Wireless Operational Security

P

Parameter tampering, 88

Passive attacks, 199

defined, 51, 199

performing, 200

See also Active attacks; Attacks

Password cracking, 40 “44

defined, 41

John the Ripper, 43 “44

for self-defense, 42

Unix Crack, 42 “43

Windows NT L0phtCrack, 41

Password gathering/cracking software, 205 “9

Ettercap, 206

LOphtCrack, 206 “8

Lucent Registry Crack, 208

WinSniffer, 205 “6

wireless protocol analyzers, 208 “9

Passwords

attack countermeasures, 44

attacks, 334, 354

biometric systems, 39

default, updating, 178

good, characteristics of, 39 “40

management, 38 “44

methodology, 39

OTP, 346

SmartCards, 39

PEAP, 238 “40

configuration, 239

defined, 238

Microsoft support, 239

Peer-to-peer attacks, 217

Pen register and trap and trace statute , 106

Personnel security, 171

Phaos Technology Micro Foundation toolkit, 143 “44

algorithms, 144

defined, 143

footprint, 144

See also Cryptography toolkits

Physical security, 175 “77

defined, 175

template, 176 “77

See also Security policies

Point-to-Point Protocol (PPP), 231

Point-to-Point Tunneling Protocol (PPTP), 246 “47

connections, 248

per-packet data confidentiality, 248

Portability, 86

Port Address Translation (PAT), 268

Port forwarding, 255

Port Protection Devices (PPDs), 36

Port scanning, 215

Postmortem analysis, 80

President's Executive Order on critical infrastructure protection, 96 “97

Pretty Good Privacy (PGP), 153

Prevention, 16

Privacy standards/regulations, 16 “21

Gramm-Leach-Biley Act (GLBA), 17, 18 “19

Health Insurance Portability and Accountability Act (HIPAA), 19 “21

NAIC Model Act, 16 “18

Protective measures, 161 “65

Public key authentication, 256 “58

Public Key Code Signing #7 (PKCS#7), 149

Public key infrastructure (PKI), 50, 132 “37

defined, 132, 133

encryption/decryption process, 132

policy, 136 “37

process overview, 133 “34

risk analysis, 137

Public Switched Telephone Network (PSTN), 50