Book Review – BackTrack 5 Wireless Penetration Testing Beginner’s Guide
If you want an easy to follow, step by step guide to analyzing and testing Wi-Fi security, look no further than Vivek Ramachandran’s “BackTrack 5 Wireless Penetration Testing Beginner’s Guide
The author guides you on a path from the basic principles of Wi-Fi to advanced monitoring and attacks.
Vivek starts you out by preparing your wireless lab, installing Backtrack 5, configuring your wireless cards and access point.
Then after a brief overview of wireless frames, you get to work right away by sniffing traffic with Wireshark so you can see what these frames actually look like.
The author then takes you on a step by step journey of the most common attacks used against WLANs.
This includes everything from bypassing authentication & cracking encryption (WEP and WPA/WPA2) providing the environmental variable are correct, to advanced techniques like man-in-the-middle attacks and attacking WPA-Enterprise.
He then finishes the book with discussing Wireless penetration methodology, testing and reporting.
It has been a while since I have seen a book like this. You will learn step by step, command by command, using the ever popular penetration testing platform Backtrack 5. Each lab demonstrations is accompanied with step by step pictures to guide you through the process. These pictures in the paperback book edition are in mono however should you purchase the PDF ‘eBook’ edition also from the publisher directly this is in full colour.
Each chapter builds on what you have learned in the previous. The text is very clear to follow and the pictures perfectly display and clarify the techniques you are learning and match what you should be seeing on your screen.
For best results, you should have at least a basic knowledge of Linux or Backtrack 5 and Wi-Fi.
If you are interested in computer security, and want to learn how Wireless networks are attacked and how to defend against it, then look no further. I highly recommend this book.
A few observations about this book which I made included In chapter 3. The author discusses ‘Bypassing open authentication’. The fact is there is very little to ‘bypass’ or as the author later describes on page 62 ‘hack’. Could this have just been included as a simple lab for those who failed to succeed at any of the other labs in the book?
I also found the timing of the book being released interesting. I don’t think I have ever seen a book made published so close to the date the actual content (Backtrack 5 in this case) having been released. The skeptic in me suggests that this book was intended for BackTrack 4 and as the tools, techniques and methodologies used are cross compatible, such as with the airmon-ng suite. The book title was modified just in time to hit the shelves?
Additionally it was noted how there are the occasional spelling and grammar errors (not that we here at ForHacSec have perfect spelling and grammar all of the time) during the book which indicates it may have been a little rushed or lacked a proof read. It does add to the challenge of the labs however when having to auto-correct whilst working through.
Vivek Ramachandran’s was one of the winners of Microsoft’s Security Shootout contest in India, worked at Cisco as an Engineer, founded SecurityTube.net, discovered the wireless “Caffe Latte Attack” and presented at numerous security conferences including Blackhat, Defcon and Toorcon.