Building a Pentesting Lab for Wireless Networks

Packt Publishing Limited
  • 1. Auflage
  • |
  • erschienen am 28. März 2016
  • |
  • 264 Seiten
E-Book | ePUB mit Adobe DRM | Systemvoraussetzungen
978-1-78528-606-3 (ISBN)
Build your own secure enterprise or home penetration testing lab to dig into the various hacking techniquesAbout This BookDesign and build an extendable penetration testing lab with wireless access suitable for home and enterprise useFill the lab with various components and customize them according to your own needs and skill levelSecure your lab from unauthorized access and external attacksWho This Book Is ForIf you are a beginner or a security professional who wishes to learn to build a home or enterprise lab environment where you can safely practice penetration testing techniques and improve your hacking skills, then this book is for you. No prior penetration testing experience is required, as the lab environment is suitable for various skill levels and is used for a wide range of techniques from basic to advance. Whether you are brand new to online learning or you are a seasoned expert, you will be able to set up your own hacking playground depending on your tasks.What You Will LearnDetermine your needs and choose the appropriate lab components for themBuild a virtual or hardware lab networkImitate an enterprise network and prepare intentionally vulnerable software and servicesSecure wired and wireless access to your labChoose a penetration testing framework according to your needsArm your own wireless hacking platformGet to know the methods to create a strong defense mechanism for your systemIn DetailStarting with the basics of wireless networking and its associated risks, we will guide you through the stages of creating a penetration testing lab with wireless access and preparing your wireless penetration testing machine.This book will guide you through configuring hardware and virtual network devices, filling the lab network with applications and security solutions, and making it look and work like a real enterprise network. The resulting lab protected with WPA-Enterprise will let you practice most of the attack techniques used in penetration testing projects. Along with a review of penetration testing frameworks, this book is also a detailed manual on preparing a platform for wireless penetration testing. By the end of this book, you will be at the point when you can practice, and research without worrying about your lab environment for every task.Style and approachThis is an easy-to-follow guide full of hands-on examples and recipes. Each topic is explained thoroughly and supplies you with the necessary configuration settings. You can pick the recipes you want to follow depending on the task you need to perform.
  • Englisch
  • Birmingham
  • |
  • Großbritannien
  • Für Beruf und Forschung
978-1-78528-606-3 (9781785286063)
1785286064 (1785286064)
weitere Ausgaben werden ermittelt
Vyacheslav Fadyushin (CISA, CEH, PCI ASV) is a security consultant and a penetration tester with more than 9 years of professional experience and a diverse background in various aspects of information security.
His main points of interest and fields of expertise are ethical hacking and penetration testing, infrastructure and application security, mobile security, and information security management.
He is also an author of the book, Penetration Testing: Setting Up a Test Lab How-to, published by Packt Publishing in 2013. Andrey Popov is a security consultant and penetration tester with rich professional experience and a diverse background in infrastructure and application security, information security management, and ethical hacking. He has been working for a market-leading company along with another security professional since 2007.
  • Cover
  • Copyright
  • Credits
  • About the Authors
  • About the Reviewers
  • Table of Contents
  • Preface
  • Chapter 1: Understanding Wireless Network Security and Risks
  • Understanding wireless environment and threats
  • An overview of wireless technologies
  • An overview of wireless threats
  • Wi-Fi media specifics
  • Common WLAN protection mechanisms and their flaws
  • Hiding SSID
  • MAC filtering
  • WEP
  • WPA/WPA2
  • Pre-shared key mode
  • Enterprise mode
  • WPS
  • Getting familiar with the Wi-Fi attack workflow
  • General Wi-Fi attack methodology
  • The active attacking phase
  • WPA-PSK attacks
  • Enterprise WLAN attacks
  • Summary
  • Chapter 2: Planning Your Lab Environment
  • Understanding what tasks your lab should fulfill
  • Objectives of a lab
  • Lab tasks
  • Network reconnaissance
  • Web application hacking
  • Hacking and researching network services
  • AD hacking
  • DBMS hacking
  • Network layer attacks
  • Wi-Fi penetration testing
  • Planning the network topology
  • Choosing appropriate components
  • Network devices
  • Server and workstation components
  • Planning lab security
  • Access control
  • Integrated security mechanisms
  • Security solutions
  • Security hints
  • Summary
  • Chapter 3: Configuring Networking Lab Components
  • General lab network communication rules
  • Configuring hardware wired devices
  • Preparing the console connection on Windows
  • Core switch
  • Initial configuration
  • Configuring interfaces and VLANs
  • Hardening the core switch
  • Configuring subinterfaces and subnets
  • Configuring auxiliary services
  • Basic gateway hardening
  • Configuring virtual wired network devices
  • Network virtualization platform
  • Software installation
  • Initial configuration
  • Network topology implementation
  • Switch
  • Gateway
  • Virtual host emulation
  • Wireless hardware devices
  • Configuring WLANs
  • Guest WLAN
  • Preparing the hardware access point
  • Summary
  • Chapter 4: Designing Application Lab Components
  • Planning services
  • Creating virtual servers and workstations
  • VirtualBox overview and installation
  • Creating virtual machines
  • Configuring network settings of lab components
  • Installing and configuring domain services
  • Creating a domain
  • Creating users
  • Adding hosts to the domain
  • Certification authority services
  • Creating a root certificate
  • Creating a working certificate
  • Installing a root certificate
  • Installing a remote management service
  • Corporative e-mail service
  • Configuring a DNS server
  • Installing and configuring hMailServer
  • Installing vulnerable services
  • Installing web applications
  • Preparing a web server
  • WebGoat
  • DVWA
  • Liferay Portal
  • Metasploitable
  • Vulnerable VoIP server
  • Summary
  • Chapter 5: Implementing Security
  • Network-based security solutions
  • Configuring network access control
  • Isolating external and guest networks
  • Isolating internal VLANs
  • Securing wireless access
  • Preparing the RADIUS server
  • Preparing the certificates
  • Configuring RADIUS
  • Configuring the access point
  • Configuring the WLAN client
  • Installing a network intrusion detection system
  • Activating SPAN
  • Snort
  • Host-based security solutions
  • Workstation security
  • EMET
  • HIPS
  • Web application firewall
  • ClamAV
  • Installing
  • Configuring
  • Usage and integration with the mail server
  • Installing
  • Configuring
  • Connecting OSSEC agents
  • SIEM
  • Installing
  • Configuration wizard
  • Configuring HIDS
  • Summary
  • Chapter 6: Exploring Hacking Toolkits
  • Wireless hacking tools
  • Aircrack-ng
  • Content
  • Exercise
  • Mana
  • Exercise
  • Infrastructure hacking tools
  • Nmap
  • Scripting engine
  • Example
  • Ettercap
  • Exercise
  • Metasploit Framework
  • Meterpreter
  • Example
  • Armitage
  • Veil-Evasion framework
  • Cracking tools
  • John The Ripper
  • Example
  • Hashcat
  • Example
  • Web application hacking tools
  • Burp Suite
  • Example
  • Summary
  • Chapter 7: Preparing a Wireless Penetration Testing Platform
  • Common variants of the pentesting platform
  • Choosing an interface
  • Installing the necessary software
  • Preparing configs and scripts
  • Standalone Hostapd-based APs
  • Automating the AP setup
  • Configuration for WPE-Enterprise
  • Preparing a Kali USB stick
  • Creating a USB stick under Windows
  • Creating a USB stick under Linux
  • Making an encrypted persistent partition
  • Summary
  • Chapter 8 : What's Next?
  • What you can learn
  • Infrastructure penetration testing
  • Web application and web-services hacking
  • Mobile security
  • IoT
  • Courses and certificates
  • EC-Council security track
  • Offensive Security trainings
  • GIAC
  • Pentesting standards
  • Information sources
  • Summary
  • Index

Dateiformat: EPUB
Kopierschutz: Adobe-DRM (Digital Rights Management)


Computer (Windows; MacOS X; Linux): Installieren Sie bereits vor dem Download die kostenlose Software Adobe Digital Editions (siehe E-Book Hilfe).

Tablet/Smartphone (Android; iOS): Installieren Sie bereits vor dem Download die kostenlose App Adobe Digital Editions (siehe E-Book Hilfe).

E-Book-Reader: Bookeen, Kobo, Pocketbook, Sony, Tolino u.v.a.m. (nicht Kindle)

Das Dateiformat EPUB ist sehr gut für Romane und Sachbücher geeignet - also für "fließenden" Text ohne komplexes Layout. Bei E-Readern oder Smartphones passt sich der Zeilen- und Seitenumbruch automatisch den kleinen Displays an. Mit Adobe-DRM wird hier ein "harter" Kopierschutz verwendet. Wenn die notwendigen Voraussetzungen nicht vorliegen, können Sie das E-Book leider nicht öffnen. Daher müssen Sie bereits vor dem Download Ihre Lese-Hardware vorbereiten.

Weitere Informationen finden Sie in unserer E-Book Hilfe.

Download (sofort verfügbar)

35,85 €
inkl. 19% MwSt.
Download / Einzel-Lizenz
ePUB mit Adobe DRM
siehe Systemvoraussetzungen
E-Book bestellen

Unsere Web-Seiten verwenden Cookies. Mit der Nutzung dieser Web-Seiten erklären Sie sich damit einverstanden. Mehr Informationen finden Sie in unserem Datenschutzhinweis. Ok