Announcing the SANS 5th Annual Log Management Survey: A Leading Source for Actionable Data on Key Issues and Trends.
Please take a moment to complete our survey.
the most trusted source for computer security training, certification and research
select a course
Brisbane, Australia - February 19 - 24, 2007
Global Information Assurance Certification

It was, overall, the most in-depth training on securing Windows I've attended!
-Matt Hurst, Madison City Schools

SECURITY 617

Assessing and Securing Wireless Networks

Monday 19 February - Saturday 24 February 2007
Mark Hofman, Shearwater Solutions
6 CPE Credits Per Day

Few fields are as complex as wireless security. This course breaks down the issues and relevant standards that affect wireless network administrators, auditors and information security professionals. With hands-on labs and instruction from industry wireless security experts, you will gain an intimate understanding of the risks threatening wireless networks. After identifying risks and attacks, we'll present field-proven techniques for mitigating these risks, leveraging powerful open-source and commercial tools for Linux and Windows systems.

As part of the course, you will receive the SANS Wireless Auditing Toolkit (SWAT). Using the hardware and software in this toolkit, you will gain hands-on experience examining wireless networks from the perspective of an attacker, learning the techniques used to exploit wireless weaknesses, and how you can protect your organization from attack. We will examine various techniques and standards used to secure wireless networks, detailing the strengths and weaknesses of common designs while demonstrating the insight gained from wireless penetration testing that you can apply to your network. Only through auditing and assessing your wireless network can you gain peace of mind that your network is secure.

The SWAT Toolkit consists of:

  • Extremely powerful IEEE 802.11a/b/g card with external antenna connectors
  • High-gain directional panel antenna suitable for 2.4 and 5 GHz networks
  • Omni-directional antenna suitable for 2.4 and 5 GHz networks
  • Pigtail cable for panel antenna
  • USB Global Positioning System (GPS) adapter
  • All software and tools used in lab exercises

Prerequisites
Students should have a working knowledge of wireless networks with experience in the design or deployment of wireless technology.

  • Who Should Attend
    • Operations professionals who are responsible for designing and implementing secure wireless networks
    • Security professionals who are concerned about the weaknesses of wireless networks
    • Penetration testers who want to include wireless network security assessments in their organization's services offerings
    • Auditors who must evaluate wireless networks to ensure they meet an acceptable level of risk and are compliant with organizational policy
  • A Sampling of Topics
    • Radio Frequency Characteristics
    • Interference in Wireless Networks
    • Common Misconceptions with Wireless Security
    • Understanding 802.11 Addressing
    • Triangulation Techniques for Locating Transmitters
    • Evaluating Your Network Using Popular Hacker Tools
    • Common Vulnerabilities in Wireless IPSec/VPN Deployments
    • Evaluating the Impact of WLAN DoS Attacks
    • Rogue AP's and Hotspot Networks
    • Compromising SSL Security on Hotspot Networks
    • Securing 802.1x and RADIUS Authentication
Author Statement

Wireless network security is the most exciting and rapidly changing aspect of information security. I've been infatuated with this field of research for several years now and have written tools and papers to help people understand the good and bad points about wireless security. In creating this course, I wanted to give people the skills and experience to audit wireless network security like a hacker would, using hands-on tools and analysis techniques. My goal was to give you the skills I've developed without you having to invest months or years in painstaking research and analysis. The result is a course like no other wireless LAN auditing course.

In this class you'll learn about attacks and analysis techniques that aren't covered by anyone else. You'll gain experience understanding the threats and vulnerabilities present in wireless networks, identify how an attacker exploits those weaknesses, and then learn about the techniques that you can apply to protect your network. By the end of this course, you will have the skills necessary to assess the security of your wireless network and protect your organization from wireless threats.

I welcome any questions or comments on this course; feel free to contact me directly at jwright@sans.org. Thanks!

- Joshua Wright