IWS - The Information Warfare Site
News Watch Make a  donation to IWS - The Information Warfare Site Use it for navigation in case java scripts are disabled

BKBSWNW8.RVW 20030208

"Building Secure Wireless Networks with 802.11", Jahanzeb Khan/Anis Khwaja, 2003, 0-471-23715-9, U$40.00/C$62.95/UK#29.95
%A Jahanzeb Khan
%A Anis Khwaja
%C 5353 Dundas Street West, 4th Floor, Etobicoke, ON M9B 6H8
%D 2003
%G 0-471-23715-9
%I John Wiley & Sons, Inc.
%O U$40.00/C$62.95/UK#29.95 416-236-4433 fax: 416-236-4448
%O http://www.amazon.com/exec/obidos/ASIN/0471237159/robsladesinterne
%O http://www.amazon.ca/exec/obidos/ASIN/0471237159/robsladesin03-20
%P 330 p.
%T "Building Secure Wireless Networks with 802.11"


As with any hot topic, there are lots of people willing (eager!) to tell you about the security of wireless local area networks, without first making sure that they really know the subject.

Part one is an introduction to wireless LANs. Chapter one is a history of networks, an outline of topologies (concentrating on cabling, interestingly enough), and a review of the TCP/IP (actually OSI, [Open Systems Interconnection] protocol stack. The last page gives too little information for an exercise in setting up a home LAN. Terms in regard to wireless technology are listed in chapter two, but the material is verbose without being informative. The explanations given for spectrum multiplexing are unclear, and seem to be delivered by rote without any understanding. The discussion does not build on that from chapter one to, for example, point out that ad hoc wireless networks are similar to bus topologies, while infrastructure networks are more akin to stars. The various IEEE (Institute of Electrical and Electronics Engineers) 802.11 standards are listed in chapter three. However, there is a great deal of material repeated from prior text (the discussion of spectrum is reprised almost word for word), and, other than some frequency and maximum bandwidth information, there is little additional detail. (Repetition and duplication is rife throughout the book, as well as a good deal of space wasted with pointless figures and graphics. On page 125 we are told that "The 40- bit shared key is concatenated with a 24-bit long initialization vector" and referred to figure 6.1. Figure 6.1 tells us" Concatenated-Key = Shared-Key + IV." Not very helpful.) Chapter four is supposed to help you decide whether a wireless LAN is right for you, but only has some vague opining, a little content on wireless ISPs (Internet Service Providers: hardly suitable for LAN discussions), and almost no analysis or details.

Part two purports to emphasize secure wireless LANs. Chapter five has random topics regarding network security. Most of it is irrelevant to the specific needs of wireless situations or is not discussed in terms of the particular needs of wireless networks. (Physically securing the components of a wireless LAN has some importance in overall security, but may be pointless if someone driving by can take over the network). Securing the IEEE 802.11 wireless LAN is not reviewed well in chapter six. There is more duplication of content, few details about WEP (Wired Equivalent Privacy), and some clear evidence of misunderstanding of the base technologies. (If you are going to talk about 40 bit keys at the low level, higher level security should be 104, rather than 128, bit. And a 128 bit key is *not* equivalent to 64 characters, in anybody's representation.) When security aspects are discussed, often they relate to issues that are beyond the control of the user, such as moderation of signal strength.

Part three collects topics related to the building of secure wireless LANs. Chapter seven is a simplistic overview of generic LAN planning. Shopping for the right equipment is important, but the list of product specifications in chapter eight fails to address vital areas, such as driver availability, default key length, and the existence of default accounts. More space is devoted to where you can buy equipment than how to evaluate it. The installation instructions, in chapter nine, pretty much ignore security considerations. Chapter ten supposedly deals with advanced wireless LANs, including security, but has little new material aside from screenshots of Microsoft Windows utilities with some relationship to VPNs (Virtual Private Networks).

Part four covers troubleshooting and maintenance. Chapter eleven touches on a number of possibly wireless connectivity problems. A collection of text repeated from prior chapters is in chapter twelve.

There is a glossary included with the book. It is quite limited, and, in particular, does not deal well with acronyms. In fact, the book is full of TLAs (Three Letter Acronyms) and other abbreviations that get used before they are defined, and do not appear in either the glossary or the index. This can be quite aggravating, particularly in cases where the acronyms aren't standard. (The authors use "PHY" to refer to the physical layer of the OSI model, which is not commonly so represented in either communications or security literature.)

The text of the book is excessively padded with useless verbiage and irrelevant material. The actual content pertinent to the security of wireless LANs is barely enough to fill a decent magazine article. Overall, the book is poorly structured, limited in detail, and bloated with meaningless or repetitious content.

copyright, Robert M. Slade, 2003 BKBSWNW8.RVW 20030208