Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "Wireless Security End to End", Brian Carter/Russell Shumway

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Ha
    BKWLSCEE.RVW 20031019 Wireless Security End to End , Brian Carter/Russell Shumway, 2002, 0-7645-4886-7, U$39.99/C$59.99/UK#29.95 %A Brian Carter %A
    Message 1 of 1 , Nov 24, 2003
    • 0 Attachment
      BKWLSCEE.RVW 20031019

      "Wireless Security End to End", Brian Carter/Russell Shumway, 2002,
      0-7645-4886-7, U$39.99/C$59.99/UK#29.95
      %A Brian Carter
      %A Russell Shumway
      %C 5353 Dundas Street West, 4th Floor, Etobicoke, ON M9B 6H8
      %D 2002
      %G 0-7645-4886-7
      %I John Wiley & Sons, Inc.
      %O U$39.99/C$59.99/UK#29.95 416-236-4433 fax: 416-236-4448
      %O http://www.amazon.com/exec/obidos/ASIN/0764548867/robsladesinterne
      http://www.amazon.co.uk/exec/obidos/ASIN/0764548867/robsladesinte-21
      %O http://www.amazon.ca/exec/obidos/ASIN/0764548867/robsladesin03-20
      %P 336 p.
      %T "Wireless Security End to End"

      Part one is an introduction to wireless network security. Chapter one
      is supposed to be an opening to wireless networking, but is basically
      a list of common protocols. Wireless threat analysis, in chapter two,
      is an unstructured list of miscellaneous threats. A facile overview
      of blackhat communities, some intrusion tools, and a discussion of
      insider attacks (without mention of any relevance to wireless
      networking) is in chapter three.

      Part two looks at the components of network security. Chapter four
      presents us with random security factors in place of the promised
      network security model. Network intrusion protection is said, in
      chapter five, to consist of firewalls and other tools with limited
      application to wireless topologies. In regard to network intrusion
      detection, some of the material in chapter six is pointless (who would
      expect an intrusion detection system (IDS) to protect against insider
      attacks?) and some is wrong (a honeypot would only act as an intrusion
      detection sensor by chance). Chapter seven has sound information on
      host-based IDS and some advice on hardening systems, but wireless
      networking is almost unmentioned. Virtual private networks are
      discussed in chapter eight, while nine turns to logging and audits.

      Part three reviews wireless security components. Chapter ten outlines
      a configuration for basic level wireless security. Secure
      authentication, in chapter eleven, has at least some relation to
      wireless. The examination of encryption, in chapter twelve, lists
      protocols without much discussion of concepts, and records weaknesses
      of the systems without providing details. Chapter thirteen briefly
      considers the placement of wireless access points, from a convenience
      rather than security perspective.

      Part four contemplates the integration of wireless security into the
      network security process. Chapter fourteen registers some tools for
      the logging of wireless security events. A number of points to
      consider for a wireless security policy are enumerated in chapter
      fifteen. Various sniffing and cracking tools are described in chapter
      sixteen. Chapter seventeen isn't really clear as to its purpose, but
      seems to be talking about management of device configuration.

      Part five lists products, rather than the promised security models.
      We look at Cisco and LEAP, RADIUS, IPSec, secure wireless public
      access, and secure wireless point-to-point in chapters eighteen to
      twenty two.

      While not as bad as "Wireless Security" (cf. BKWRLSSC.RVW), by Randall
      K. Nichols and Panos C. Lekkas, this work is only on a par with
      bloated exercises such as Jahanzeb Khan and Anis Khwaja's "Building
      Secure Wireless Networks with 802.11" (cf. BKBSWNW8.RVW) or the
      comprehensive list of topics (but missing details) in "Designing a
      Wireless Network" (cf. BKDSWLNT.RVW) by Jeffrey Wheat et al.
      Certainly "Wireless Security Essentials" by Russell Dean Vines (cf.
      BKWLSCES.RVW) is far superior to the Carter and Shumway book.

      copyright Robert M. Slade, 2003 BKWLSCEE.RVW 20031019


      ======================
      rslade@... slade@... rslade@...
      Computer Security Day, November 30 http://www.computersecurityday.com/
      victoria.tc.ca/techrev/mnbksc.htm sun.soci.niu.edu/~rslade/secgloss.htm
    Your message has been successfully submitted and would be delivered to recipients shortly.