Hacking Wireless Networks For Dummies

Hacking

Wireless Networks

FOR

DUMmIES‰

by Kevin Beaver and Peter T. Davis

Foreword by Devin K. Akin

Chief Technology Officer,

The Certified Wireless Network Professional (CWNP) Program

Hacking

Wireless Networks

FOR

DUMmIES‰

by Kevin Beaver and Peter T. Davis

Foreword by Devin K. Akin

Chief Technology Officer,

The Certified Wireless Network Professional (CWNP) Program

Hacking Wireless Networks For Dummies®

Published by

Wiley Publishing, Inc.

111 River Street Hoboken, NJ 07030-5774

www.wiley.com

Copyright © 2005 by Wiley Publishing, Inc., Indianapolis, Indiana

Published by Wiley Publishing, Inc., Indianapolis, Indiana

Published simultaneously in Canada

No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permission should be addressed to the Legal Department, Wiley Publishing, Inc., 10475 Crosspoint Blvd., Indianapolis, IN 46256, (317) 572-3447, fax (317) 572-4355, or online at http://www.wiley.com/go/permissions.

Trademarks: Wiley, the Wiley Publishing logo, For Dummies, the Dummies Man logo, A Reference for the Rest of Us!, The Dummies Way, Dummies Daily, The Fun and Easy Way, Dummies.com, and related trade dress are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates in the United States and other countries, and may not be used without written permission. All other trademarks are the property of their respective owners. Wiley Publishing, Inc., is not associated with any product or vendor mentioned in this book.

LIMIT OF LIABILITY/DISCLAIMER OF WARRANTY: THE PUBLISHER AND THE AUTHOR MAKE NO REPRESENTATIONS OR WARRANTIES WITH RESPECT TO THE ACCURACY OR COMPLETENESS OF THE CONTENTS OF THIS WORK AND SPECIFICALLY DISCLAIM ALL WARRANTIES, INCLUDING WITHOUT LIMITATION WARRANTIES OF FITNESS FOR A PARTICULAR PURPOSE. NO WARRANTY MAY BE CREATED OR EXTENDED BY SALES OR PROMOTIONAL MATERIALS. THE ADVICE AND STRATEGIES CONTAINED HEREIN MAY NOT BE SUITABLE FOR EVERY SITUATION. THIS WORK IS SOLD WITH THE UNDERSTANDING THAT THE PUBLISHER IS NOT ENGAGED IN RENDERING LEGAL, ACCOUNTING, OR OTHER PROFESSIONAL SERVICES. IF PROFESSIONAL ASSISTANCE IS REQUIRED, THE SERVICES OF A COMPETENT PROFESSIONAL PERSON SHOULD BE SOUGHT. NEITHER THE PUBLISHER NOR THE AUTHOR SHALL BE LIABLE FOR DAMAGES ARISING HEREFROM. THE FACT THAT AN ORGANIZATION OR WEBSITE IS REFERRED TO IN THIS WORK AS A CITATION AND/OR A POTENTIAL SOURCE OF FURTHER INFORMATION DOES NOT MEAN THAT THE AUTHOR OR THE PUBLISHER ENDORSES THE INFORMATION THE ORGANIZATION OR WEBSITE MAY PROVIDE OR RECOMMENDATIONS IT MAY MAKE. FURTHER, READERS SHOULD BE AWARE THAT INTERNET WEBSITES LISTED IN THIS WORK MAY HAVE CHANGED OR DISAPPEARED BETWEEN WHEN THIS WORK WAS WRITTEN AND WHEN IT IS READ.

For general information on our other products and services, please contact our Customer Care Department within the U.S. at 800-762-2974, outside the U.S. at 317-572-3993, or fax 317-572-4002.

For technical support, please visit www.wiley.com/techsupport.

Wiley also publishes its books in a variety of electronic formats. Some content that appears in print may not be available in electronic books.

Library of Congress Control Number: 2005924619

ISBN-13: 978-0-7645-9730-5

ISBN-10: 0-7645-9730-2

Manufactured in the United States of America

10 9 8 7 6 5 4 3 2 1

1O/ST/QY/QV/IN

About the Authors

Kevin Beaver is founder and information security advisor with Principle Logic, LLC, an Atlanta-based information-security services firm. He has over 17 years of experience in the IT industry and specializes in information security assessments for those who take security seriously — and incident response for those who don’t. Before starting his own information-security services business, Kevin served in various information-technology and security roles for several healthcare, e-commerce, financial, and educational institutions.

Kevin is author of Hacking For Dummies as well as the e-book The Definitive Guide to Email Management and Security (Realtimepublishers.com). In addition, Kevin co-authored The Practical Guide to HIPAA Privacy and Security Compliance (Auerbach Publications). He was also a contributing author and editor of Healthcare Information Systems, 2nd ed., (Auerbach Publications), and technical editor of Network Security For Dummies.

Kevin is a regular columnist and information-security expert for SearchSecurity. com, SearchWindowsSecurity.com, SearchNetworking.com, SearchExchange. com, and SearchSmallBizIT.com. He also serves as a contributing editor

for HCPro’s Briefings on HIPAA newsletter and is a Security Clinic Expert for ITsecurity.com. In addition, Kevin’s information-security work has been published in Information Security Magazine, SecurityFocus.com, and Computerworld.com. Kevin is an information-security instructor for the Southeast Cybercrime Institute, and frequently speaks on information

security at various conferences for CSI, TechTarget, IIA, SecureWorld Expo, and the Cybercrime Summit.

Kevin earned his bachelor’s degree in Computer Engineering Technology from Southern Polytechnic State University and his master’s degree in Management of Technology from Georgia Tech. He also holds MCSE, Master CNE, and IT Project+ certifications. Kevin can be reached at kbeaver@principlelogic.com.

Peter T. Davis (CISA, CMA, CISSP, CWNA, CCNA, CMC, CISM) founded Peter Davis+Associates (a very original name) as a firm specializing in the security, audit, and control of information. A 30-year information-systems veteran,

Mr. Davis’s career includes positions as programmer, systems analyst, security administrator, security planner, information-systems auditor, and consultant. Peter is also the founder (and past President) of the Toronto ISSA chapter, past Recording Secretary of the ISSA’s International Board, and past Computer Security Institute Advisory Committee member. Mr. Davis has written or co-written numerous articles and 10 books, including Wireless Networks For Dummies and Securing and Controlling Cisco Routers. In addition, Peter was

the technical editor for Hacking For Dummies and Norton Internet Security For Dummies. Peter is listed in the International Who’s Who of Professionals. In addition, he was only the third editor in the three-decade history of EDPACS, a publication in the field of security, audit, and control. He finds time to be a part-time lecturer in data communications at Seneca College (http://cs.senecac.on.ca). He lives with his wife Janet, daughter Kelly, two cats, and a dog in Toronto, Ontario.

Dedication

Little G — this one’s for you. You’re such a great motivator and inspiration to me — more than words can say. Thanks for reminding me of what’s really important. Thanks for being you.

—Kevin

To all my friends and enemies. Hopefully, the first group is bigger than the second.

—Peter

Authors’ Acknowledgments

Kevin:

Thanks to Melody Layne, our acquisitions editor, for approaching me about this project and getting the ball rolling.

I’d like to thank our project editor, Chris Morris, as well as Kevin Kirschner and all the behind-the-scenes copy editors for pulling this thing together. Many thanks to my co-author Peter T. Davis for working with me on this book. It has been an honor and a pleasure.

I’d also like to thank Hugh Pepper, our technical editor, for the feedback and insight he gave us during the technical editing process.

Also, many thanks to Devin Akin with Planet3 Wireless for writing the foreword. Major kudos too for all the positive things you’ve done for the industry with the CWNP program. You’re a true wireless network pioneer.

Many thanks to Ronnie Holland with WildPackets, Chia Chee Kuan with AirMagnet, Michael Berg with TamoSoft, Matt Foster with BLADE Software, Ashish Mistry with AirDefense, and Wayne Burkan with Interlink Networks for helping out with my requests.

Thanks, appreciation, and lots of love to Mom and Dad for all the values and common sense you instilled in me long ago. I wouldn’t be where I’m at today without it.

Finally, to my dear wife Amy for all her support during this book. Yet another one I couldn’t have done without you! You’re the best.

Peter:

Melody Layne (our acquisitions editor) for pitching the book to the editorial committee and getting us a contract. As always, much appreciated.

Chris Morris for helping us bring this project to fruition. Kudos, Chris.

Hugh Pepper, tech editor, for his diligence in reviewing the material. Thanks, Hugh, for stepping in and stepping up.

Peter would like to thank Kevin Beaver for suggesting we write this together. Thanks Kevin. Peter would also like to thank Ken Cutler, Gerry Grindler, Ronnie Holland, Carl Jackson, Ray Kaplan, Kevin Kobelsky, Carrie Liddie, Dexter Mills Jr. and Larry Simon for responding to a request for wireless information. Thanks for answering the call for help. And a really big shout-out to John Selmys and Danny Roy for their efforts. Thanks, guys. The provided information shows in this book. Peter would be remiss should he not thank the NHL and NHLPA for canceling the hockey season. Thanks for freeing up his time to write this book. But the book is done, so get it together so he has something to watch this fall! (Come on guys, the Raptors don’t quite fill the void.) A special thanks to Janet and Kelly for allowing Peter to work on the book as they painted the family room. Now he can kick back and enjoy the room!

Publisher’s Acknowledgments

We’re proud of this book; please send us your comments through our online registration form located at www.dummies.com/register/.

Some of the people who helped bring this book to market include the following:

Publishing and Editorial for Technology Dummies

Richard Swadley, Vice President and Executive Group Publisher

Andy Cummings, Vice President and Publisher

Mary Bednarek, Executive Acquisitions Director

Mary C. Corder, Editorial Director

Publishing for Consumer Dummies

Diane Graves Steele, Vice President and Publisher

Joyce Pepple, Acquisitions Director

Composition Services

Gerry Fahey, Vice President of Production Services

Debbie Stailey, Director of Composition Services