Mention wireless networks, and the question of security will soon follow. It's not surprising that in spite of compelling business arguments for going wireless, many companies are holding back because of security concerns. But, while it's true that wireless networks create security issues that don't exist in wired networks, the issues are not insurmountable. 802.11 Security shows how you can plan for and successfully contend with security obstacles in your wireless deployment. This authoritative book not only explains the security issues, but shows you how to design and build a your own secure wireless network.

802.11 Security covers the entire process of building secure 802.11-based wireless networks, in particular, the 802.11b ("Wi-Fi") specification. The authors provide detailed coverage of security issues unique to wireless networking, such as Wireless Access Points (WAP), bandwidth stealing, and the problematic Wired Equivalent Privacy component of 802.11. You'll learn how to configure a wireless client and to set up a WAP using either Linux or Free BSD. You'll also find thorough information on controlling network access and encrypting client traffic.

Beginning with an introduction to 802.11b in general, the book gives you a broad basis in theory and practice of wireless security, dispelling some of the myths along the way. In doing so, they provide you with the technical grounding required to think about how the rest of the book applies to your specific needs and situations. Next, the book details the technical setup instructions needed for both the Linux and FreeBSD operating systems. Some of the topics covered include:

• Station Security for Linux, FreeBSD, Open BSD, Mac OS X and Windows
• Setting Up Access Point Security
• Gateway Security, including building Gateways, firewall Rules, Auditing, etc.
• Authentication and Encryption
• FreeBSD IPsec client and gateway configuration
• Linux IPsec client and gateway configuration
• 802.1x authentication

802.11 Security is a book whose time has come. If you are a network, security, or systems engineer, or anyone interested in deploying 802.11b-based systems, you'll want this book beside you every step of the way.

Average Customer Review: ( 13 customer reviews )
Write an online review and share your thoughts with other customers.

Warning Will Robinson! This small book on 802.11b wireless security (167 pages not including the comprehensive index) is not for the faint of heart. To take full advantage of the copious amount of detail that Potter and Fleck provide, you need a good working knowledge of networking, and familiarity with either the Linux, FreeBSD, or OpenBSD operating systems.

802.11 Security is aimed at people who need to configure and administer secure 802.11b wireless (popularly named Airport or WiFi) networks. 802.11 Security is NOT targeted at the casual home computer user who merely wants to keep others from poaching their wireless connection. Those users are best served by Adam Engst's and Glenn Fleishman's Wireless Internet Starter Kit.

However, if you have any interest in comprehensive and detailed knowledge of how 802.11b security works from the network administrator's viewpoint, 802.11 Security is the book for you. Potter and Fleck have years of experience with Unix security issues, and have several papers on the subject to their credit.

After setting the stage with a good discussion of the many problems with wireless security, the authors outline some of the more common types of attacks on wireless networks. Why? Their point is that understanding the nature of the "Man-in-the-middle" attack (for example) is important for knowing how to prevent it. This point shows that 802.11 Security is more than just a "cookbook" manual. It provides the "why" as well as the "how."

The bulk of the book covers how to configure FreeBSD, Linux, and OpenBSD clients, gateways, and access points (base stations for us Apple types). Plenty of examples are provided. However, with no CD included to allow copy-and-paste, you'll need to enter everything manually if you want to follow the examples verbatim. In reality, the lack of a CD is not an issue, as the typical sysadmin is going to be working on their customized installation, and will need to tweak the code examples.

802.11 Security does have ten pages on Mac OSX station configuration, as well as a smaller section on Windows setup. For those adventurous readers, the Mac setup section has plenty of examples on how to configure OSX's built-in firewall for best wireless security. The relative paucity on client computer setup is one of the few drawbacks for an end-user reader, as the book focuses on administrator issues.

802.11 Security is a good read for the Unix sysadmin who is new to wireless networks, or for the aficionados who want to roll their own home wireless network security. Again, this is not a mass-market book. But if you're not the average home user, 802.11 Security is a worthwhile book.

MacMice Rating: 4 out of 5

David Weeks
[website]

10 of 10 found the following review helpful:

It is not the Music. . . . . .Feb 15, 2003
By Marco De Vivo "Mr. TCP/IP"
You don't know me. So you are not supposed to trust me blindly.

However, after years in this (security) area, let me share a thought with you: It is not the music, but who and how is playing it that matters.

This is a superb book, as excellent as the well known experience of the writers.

I recently hired three security pros. with not previous knowledge in wireless security. I gave them just one weapon: This Book.

After just a week in their first wireless scenario, were able to detect and correctly react to several related security incidents.

Don't let other reviews fool you. This is an outstanding book.

If this is your area of interest believe me and buy it.

If then you think I was wrong. . . well don't trust any more in my reviews (bet it won't happen).

12 of 13 found the following review helpful:

Wonderful book, title should mention Unix.Sep 30, 2003
By Stephen Northcutt
802.11 Security is another fine O'Reilly book, it is very nicely written and laid out and the message is crystal clear.

The reason I gave it three stars was that the book is heavily biased towards Linux, Free BSD, and Open BSD and the title does not reflect the bias. That is not a bad thing, I found the unix information wonderful, but if you are ordering 802.11 Security over the web, you might easily miss the unix emphasis and end up with a book that doesn't meet your needs.

6 of 7 found the following review helpful:

Good introduction, not a detailed reference (as promised)Feb 07, 2003
By dhartmei
I don't agree with the negative reviews above. The book doesn't pretend to be a reference of 802.11 protocols at all. It claims to cover fundamentals of wireless security and practical solutions for many operating systems. And it does hold that promise.

The introduction to wireless security is to the point and accurate.
I can't judge all the OS specific chapters, but those that cover OpenBSD are well done and a good introduction to all tools relevant to 802.11 on that platform.

If you have to think twice before spending [the money], you can find the same information in man pages. That doesn't mean that the book isn't worth its price, though.

Anyone using wireless networks without being aware of the security implications will profit from this short book, and those running one of the covered operating systems will find the examples a good starting point.
It's only 176 pages, and about 80% are OS specific (covering Linux/netfilter, FreeBSD/ipfw, OpenBSD/pf, Mac OSX and Windows), which means you can either skip over most of the OS specific parts or use it as an summary of the similarities and differences among those OSs.

3 of 4 found the following review helpful:

Can't believe the bad rap...Mar 03, 2003

Wow, I can't believe this book has any less than 4.5 stars. The 1-star reviews really do seem to miss the mark. This book is short and to the point because it doesn't waste time talking about concepts and standards that the average person shouldn't care about.

This book teaches you how to deploy 802.11 as it is today as securely as possible, and informs you well about the issues you cannot circumvent.

It even considers that you might not be running a homogenous network. Even though the server-side stuff is UNIX specific, they talk about client configuration even across Windows.

And they do cover the Mac.

Highly recommended.

See all 13 customer reviews on Amazon.com