After the initial thrill of setting up your own wireless network is gone, you try looking into the ways of making it more secure. Common sense tells you that following the manuals on securing the network widely available on the Internet should help, but what if your responsibilities include managing an array of enterprise-level WLANs? Moreover, what if you want to understand the internals and perhaps code your own tools in the future instead of following the “point and click” or “enter this command” paradigm?
Authors: Jon Edney and William Arbaugh
Publisher: Addison Wesley Professional
Available for download sample chapter 8 – “Access Control: IEEE 802.1X, EAP, and RADIUS”.
About the authors
Jon Edney specializes in wireless networking and is a key contributor to the development of IEEE 802.11 systems. As a member of the technology consultancy Symbionics Networks, he deployed the first low-cost 802.11 designs. In 1996, Edney cofounded InTalk, Inc., the first IEEE 802.11 company to develop WLAN access points. After InTalk was acquired by Nokia Corporation, he focused on the application of Wi-Fi to public access networks. He is an active member of the IEEE 802.11 TGi security group.
William A. Arbaugh is an assistant professor of computer science at the University of Maryland in College Park, where he conducts research in information systems security. Arbaugh served as a senior computer scientist for the National Security Agency´s Office of Research and Technology, and then as senior technical advisor for the Office of Advanced Network Programs. He has many publications to his credit and has delivered papers at security-related conferences such as IEEE, SANS, USENIX, and Comdex.
One thing you can do is read the spec on 802.1x and 802.11. Few people would call this reading fun, but it is essential for anyone involved in developing hardware and software that is supposed to be compliant with new security protocols. Another choice would be to turn to a book written by someone who knows the matter well, and absorb their knowledge, accompanied by examples and analogies for easier understanding. Real 802.11 Security is that kind of book.
This book is definitely not for the beginners. The first few chapters might create an impression that this title is targeted for the introductory market, but it´s not – chapters 1 through are a rehash of basic security principles with special attention paid to the wireless networks, which tend to introduce different hacking scenarios and attract people for different reasons, than wired Ethernets. Anyone who has been in the field long enough can quickly skim through the first part of the book, although the chapters are easy to read, the information is clearly presented, and it does bring up some important considerations in designing wireless security.
Chapters 5 -13 (Part 2) are the core chapters of Real 802.11 Security and they mainly focus on protocols and technologies, one per chapter. The information in these chapters is highly technical and sometimes overwhelming and dry, which is a contrast from the introductory part. This part would almost read like a spec or whitepaper coming from IEEE, except authors do try to make the best effort to supplement the information with interesting real-world facts. For example, in Chapter 8, which deals with 802.1X, EAP and RADIUS, the authors discuss how the drafts for new standards become RFCs (and that´s not just something they have read up or heard from a friend – one of the authors, Jon Edney, participated in 802.11 development and later co-founded the first company to produce WLAN access points).
The third part is more of a collection of chapters that did not fit anywhere else. The “real-world” part deals with the deployment of wireless technologies. The authors go into details of public wireless hotspots in Chapter 14, but the material described there is mostly theoretical, things to consider on deploying a public wireless hotspot and how to secure the network while providing unrestricted access to those who want to use it. I wish this chapter would contain more information on real-world scenario, like setting up a wireless hotspot with some widely available hardware, but the authors never move beyond theoretical description and pro-and-cons analysis.
The subsequent chapters are a bit more practical dealing with the examples of known attacks (Chapter 15) and software tools used to implement those attacks (Chapter 16). Chapter 17 gets really practical by detailing step-by-step instructions on building a wireless infrastructure using existing open source tools (OpenSSL and FreeRADIUS in the authors´ example). Starting from page 374 in the same chapter the authors actually build an open-source access point, using laptop for hardware and Linux/BSD for software.
Overall the book presents a pretty good source of reference, although one can´t help but wish there would be more practical information. The authors discuss the protocols, but the common exploits for those don´t enter the picture until later chapters, where the software tools are discussed. This is a very useful book for someone trying to learn wireless security from the ground up, and learn the protocol inner workings. However, for real-world wireless security implementation look to the other titles, like Wi-Foo from the same publisher.