Principles of Computer Security: CompTIA Security

Principles of Computer Security: CompTIA Security

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

Wireless Security and Mobile Devices

Chapter 12

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

© 2012

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

Highlights-Ch. 12 • Describe the different wireless systems in use today. • Detail WAP and its security implications. • Identify 802.11’s security issues and possible

solutions.

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

© 2012

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

Key Terms to Review • 2.4 GHz band • 5 GHz band • Beacon frames • Bluejacking • Bluesnarfing • Bluebugging • Confidentiality • Direct-sequence spread

spectrum (DSSS) • IEEE 802.1X • IEEE 802.11 • Initialization vector (IV)

• Orthogonal frequency division multiplexing (OFDM)

• RC4 stream cipher • Service set identifier (SSID) • WAP gap • Wired Equivalent Privacy

(WEP) • Wireless Application Protocol

(WAP) • Wireless Transport Layer

Security (WTLS)

Presenter
Presentation Notes
2.4 GHz band – This is the frequency used by Bluetooth, 802.11 and other personal area networks. 5 GHz band – This is the frequency band used by 802.11a. Beacon frames – An 802.11 management frame for the network that contains several different fields, such as the timestamp and beacon interval, but most importantly, the SSID. Bluejacking – This is a term used for the sending of unauthorized messages to another Bluetooth device. Bluesnarfing – This is like bluejacking, with the exception that an attacker copies off the victim’s information. This can include e-mails, contact lists, calendars, and anything else that exists on that device. Bluebugging – This occurs when an attacker uses Bluetooth to establish a serial connection to a mobile device that allows full control over the phone, including the placing of calls to any number without the phone owner’s knowledge. Confidentiality – This is the ability to keep protected data a secret. Direct-sequence spread spectrum (DSSS) – This is a modulation type that spreads the traffic sent over the entire bandwidth. IEEE 802.1X – This protocol can support a wide variety of authentication methods. IEEE 802.11 – This protocol has been standardized by the IEEE for wireless local area networks (LANs). Orthogonal  frequency division multiplexing (OFDM) – With multiplexes, or separates, the data to be transmitted is broken into smaller chunks based on frequency and then the chunks are transmitted on several subchannels. RC4 stream cipher – It is used to encrypt the data as it is transmitted through the air. Service set identifier (SSID) – This identifies a specific 802.11 wireless network. It transmits information about the access point that the wireless client is connecting to. WAP  gap – This involves confidentiality of information where WAP and TLS encryption standards networks meet. Wired Equivalent Privacy (WEP) – This the encryption scheme used to attempt to provide confidentiality and data integrity on 802.11 networks. Wireless Application Protocol (WAP) – This protocol transmits data to small handheld devices such as cellular phones. Wireless Transport Layer Security (WTLS) – This encryption protocol is used on WAP networks.

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

© 2012

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

Introduction to Wireless Networking

• Wireless networking is the transmission of packetized data by means of a physical topology that does not use direct physical links.

• IEEE 802.11 is a family of protocols that have been standardized by the IEEE for wireless local area networks (LANs).

• Wireless Application Protocol (WAP) was one of the pioneers of mobile data applications.

• Bluetooth is a short-range wireless protocol typically used on small devices such as mobile phones.

Presenter
Presentation Notes
– Three versions are currently in production: 802.11g, 802.11b, and 802.11a, and a fourth standard, 802.11n, has been ratified. – WAP has been overtaken by a variety of protocols pushing us to third-generation (3G) or fourth-generation (4G) mobile networks. The security world ignored wireless for a long time, and then within the space of a few months, it seemed like everyone was attempting to breach the security of wireless networks and transmissions. One reason wireless suddenly found itself to be such a target is that wireless networks are so abundant and so unsecured. – Wireless is particularly problematic from a security standpoint, because there is no control over the physical layer of the traffic.

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

© 2012

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

Summary Table of the 802.11 Family

Presenter
Presentation Notes
Security+

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

© 2012

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

Wireless Transmission Extending Beyond the Facility’s Walls

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

© 2012

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

Mobile Phones

• Traditional wireless devices such as cellular phones and pagers are being replaced by wireless e-mail devices and PDAs.

• Wireless Application Protocol (WAP) attempted to satisfy the needs for more data on mobile devices.

Presenter
Presentation Notes
Almost all current mobile phones have wireless networking features built in. WAP has fallen by the wayside as mobile networks’ capabilities have increased The need for more and more bandwidth has pushed carriers to adopt a more IP-centric routing methodology with technologies such as High Speed Packet Access (HSPA) and Evolution Data Optimized (EVDO). – Mobile phones have ruthlessly advanced with new technologies and services, causing phones and the carrier networks that support them to be described in generations—1G, 2G, 3G, and 4G. 1G refers to the original analog cellular standard, Advanced Mobile Phone System or AMPS. 2G refers to the digital network that superseded it. 3G is the system of mobile networks that is currently being deployed. 4G runs an IP-based system utilizing Voice over IP.

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

© 2012

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

WAP • Wireless Application Protocol (WAP) is a lightweight

protocol designed for mobile devices. • Wireless Transport Layer Security (WTLS) is a

lightweight security protocol designed for WAP. • WTLS uses a modified version of the Transport Layer

Security (TLS) protocol, formerly known as Secure Sockets Layer (SSL) to ensure confidentiality.

• WTLS implements integrity through the use of message authentication codes (MACs).

Presenter
Presentation Notes
– Security+ – Wireless Transport Layer Security (WTLS) encryption scheme, which encrypts the plaintext data and then sends it over the airwaves as ciphertext. – WTLS uses a modified version of the Transport Layer Security (TLS) protocol, formerly known as Secure Sockets Layer (SSL). The WTLS protocol supports several popular bulk encryption algorithms, including Data Encryption Standard (DES), Triple DES (3DES), RC5, and International Data Encryption Algorithm (IDEA). A MAC algorithm generates a one-way hash of the compressed WTLS data. WTLS supports the MD5 and SHA MAC algorithms.

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

© 2012

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

WAP Vulnerabilities • The TLS protocol that WTLS is based on is designed

around Internet-based computers. • Mobile phone clients with low memory or CPU

capabilities cannot support encryption, and choosing null or weak encryption greatly reduces confidentiality.

• WAP is a point-to-multipoint protocol, but it can face disruptions or attacks because it aggregates at well- known points: the cellular antenna towers.

• WAP gap involves confidentiality of information where the two different networks meet, the WAP gateway.

Presenter
Presentation Notes
– Security+ – WTLS acts as the security protocol for the WAP network, and TLS is the standard for the Internet, so the WAP gateway has to perform translation from one encryption standard to the other. This translation forces all messages to be seen by the WAPgateway in plaintext. This is a weak point in the network design, but from an attacker’s perspective, it’s a much more difficult target than the WTLS protocol itself. – The limited nature of mobile devices hampers the ability of the security protocols to operate as intended, compromising any real security to be implemented on WAP networks.

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

© 2012

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

The WAP Gap Shows an Unencrypted Space Between Two Enciphered Connections

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

© 2012

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

3G Mobile Networks • Mobile wireless networks have been or are being

upgraded to 3G, greatly enhancing speed and lowering latency.

• Increased power and memory of handheld devices also reduces the need for lighter-weight encryption protocols.

• The cryptographic standard proposed for 3G is known as KASUMI.

• KASUMI is a modified version of the MISTY1 algorithm uses 64-bit blocks and 128-bit keys.

Presenter
Presentation Notes
– This has reduced the need for lightweight protocols to handle data transmission, and more standard protocols such as IP can be used. – The increased power and memory of the handheld devices also reduce the need for lighter-weight encryption protocols. This has caused the protocols used for 3G mobile devices to build in their own encryption protocols. All the standards include transport layer encryption protocols to secure the voice traffic traveling across the wireless signal as well as the data sent by the device.

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

© 2012

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

Bluetooth • Bluetooth is a short-range (approx. 32 feet), low-power

wireless protocol transmitting in the 2.4 GHz band. • Bluetooth transmits data in Personal Area Networks

(PANs) through mobile phones, laptops, printers, and audio devices.

• Version 1.2 allows speeds up to 721 Kbps and improves resistance to interference over version 1.1.

• Bluetooth 2.0 introduced enhanced data rate (EDR), which allows the transmission of up to 3.0 Mbps.

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

© 2012

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

Bluetooth Headsets

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

© 2012

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

Bluetooth Vulnerabilities • Bluejacking – Term used for the sending of unauthorized

messages to another Bluetooth device. • Bluesnarfing – Execution is similar to bluejacking, however

with bluesnarfing the attacker copies off the victim’s information, which can include e-mails, contact lists, calendar, etc.

• Bluebugging – A far more serious attack than either bluejacking or bluesnarfing. In bluebugging, the attacker uses Bluetooth to establish a serial connection to the device.

Presenter
Presentation Notes
Bluejacking involves setting the message as a phonebook contact. Then the attacker sends the message to the possible recipient via Bluetooth. A popular variant of this is the transmission of “shock” images, featuring disturbing or crude photos. As Bluetooth is a short-range protocol, the attack and victim must be within roughly 10 yards of each other. The victim’s phone must also have Bluetooth enabled and must be in discoverable mode. Bluesnarfing is used to require a laptop with a Bluetooth adapter, making it relatively easy to identify a possible attacker, but bluesnarfing applications are now available for mobile devices. The majority of Bluetooth phones need to be discoverable for the bluesnarf attack to work, but it does not necessarily need to be paired. In theory, an attacker can also brute-force the device’s unique 48-bit name. – Bluebugging allows access to the full AT command set—GSM phones use AT commands similar to Hayes-compatible modems. This connection allows full control over the phone, including the placing of calls to any number without the phone owner’s knowledge. Fortunately, this attack requires pairing of the devices to complete, and phones initially vulnerable to the attack have updated firmware to correct the problem. To accomplish the attack now, the phone owner would need to surrender her phone and allow an attacker to physically establish the connection.

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

© 2012

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

Wireless File Sharing

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

© 2012

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

802.11 • Group of IEEE standards also called Wi-Fi • The table below shows an overview of each

protocol

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

© 2012

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

802.11 Modulation • Direct-sequence spread spectrum (DSSS) is a

modulation type that spreads the traffic sent over the entire bandwidth.

• Orthogonal frequency division multiplexing (OFDM) multiplexes, or separates, the data to be transmitted into smaller chunks and then transmits the chunks on several subchannels.

Presenter
Presentation Notes
– The primary reason that spread-spectrum technology is used in 802.11 protocols is to avoid interference on the public 2.4 GHz and 5 GHz bands. – This use of subchannels is what the “frequency division” portion of the name refers to. Both of these techniques, multiplexing and frequency division, are used to avoid interference. Orthogonal refers to the manner in which the subchannels are assigned, principally to avoid crosstalk, or interference with your own channels.

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

© 2012

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

802.11 Individual Standards • 802.11a is the wireless networking standard that supports

traffic on the 5 GHz band, allowing speeds up to 54 Mbps. • 802.11b protocol provides for multiple-rate Ethernet over 2.4

GHz spread-spectrum wireless. It provides transfer rates of 1 Mbps, 2 Mbps, 5.5 Mbps, and 11 Mbps and uses DSSS.

• Features of 802.11b and 802.11a were joined to create 802.11g, 802.11g allows the faster speeds of the 5 GHz specification on the 2.4 GHz band.

• 802.11n is on the horizon, with many manufacturers shipping devices based upon the draft specification. 802.11n offers speeds up to 248 Mbps.

Presenter
Presentation Notes
– Typical range for 802.11a is roughly 100 yards indoors and 300 yards outdoors, line of sight. 802.11a uses a higher band and has higher bandwidth. It operates in the 5 GHz spectrum using OFDM. Supporting rates of up to 54 Mbps, it is the faster brother of 802.11b; however, the higher frequency used by 802.11a shortens the usable range of the devices and makes it incompatible with 802.11b. The 802.11g standard uses portions of both of the other standards: it uses the 2.4 GHz band for greater range but uses theOFDM transmission method to achieve the faster 54 Mbps data rates.

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

© 2012

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

802.11 Protocol • Authentication is handled in its most basic form by the 802.11 AP,

forcing the clients to perform a handshake when attempting to “associate” to the AP.

• Service set identifier (SSID). The SSID setting should limit access only to the authorized users of the wireless network.

• Beacon Frame is an 802.11 management frame for the network and contains several different fields, such as the timestamp and beacon interval, but most importantly the SSID.

• Wired Equivalent Privacy (WEP) uses the RC4 stream cipher to encrypt the data as it is transmitted through the air.

Presenter
Presentation Notes
The SSID is a phrase based authentication mechanism that helps ensure that you are connecting to the correct AP. WEP has been shown to have an implementation problem that can be exploited to break security. Having physical control of an information asset is critical to its security. Physical access to a machine will enable an attacker to bypass any security measure that has been placed on that machine. Wireless networking takes the keys to the kingdom and tosses them out the window and into the parking lot. A typical wireless installation broadcasts the network right through the physical controls that are in place. An attacker can drive up and have the same access as if he plugged into an Ethernet jack inside the building—in fact, better access, because 802.11 is a shared medium, allowing sniffers to view all packets being sent to or from the AP and all clients. War-driving, war-flying, war-walking, warchalking— all of these terms have been used in security article after security article to describe attacks on wireless networks.

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

© 2012

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

A Common Wireless Router

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

© 2012

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

Attacking 802.11 • Wireless is a popular target for several reasons:

– Access gained from wireless – Lack of default security – Wide proliferation of devices – Anonymity – Low cost

Presenter
Presentation Notes
Anonymity – An attacker can probe your building for wireless access from the street. Then he can log packets to and from the AP without giving any indication that an attempted intrusion is taking place. It gives attackers the ability to seek out and compromise wireless networks with relative impunity. The low cost of the equipment needed. A single wireless access card costing less than $100 can give access to any unsecured AP within driving range. – Attacking a wireless network is relatively easy compared to attacking other target hosts.

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

© 2012

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

Attacking 802.11 • War-driving is driving around with a wireless locater program

recording the number of networks found and their locations. • NetStumbler is a reception-based program that listens to the

beacon frames output by other wireless devices. • The network sniffer when combined with a wireless network card it

can support, is a powerful attack tool. • Wired Equivalent Privacy (WEP) an encryption protocol that 802.11

uses to attempt to ensure confidentiality of wireless communications.

• Site survey an important step in securing a wireless network to avoid sending critical data beyond company walls.

• A rogue access point is an unauthorized wireless access point within an organization.

Presenter
Presentation Notes
– NetStumbler listens for the beacon frames of APs that are within range of the card attached to the NetStumbler computer. When it receives the frames, it logs all available information about the AP for later analysis. Since it listens only to beacon frames, NetStumbler displays only networks that have the SSID broadcast turned on. If the computer has a GPS unit attached to it, the program also logs the AP’s coordinates. This information can be used to return to the AP or to plot maps of APs in a city. -The shared medium of a wireless network exposes all packets to interception and logging. Popular wireless sniffers are Wireshark (formerly Ethereal) and Kismet. Sniffers are also important because they allow you to retrieve the MAC addresses of the nodes of the network. APs can be configured to allow access only to prespecified MAC addresses, and an attacker spoofing the MAC can bypass this feature. -Unfortunately, WEP has turned out to have several problems. WEP’s weaknesses are specifically targeted for attack by the specialized sniffer programs. They work by exploiting weak initialization vectors in the encryption algorithm. WepCrack and AirSnort are two programs used to exploit WEP. -All these tools are used by the wireless attacker to compromise the network. They are also typically used by security professionals when performing wireless site surveys, which identify the existence of a wireless network within the organization -Recurring site surveys are important because wireless technology is cheap and typically comes unsecured in its default configuration. If anyone attaches a wireless AP to your network, you want to know about it immediately -Rogue Access Points can be set up by well-meaning employees or hidden by an attacker with physical access. An attacker might set up a rogue access point if they have a limited amount of physical access to an organization, perhaps by sneaking into the building briefly. The attacker can then set up an AP on the network and, by placing it behind the external firewall or network IDS (NIDS) type of security measures, can attach to the wireless at a later date at their leisure.

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

© 2012

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

Attacking 802.11 (continued) • Service set identifier (SSID) – unique 32-character identifier is

attached to the header of the packet • The purpose of beacon frames is to announce the wireless

network’s presence and capabilities so that WLAN cards can attempt to associate to it.

• MAC address restriction provides limited authentication capability. • WEP encrypts the data traveling across the network with an RC4

stream cipher, attempting to ensure confidentiality.

• WEP should not be trusted alone to provide confidentiality.

Presenter
Presentation Notes
-This unique 32-character identifier is attached to the header of the packet. The SSID is broadcast by default as a network name, but broadcasting of this beacon frame can be disabled. Many APs also use a default SSID; for Cisco APs, this default is tsunami, which may indicate an AP that has not been configured for any security. Renaming the SSID and disabling SSID broadcast are both good ideas; however, because the SSID is part of every frame, these measures should not be considered adequate to secure the network. While the SSID is a good idea in theory, it is sent in plaintext in the packets, so in practice SSID offers little security significance— any sniffer can determine the SSID, and some operating systems, such as Windows XP (see Figure 12.6), will display a list of SSIDs active in the area and prompt the user to choose which one to connect to. From a security perspective, the beacon frame is damaging because it contains the SSID, and this beacon frame is transmitted at a set interval (ten times per second by default). Since a default AP without any other traffic is sending out its SSID in plaintext ten times a second, you can see why the SSID does not provide true authentication. Scanning programs such as NetStumbler work by capturing the beacon frames and thereby the SSIDs of all APs. – The IV is the primary reason for the weaknesses in WEP. The IV is sent in the plaintext part of the message, and because the total keyspace is approximately 16 million keys, the same key will be reused. Once the key has been repeated, an attacker has two ciphertexts encrypted with the same key stream. This allows the attacker to examine the ciphertext and retrieve the key. This means that equipment with an advertised WEP key of 128 bits can be cracked in less than a day, whereas to crack a normal 128-bit key would take roughly 2,000,000,000,000,000,000 years on a computer able to attempt one trillion keys a second

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

© 2012

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

Windows Displaying Access Points

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

© 2012

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

New Security Protocols • Wi-Fi Protected Access (WPA and WPA2 uses 802.1X to

provide authentication and uses Advanced Encryption Standard (AES) as the encryption protocol.

• Temporal Key Integrity Protocol (TKIP) overcomes the WEP key weakness, as a key is used on only one packet.

• 802.1X protocol supports a wide variety of authentication methods and also fits well into existing authentication systems such as RADIUS and LDAP.

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

© 2012

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

Implementing 802.X • Three common methods are used to implement 802.1X: EAP-TLS,

EAPTTLS, and EAP-MD5. • EAP-TLS relies on TLS, an attempt to standardize the SSL structure

to pass credentials. • EAP–Tunneled TLS Protocol (EAPTTLS) – based on EAP-TLS, but

allows the use of legacy authentication protocols such as Password Authentication Protocol (PAP), Challenge-Handshake Authentication Protocol (CHAP), MS-CHAP, or MS-CHAP-V2.

• EAP-MD5 – does improve the authentication of the client to the AP, but does little else to improve the security of your AP.

• The use of encryption should always be employed, typically with WPA or WPA2. Turing off SSID broadcasting can help avoid some scanning. Additionally, regular site surveys will help avoid rogue access points.

Presenter
Presentation Notes
– EAP-TLS uses per-user, per-session dynamically generated WEP keys to help prevent anyone from cracking the WEP keys in use, as each user individually has her own WEP key. The main problem with the EAP-TLS protocol is that it is designed to work only with Microsoft’s Active Directory and Certificate Services; it will not take certificates from other certificate issuers. The EAP-MD5 protocol works by using the MD5 encryption protocol to hash a user’s username and password. This protocol, unfortunately, provides no way for the AP to authenticate with the client, and it does not provide for dynamic WEP key assignment. In the wireless environment, without strong two-way authentication, it is very easy for an attacker to perform a man-in-the-middle attack. The problem of not dynamically generating WEP keys is that it simply opens up the network to the same lack of confidentiality to which a normal AP is vulnerable. An attacker has to wait only for enough traffic to crack the WEP key, and he can then observe all traffic passing through the network. Because the security of wireless LANs has been so problematic, many users have simply switched to a layered security approach—that is, they have moved their Aps to untrustworthy portions of the network and have forced all clients to authenticate through the firewall to a third-party VPN system. – All the security measures of the wired and wireless network can be defeated by the rogue AP. Since the IT department doesn’t know about it, it is an uncontrolled entry point into the network. No matter what kind of rogue AP you are dealing with, the rogue AP must be detected and controlled.

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

© 2012

Principles of Computer Security: CompTIA Security+® and Beyond, Third Edition

Chapter Summary • Describe the different wireless systems in use today. • Detail WAP and its security implications. • Identify 802.11’s security issues and possible

solutions.

  • Wireless Security and Mobile Devices
  • Highlights-Ch. 12
  • Key Terms to Review
  • Introduction to Wireless Networking
  • Summary Table of the 802.11 Family
  • Wireless Transmission Extending Beyond the Facility’s Walls
  • Mobile Phones
  • WAP
  • WAP Vulnerabilities
  • The WAP Gap Shows an Unencrypted Space Between Two Enciphered Connections
  • 3G Mobile Networks
  • Bluetooth
  • Bluetooth Headsets
  • Bluetooth Vulnerabilities
  • Wireless File Sharing
  • 802.11
  • 802.11 Modulation
  • 802.11 Individual Standards
  • 802.11 Protocol
  • A Common Wireless Router
  • Attacking 802.11
  • Attacking 802.11
  • Attacking 802.11 (continued)
  • Windows Displaying Access Points
  • New Security Protocols
  • Implementing 802.X
  • Chapter Summary

Comments are closed.