Free Hacking Wireless Networks for Dummies by Peter T. Kevin.; Davis Beaver
Authors: Peter T. Kevin.; Davis Beaver
Tags: Team DDU
commandment, we don’t mean that you necessarily have to follow every single step of the scientific process, but rather that you adopt some of its principles in your work. Adopting a quasi-scientific process provides some structure and prevents undue chaos (of the sort that can result from a random-walk through your networks).
For our purposes, the scientific process has three steps: 1. Select a goal and develop your plan.
2. Test your networks and systems to address your goals.
3. Persuade your organization to acknowledge your work.
We address the first two steps in previous commandments, so let’s look at the third step here. Your work should garner greater acceptance when you adopt an empirical method. An empirical method has the following attributes: ߜ Set quantifiable goals: The essence of selecting a goal (such as capturing the flag) is that you know when you’ve reached it. You either possess the flag or you don’t. Pick a goal that you can quantify: associating with ten access points, broken encryption keys or a file from an internal server.
Time-quantifiable goals, such as testing your systems to see how they stand up to three days of concerted attack, are also good.
ߜ Tests are consistent and repeatable: If you scan your network twice and get different results each time, this is not consistent. You must provide an explanation for the inconsistency, or the test is invalid. If we repeat your test, will we get the same results? When a test is repeatable or replicable, you can conclude confidently that the same result will occur no matter how many times you replicate it.
ߜ Tests are valid beyond the “now” time frame: When your results are true, your organization will receive your tests with more enthusiasm if you’ve addressed a persistent or permanent problem, rather than a tem-porary or transitory problem.
Thou shalt not covet thy neighbor’s tools
No matter how many tools you may have, you will discover new ones. Wireless hacking tools are rife on the Internet — and more are coming out all the time.
The temptation to grab them all is fierce. Take, for instance, “wardriving” tools.
07_597302_ch02.qxd 8/4/05 7:26 PM Page 25
Chapter 2: The Wireless Hacking Process
25
Early on, your choices of software to use for this “fascinating hobby” were limited. You could download and use Network Stumbler, commonly called NetStumbler, on a Windows platform, or you could use Kismet on Linux. But these days, you have many more choices: Aerosol, Airosniff, Airscanner, APsniff, BSD-Airtools, dstumbler, Gwireless, iStumbler, KisMAC, MacStumbler, MiniStumbler, Mognet, PocketWarrior, pocketWiNc, THC-RUT, THC-Scan, THC-WarDrive, Radiate, WarLinux, Wellenreiter WiStumbler, and Wlandump, to name a few. And those are just the free ones. You also could purchase AirMagnet, Airopeek, Air Sniffer, AP Scanner, NetChaser, Sniff-em, Sniffer Wireless . . . Well you get the idea. Should you have unlimited time and budget, you could use all these tools. But we suggest you pick one tool and stick with it. (We give you a closer look at some from this list in Chapters 9 and 10.) Thou shalt report all thy findings
Should the duration of your test extend beyond a week, you should provide weekly progress updates. People get nervous when they know someone is attempting to break into their networks or systems — and they don’t hear from the people who’ve been authorized to do so.
You should plan to report any high-risk vulnerabilities discovered during testing as soon as they are found. These include
ߜ discovered breaches
ߜ vulnerabilities with known — and high — exploitation rates ߜ vulnerabilities that are exploitable for full, unmonitored, or untraceable access
ߜ vulnerabilities that may put immediate lives at risk
You don’t want someone to exploit a weakness that you knew about and intended to report. This will not make you popular with anyone.
Your report is one way for your organization to
For our purposes, the scientific process has three steps: 1. Select a goal and develop your plan.
2. Test your networks and systems to address your goals.
3. Persuade your organization to acknowledge your work.
We address the first two steps in previous commandments, so let’s look at the third step here. Your work should garner greater acceptance when you adopt an empirical method. An empirical method has the following attributes: ߜ Set quantifiable goals: The essence of selecting a goal (such as capturing the flag) is that you know when you’ve reached it. You either possess the flag or you don’t. Pick a goal that you can quantify: associating with ten access points, broken encryption keys or a file from an internal server.
Time-quantifiable goals, such as testing your systems to see how they stand up to three days of concerted attack, are also good.
ߜ Tests are consistent and repeatable: If you scan your network twice and get different results each time, this is not consistent. You must provide an explanation for the inconsistency, or the test is invalid. If we repeat your test, will we get the same results? When a test is repeatable or replicable, you can conclude confidently that the same result will occur no matter how many times you replicate it.
ߜ Tests are valid beyond the “now” time frame: When your results are true, your organization will receive your tests with more enthusiasm if you’ve addressed a persistent or permanent problem, rather than a tem-porary or transitory problem.
Thou shalt not covet thy neighbor’s tools
No matter how many tools you may have, you will discover new ones. Wireless hacking tools are rife on the Internet — and more are coming out all the time.
The temptation to grab them all is fierce. Take, for instance, “wardriving” tools.
07_597302_ch02.qxd 8/4/05 7:26 PM Page 25
Chapter 2: The Wireless Hacking Process
25
Early on, your choices of software to use for this “fascinating hobby” were limited. You could download and use Network Stumbler, commonly called NetStumbler, on a Windows platform, or you could use Kismet on Linux. But these days, you have many more choices: Aerosol, Airosniff, Airscanner, APsniff, BSD-Airtools, dstumbler, Gwireless, iStumbler, KisMAC, MacStumbler, MiniStumbler, Mognet, PocketWarrior, pocketWiNc, THC-RUT, THC-Scan, THC-WarDrive, Radiate, WarLinux, Wellenreiter WiStumbler, and Wlandump, to name a few. And those are just the free ones. You also could purchase AirMagnet, Airopeek, Air Sniffer, AP Scanner, NetChaser, Sniff-em, Sniffer Wireless . . . Well you get the idea. Should you have unlimited time and budget, you could use all these tools. But we suggest you pick one tool and stick with it. (We give you a closer look at some from this list in Chapters 9 and 10.) Thou shalt report all thy findings
Should the duration of your test extend beyond a week, you should provide weekly progress updates. People get nervous when they know someone is attempting to break into their networks or systems — and they don’t hear from the people who’ve been authorized to do so.
You should plan to report any high-risk vulnerabilities discovered during testing as soon as they are found. These include
ߜ discovered breaches
ߜ vulnerabilities with known — and high — exploitation rates ߜ vulnerabilities that are exploitable for full, unmonitored, or untraceable access
ߜ vulnerabilities that may put immediate lives at risk
You don’t want someone to exploit a weakness that you knew about and intended to report. This will not make you popular with anyone.
Your report is one way for your organization to
Similar Books
Melanie Travis 06 - Hush Puppy
Laurien Berenson
Desert Wind
Betty Webb
Port of Spies
Brian James
Protective Ink (Urban Fantasy)
Misty Simon
Falling Together (All That Remains #2)
S. M. Shade
The Cold Room
Robert Knightly
Eater of souls
Lynda S. Robinson
Thankful
Shelley Shepard Gray
The Chinese Egg
Catherine Storr
Shadow of Doubt
Melissa Gaye Perez