cache (alias for John Ellch) has gained acceptance as a wireless security guru by finding flaws in the Broadcom Wi-Fi driver and the Apple Wi-Fi driver. Author Vincent Liu is part owner of an IT services firm, which provides security consulting to several Fortune 500 companies, as well as a former security analyst for the US National Security Agency (NSA).The book's contents as listed on the back cover:
"Defend against the latest pervasive and devastating wireless attacks using the tactical security information contained in this comprehensive volume. Hacking Exposed Wireless reveals how hackers zero in on susceptible networks and peripherals, gain access, and execute debilitating attacks. Find out how to plug security holes in Wi-Fi/802.11 and Bluetooth systems and devices. You'll also learn how to launch wireless exploits from Metasploit, employ bulletproof authentication and encryption, and sidestep insecure wireless hotspots. The book includes vital details on new, previously unpublished attacks alongside real-world countermeasures."Positive Points:
- The book introduces recently-surfaced technologies and attack venues and methods for defending against them.
- RF concepts can be somewhat nebulous for many network administrators with traditional IT backgrounds. Hacking Exposed Wireless helps in this regard by offering understandable explanations of RF transmission theory.
- The book can be considered a one-stop reference on how to enumerate, identify and attack wireless networks.
- There is an extensive discussion of Bluetooth exploits and countermeasures.
- Several real-life case studies illustrate various attacks and defense tactics.
- Experienced Wi-Fi administrators may consider most of this book a restatement of existing material-almost a beginner's manual.
- The first negative point is especially apparent in the wireless network defense section. This section is a rehash of material that experienced administrators are likely to know.
This book does a good job explaining wireless attacks and the fundamentals needed to carry them out. Understanding these fundamentals is critical-as per the IT adage "you must understand the attack, before you can defend against it". The book also provides in-depth explanations of wireless network defense methods. Administrators who aren't extremely familiar with concepts like 802.1X/EAP or 802.11i should find Hacking Exposed Wireless an excellent security resource. The fact that this book is the most up to date compilation of Wi-Fi security is enough reason to make it a worthy addition to your library.