Using Scanners to Monitor Radios during Penetration Tests
By Matthew Neely, Alex Hamerstone, Chris Sanyk
Publisher: Elsevier / Syngress
Released: December 2012
In many penetration tests, there is a lot of useful information to be gathered from the radios used by organizations. These radios can include two-way radios used by guards, wireless headsets, cordless phones and wireless cameras. Wireless Reconnaissance in Penetration Testing describes the many ways that a penetration tester can gather and apply the information available from radio traffic. Stopping attacks means thinking like an attacker, and understanding all the ways that attackers gather information, or in industry terms profile, specific targets. With information from what equipment to use and how to find frequency information, to tips for reducing radio information leakage, to actual case studies describing how this information can be used to attack computer systems, this book is the go-to resource for penetration testing and radio profiling.
Author Matthew Neely is a respected and well-known expert and speaker on radio reconnaissance and penetration testing
Includes real-world case studies of actual penetration tests using radio profiling
Covers data leakage, frequency, attacks, and information gathering
Comments about oreilly Wireless Reconnaissance in Penetration Testing:
When someone says the word "wireless", 99.9% of the audience thinks at the Wireless Networking Technologies (802.11 family). Very few think to the Bluetooth. Even fewer people think to all the other technologies that use wireless technology to work, such as cordless phone, guard radios, headsets, wireless camera etc. This book embrace the last point of view.
The first chapter provides basic information and motivation for Wireless Profiling.
The chapter 2 provides the reader with all the information she needs to be able to understand the wireless technology and it's usage.
Chapters 3 to 7 teach to the reader how the Wireless Penetration works.
Chapter 8 brings up a case study that is really interesting.
Chapter 9 gives information about the new technologies and how to use them.
A thing that I appreciated a lot, is that the authors really make it clear to always remember laws and RoE (Rules of Engagement) and to always check that what you are doing is complaint with both.
I would suggest this book to anyone interested in the Penetration Testing and in the Wireless technology. In this book you'll find a lot of really useful tools and rules that are applicable in any kind of penetration testing.
Disclaimer: I received a free electronic copy of this book as part of the O'Reilly Blogger Program
Bottom Line Yes, I would recommend this to a friend