Kevin Beaver - Hacking Wireless Networks For Dummies

01_597302 _ffirs.qxd 8/4/05 7:08 PM Page i HackingWireless Networks FOR DUMmIES by Kevin Beaver and Peter T. DavisForeword by Devin K. Akin Chief Technology Officer, The Certified Wireless Network Professional (CWNP) Program 01_597302 _ffirs.qxd 8/4/05 7:08 PM Page i 01_597302 _ffirs.qxd 8/4/05 7:08 PM Page i HackingWireless Networks FOR DUMmIES by Kevin Beaver and Peter T. DavisForeword by Devin K. Akin Chief Technology Officer, The Certified Wireless Network Professional (CWNP) Program 01_597302 _ffirs.qxd 8/4/05 7:08 PM Page ii Hacking Wireless Networks For Dummies Published by Wiley Publishing, Inc. 111 River Street Hoboken, NJ 07030-5774 www.wiley.com Copyright 2005 by Wiley Publishing, Inc., Indianapolis, Indiana Published by Wiley Publishing, Inc., Indianapolis, Indiana Published simultaneously in Canada No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permit-ted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Trademarks: Wiley, the Wiley Publishing logo, For Dummies, the Dummies Man logo, A Reference for the Rest of Us!, The Dummies Way, Dummies Daily, The Fun and Easy Way, Dummies.com, and related trade dress are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates in the United States and other countries, and may not be used without written permission. and/or its affiliates in the United States and other countries, and may not be used without written permission.

All other trademarks are the property of their respective owners. Wiley Publishing, Inc., is not associated with any product or vendor mentioned in this book. LIMIT OF LIABILITY/DISCLAIMER OF WARRANTY: THE PUBLISHER AND THE AUTHOR MAKE NO REPRESENTATIONS OR WARRANTIES WITH RESPECT TO THE ACCURACY OR COMPLETENESS OF THE CONTENTS OF THIS WORK AND SPECIFICALLY DISCLAIM ALL WARRANTIES, INCLUDING WITHOUTLIMITATION WARRANTIES OF FITNESS FOR A PARTICULAR PURPOSE. NO WARRANTY MAY BE CREATED OR EXTENDED BY SALES OR PROMOTIONAL MATERIALS. THE ADVICE AND STRATEGIES CONTAINED HEREIN MAY NOT BE SUITABLE FOR EVERY SITUATION. THIS WORK IS SOLD WITH THEUNDERSTANDING THAT THE PUBLISHER IS NOT ENGAGED IN RENDERING LEGAL, ACCOUNTING, OROTHER PROFESSIONAL SERVICES.

IF PROFESSIONAL ASSISTANCE IS REQUIRED, THE SERVICES OF ACOMPETENT PROFESSIONAL PERSON SHOULD BE SOUGHT. NEITHER THE PUBLISHER NOR THEAUTHOR SHALL BE LIABLE FOR DAMAGES ARISING HEREFROM. THE FACT THAT AN ORGANIZATIONOR WEBSITE IS REFERRED TO IN THIS WORK AS A CITATION AND/OR A POTENTIAL SOURCE OF FURTHER INFORMATION DOES NOT MEAN THAT THE AUTHOR OR THE PUBLISHER ENDORSES THE INFORMATION THE ORGANIZATION OR WEBSITE MAY PROVIDE OR RECOMMENDATIONS IT MAY MAKE.FURTHER, READERS SHOULD BE AWARE THAT INTERNET WEBSITES LISTED IN THIS WORK MAY HAVECHANGED OR DISAPPEARED BETWEEN WHEN THIS WORK WAS WRITTEN AND WHEN IT IS READ. For general information on our other products and services, please contact our Customer Care Department within the U.S. at 800-762-2974, outside the U.S. at 317-572-3993, or fax 317-572-4002. For technical support, please visit www.wiley.com/techsupport.

Wiley also publishes its books in a variety of electronic formats. Some content that appears in print may not be available in electronic books. Library of Congress Control Number: 2005924619 ISBN-13: 978-0-7645-9730-5 ISBN-10: 0-7645-9730-2 Manufactured in the United States of America 10 9 8 7 6 5 4 3 2 1 1O/ST/QY/QV/IN 01_597302 _ffirs.qxd 8/4/05 7:08 PM Page iii About the Authors Kevin Beaver is founder and information security advisor with Principle Logic, LLC, an Atlanta-based information-security services firm. He has over 17 years of experience in the IT industry and specializes in information security assessments for those who take security seriously and incident response for those who dont. Before starting his own information-security services business, Kevin served in various information-technology and security roles for several healthcare, e-commerce, financial, and educational institutions. Kevin is author of Hacking For Dummies as well as the e-book The DefinitiveGuide to Email Management and Security (Realtimepublishers.com).

In addition, Kevin co-authored The Practical Guide to HIPAA Privacy and SecurityCompliance (Auerbach Publications). He was also a contributing author and editor of Healthcare Information Systems, 2nd ed., (Auerbach Publications), and technical editor of Network Security For Dummies. Kevin is a regular columnist and information-security expert for SearchSecurity. com, SearchWindowsSecurity.com, SearchNetworking.com, SearchExchange. com, and SearchSmallBizIT.com. He also serves as a contributing editor for HCPros Briefings on HIPAA newsletter and is a Security Clinic Expert for ITsecurity.com.

In addition, Kevins information-security work has been published in Information Security Magazine, SecurityFocus.com, and Computerworld.com. Kevin is an information-security instructor for the Southeast Cybercrime Institute, and frequently speaks on information security at various conferences for CSI, TechTarget, IIA, SecureWorld Expo, and the Cybercrime Summit. Kevin earned his bachelors degree in Computer Engineering Technology from Southern Polytechnic State University and his masters degree in Management of Technology from Georgia Tech. He also holds MCSE, Master CNE, and IT Project+ certifications. Kevin can be reached at kbeaver@principlelogic.com. Peter T.

Davis (CISA, CMA, CISSP, CWNA, CCNA, CMC, CISM) founded Peter Davis+Associates (a very original name) as a firm specializing in the security, audit, and control of information. A 30-year information-systems veteran, Mr. Daviss career includes positions as programmer, systems analyst, security administrator, security planner, information-systems auditor, and consultant. Peter is also the founder (and past President) of the Toronto ISSA chapter, past Recording Secretary of the ISSAs International Board, and past Computer Security Institute Advisory Committee member. Mr. Davis has written or co-written numerous articles and 10 books, including Wireless Networks ForDummies and Securing and Controlling Cisco Routers.

In addition, Peter was 01_597302 _ffirs.qxd 8/4/05 7:08 PM Page iv the technical editor for Hacking For Dummies and Norton Internet SecurityFor Dummies. Peter is listed in the International Whos Who of Professionals. In addition, he was only the third editor in the three-decade history of EDPACS, a publication in the field of security, audit, and control. He finds time to be a part-time lecturer in data communications at Seneca College (http://cs.senecac.on.ca). He lives with his wife Janet, daughter Kelly, two cats, and a dog in Toronto, Ontario. Dedication Little G this ones for you.

Youre such a great motivator and inspiration to me more than words can say. Thanks for reminding me of whats really important. Thanks for being you. Kevin To all my friends and enemies. Hopefully, the first group is bigger than the second. Peter Authors Acknowledgments Kevin: Thanks to Melody Layne, our acquisitions editor, for approaching me about this project and getting the ball rolling.