Computing Reviews
Today's Issue Hot Topics Search Browse Recommended My Account Log In
Review Help
Search
Wireless reconnaissance in penetration testing
Neely M., Hamerstone A., Sanyk C., Syngress Publishing, Amsterdam, the Netherlands, 2012. 226 pp. Type: Book (978-1-597497-31-2)
Date Reviewed: Jul 22 2013

The title of this book is somewhat misleading. Here, wireless reconnaissance is not about Wi-Fi, and penetration testing is not about hacking computer systems. Instead, the book is about listening to the wireless communications of police, emergency, and security guards to facilitate the penetration of physical facilities.

Organizations are coming to understand that wireless data networks are much more difficult to protect than cabled networks, and that seemingly unconnected systems may still be communicating wirelessly. But there are other wireless communications that matter and carry risks. The main goal of the book is to uncover these risks. It touches on Wi-Fi and Bluetooth communications occasionally.

The authors take readers into the complex, ever-changing world of radio and other wireless communications, covering aspects such as frequencies, antennas, and modulation. Do not worry if these are unfamiliar, because the authors explain everything readers need to know.

The methodology that is presented sounds familiar enough. First, do your homework; collect intelligence about the target, such as determining what wireless communication systems may be in place. Second, try to verify the data, using any of a wide range of equipment for that purpose. Finally, collect data, with the right tools. Radio communication is shown to provide very valuable data for a social engineering-aided intrusion of the target facilities, although it may also have value on its own.

Once the team is inside a facility, more classical hacking knowledge and tools are quite successful, since the attack team can connect from inside the network. Physical access to target systems does tend to facilitate hacking rather dramatically.

Understanding the enemy is a big win for the defender. The authors explain in depth the scope of what is out there, how it works, and the tools available, illustrated with practical tips and case studies. The book contains everything someone would need to know to understand how to break into an organization’s wireless communication system, and makes the risk related to these systems explicit and clear. The brief digital enhanced cordless telecommunications (DECT) discussion convincingly makes a point, again, in this context: the security of systems must be proven, not assumed, regardless of the source.

The book includes plenty of detail and offers convincing evidence that there is a neglected risk related to wireless communication. The vulnerabilities are there, as are the tools to find and exploit them, and the result is rewarding. Means, motive, and opportunity: that should set off a few alarms.

More reviews about this item: Amazon

Reviewer:  A. Mariën Review #: CR141382 (1310-0856)
Bookmark and Share
  Featured Reviewer  
 
Wireless Communication (C.2.1 ... )
 
 
Unauthorized Access (K.6.5 ... )
 
 
Security and Protection (K.6.5 )
 
Would you recommend this review?
yes
no
Other reviews under "Wireless Communication": Date
Mobile power management for wireless communication networks
Rulnick J., Bambos N. Wireless Networks 3(1): 3-14, 1997. Type: Article
Aug 1 1998
New call blocking versus handoff blocking in cellular networks
Sidi M., Starobinski D. Wireless Networks 3(1): 15-27, 1997. Type: Article
Sep 1 1998
The wireless Net
Fowler D. netWorker: The Craft of Network Computing 1(2): 24-34, 1997. Type: Article
Sep 1 1998
more...

E-Mail This Printer-Friendly
Send Your Comments
Contact Us
Reproduction in whole or in part without permission is prohibited.   Copyright 1999-2024 ThinkLoud®
Terms of Use
| Privacy Policy