Henry Dalziel | General Hacking Posts, Hacker Hotshots, Pentesting Tools | March 24, 2013
Wireless security and BYOD share a similar space of both being growth technologies and subject areas that are in the constant cross hairs of security concerns.
We have a great presentation from Aamir Lakhani on BYOD – Bring Your Own Disaster – but this post is going to focus on wireless security and how you can become an expert on the subject.
How do I become a wireless security expert?
Wireless technology, including but not limited to WiFi, Bluetooth/ Low Energy and DECT, DECT ULE etc are increasingly popular wireless platforms but they all represent unique security problems and hacking opportunities. To become a wireless security expert and to market yourself as such you need to have a comprehensive understanding of all wireless technologies. Thinking like an attacker is always a good philosophy to have when learning new infosec skills and wireless security, of course, is no different. Understanding advanced persistent wireless threats, exploits, vulnerabilities will allow the individual to deploy defensive tactics.
Learn the tools!
We blogged about our favorite wireless pentesting tools so we don’t need to list them all here but you must become confident with using the tools and security suites – wireshark, the airmon-ng suite and more specific tools like Reaver are essential to your skillset. Learning how to effectively use the tools will facilitate necessary techniques to attack and defend wireless technologies. WEP, WPA and WPA2 are not the only technologies! There are others such as PEAP, WiMAX and TTLS and you must learn those!
Wireless security training
Training certainly helps reinforce wireless ethical hacking techniques. We ran
run a popular course titled: “How To Exploit Wireless Networks Using Multiple Attack Methodologies” with our own very excellent instructor Jonathan Walker. Our course teaches information security professionals a simple step-by-step processes on how to exploit, crack, and secure wireless networks. The learning objectives of our course includes, how to exploit wireless networks using multiple attack methodologies, the different methods to gain access to secured wireless networks and importantly: how to secure your company’s wireless networks using multiple layers of protection. Jonathan also explains how to specifically exploit the vulnerabilities in the IEEE 802.11(WiFi) standards and how a hacker can gain access to virtually any wireless network.
If you want to become a wireless security expert, we recommend you educate yourself and then, if you can, attend training. Using the assessment and analysis techniques that wireless tools excel at will allow you to identify the threats that expose wireless technology. Training will build on your knowledge to further harden defensive strategies for your employer that can be used to better protect wireless systems.