LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices



Closed Thread
 
Search this Thread
Old 02-24-2011, 05:20 AM   #1
gauravm
LQ Newbie
 
Registered: Feb 2011
Posts: 1

Rep: Reputation: 0
Reviewers for Backtrack 5 Wireless Penetration Testing Beginner's Guide


Hi,

We are coming up with a book "Backtrack 5 Wireless Penetration Testing Beginner's Guide". I am looking for people who can do the technical review for this book. If interested please get back to me. My e-mail address is [EMAIL REMOVED BY MODERATOR] (Eliminate the spaces before and after at).

Last edited by win32sux; 02-24-2011 at 07:35 PM.
 
Old 02-24-2011, 08:39 AM   #2
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,791
Blog Entries: 1

Rep: Reputation: 414Reputation: 414Reputation: 414Reputation: 414Reputation: 414
Excuse me, but what exactly is the point of penetration testing a wireless network? You don't need to do pen testing on WEP to know it is not secure and you shouldn't use it. And if you do pen testing on a WEP network, the results won't tell you anything you didn't already know. Its exactly the same with any other encryption method. Really, the only "pen" testing needed on a wireless network is looking at the encryption used and the passphrase (if used), and if it isn't WPA2/EAP, you need to up it.


There, I just wrote your guide for you.
 
Old 02-24-2011, 09:10 AM   #3
orgcandman
Member
 
Registered: May 2002
Location: dracut MA
Distribution: Ubuntu; PNE-LE; LFS (no book)
Posts: 594

Rep: Reputation: 102Reputation: 102
Quote:
Originally Posted by Hangdog42 View Post
Excuse me, but what exactly is the point of penetration testing a wireless network? You don't need to do pen testing on WEP to know it is not secure and you shouldn't use it. And if you do pen testing on a WEP network, the results won't tell you anything you didn't already know. Its exactly the same with any other encryption method. Really, the only "pen" testing needed on a wireless network is looking at the encryption used and the passphrase (if used), and if it isn't WPA2/EAP, you need to up it.


There, I just wrote your guide for you.
Not really - is there a DoS condition that can be implemented? Can someone install a base-station that emulates the same network and steals users 802.1x credentials? What version of EAP are you using - there are known attacks for some (specifically, LEAP is god-awful). Does the infrastructure allow users of a "guest" wireless network to invade "corporate" address space? Any information leakage?

Your "guide" isn't very thorough - not that I'm going to send a random person email over the network seeking info on a BackTrack version that isn't even released.
 
Old 02-24-2011, 09:26 AM   #4
unixfool
Member
 
Registered: May 2005
Location: Northern VA
Distribution: Slackware, Ubuntu, FreeBSD, OpenBSD, OS X
Posts: 781
Blog Entries: 8

Rep: Reputation: 157Reputation: 157
IMO, the OP is soliciting. He's promoting and asking for the security people here to review his work. I've no idea if the book is free or if he's making money from it (probably the latter). Additionally, he's not sharing it out for everyone to take a look and collaborate on the reviewing. IMO, this post isn't particularly cool. One-post-wonder material, too... Also, who is "we"?

For the average user here at LQ, Hangdog42's 'review' would be enough, IMO. Is the average user here at LQ cognizant of possible DoS conditions on his wired LAN??? Probably not....and if that's is indeed the case, the same would probably apply to his wireless segment. Anyone can install a wired router on a wired LAN also (we see it all the time at work)...a wireless base station would be similar.

Basically, none of what you state is real news. Sure, that doesn't make it any less important, but really, the review is about BackTrack and wireless penetration testing, which really has nothing to do with most of what you were hinting at, which is vulnerability assessment...they are different. They sometimes are linked but they are different.

Last edited by unixfool; 02-24-2011 at 09:39 AM.
 
Old 02-24-2011, 01:39 PM   #5
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,791
Blog Entries: 1

Rep: Reputation: 414Reputation: 414Reputation: 414Reputation: 414Reputation: 414
Quote:
Originally Posted by orgcandman
Not really - is there a DoS condition that can be implemented? Can someone install a base-station that emulates the same network and steals users 802.1x credentials? What version of EAP are you using - there are known attacks for some (specifically, LEAP is god-awful). Does the infrastructure allow users of a "guest" wireless network to invade "corporate" address space? Any information leakage?
Those are all valid concerns, but penetration testing doesn't address any of them (well, maybe the LEAP vulnerabilities). I guess what is at the heart of my beef with wireless penetration testing is that wireless attacks generally focus on cracking the underlying encryption algorithms. That means that you can't make some configuration changes to fix the problem, you have to stop using the algorithm all together. This is in stark contrast to something like a PHP web site, where it is very possible to mis-configure php.ini and leave yourself wide open to assault. In that case, pen testing might reveal the mistake prior to it being found by others.

Quote:
Originally Posted by unixfool
IMO, the OP is soliciting. He's promoting and asking for the security people here to review his work. I've no idea if the book is free or if he's making money from it (probably the latter). Additionally, he's not sharing it out for everyone to take a look and collaborate on the reviewing. IMO, this post isn't particularly cool. One-post-wonder material, too... Also, who is "we"?
I fully agree. I was looking to take this off the zero replies list and got a little carried away.
 
Old 02-24-2011, 07:34 PM   #6
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
gauravm, the LQ Job Marketplace is probably the most appropriate place for seeking this kind of help.
 
  


Closed Thread


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
penetration testing on home network nightphreak Linux - Security 5 10-24-2009 02:01 PM
Is penetration testing part of the IT policy where you work? win32sux Linux - Security 14 01-15-2009 04:52 PM
Beginer Penetration Testing Live Cds penguinlinux Linux - Security 3 05-03-2007 10:09 PM
penetration testing, security audit - principles, attitude, steps to follow ddaas Linux - Security 3 04-09-2006 12:56 PM
Ubuntu beginner's guide Tsukasa7 Ubuntu 3 09-02-2005 02:25 AM


All times are GMT -5. The time now is 09:49 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration