Wireless LAN Security Assessment Toolkit!

"You have got to check out this "Sweet Deal" - this toolkit includes everything you need, hardware, software, and training... all installed, tested and ready for any serious CWNA/CWSP Student!"

Devin Akin - CTO - Planet3 Wireless

This course was developed by a couple of CWNTs, Kimberly Graves (CWNE #2), and Keith Parsons (CWNE #3).  Not only is this a live, hands-on course with a binder and in-depth training, but it's also a complete toolkit with the hardware and software you need to get into Wireless LAN Security.

• The toolkit contains a Dell Latitude D620 laptop, preconfigured to dual-boot Windows XP Professional and BackTrack Linux.
• Licensed and open-source/free software that you'll need to configure, assess, and troubleshoot WLANs
• Five different wireless NICs are included in this kit to cover just about any attack possible.
• A custom script has been developed to make even the most challenging Linux tools easy…
• All the hardware and software is installed and configured - ready to go!

Not only do you get to keep this great toolkit, but three days of live hands-on training are also included. In class you will work through the scenarios and exercises with a professional, giving you the confidence to perform these same tasks and run the same diagnostics in the real world. You'll take home the binder, a DVD with supporting documentation, and course videos of the instructors doing ALL of the lab exercises.

For early registrants, there is an Early Bird Bonus is being offered — A Nokia N800 Internet Tablet computer.  This small tablet PC is a great addition to the class. It supports 802.11b/g, Bluetooth, has a webcam, and has software to read RSS feeds, browse the internet, VoIP, IM, and much more.

We're also including with the course:

• Laura Chappell's Master Library—a $1,999.00 value—with 5 DVDs full of Network Analysis Training
  
• IT Professionals Toolbox with over 100 hands-on lab exercises a USB drive full of Portable Apps and an automatic,
  covert ‘Attack' drive

Over $13,000 worth of hardware, software, accessories, and training are included in this class for the tuition price of $6995.00.

Wireless LAN Security Assessment Toolkit

Course Outline
0. Student Kit & Classroom Setup

Lab 0.1       Imaging the Laptop – Student Lab Kit Inventory

Lab 0.2       Wireless internet connectivity from laptop and Setup GoogleTalk and Gizmo accounts

Lab 0.3       Nokia N800 Internet Tablet setup and application installation and connection to classroom Access Point/Internet

Lab 0.4       Student AP setup – load DD-WRT firmware

1. Wireless Packet Captures & Connection Analysis Review

Lab 1.1       View an Open Authentication packet capture

Lab 1.2       View an EAP Authentication packet capture

Lab 1.3       View a data transfer packet capture

Lab 1.4       Create an Omnipeek Filter

Lab 1.5       Create a Wireshark filter

Lab 1.6       Create baseline captures                             

· Open – No WEP               Shared Key – WEP

· Open – WEP                    WPA – PSK

· Open – WEP – w/Radius Roaming connection

· WPA – Radius                  Beacon – Probe Request – Probe Response

2. Discovering, Locating & Accessing WiFi Networks

Lab 2.1       RF Scanning – with WiSpy & RF Signatures

Lab 2.2       Scanning for networks including Directional and high gain antennas

Lab 2.3       Physically locating an Access Point based on signal strength using AirDefense Mobile and WiFiHopper

Lab 2.4       Bluetooth scanning - bluescanner

Lab 2.5       Installing and using a GPS device

Lab 2.6       Wardriving & Data to Wigle/Maps & Google Earth

3. Sniffing and Capturing Data on Open Wireless Networks

Lab 3.1       Capture and Analyze WVoIP traffic – Use WVoIP phone and capture using Clearsight .  Playback the voice capture.

Lab 3.2       Capture and Analyze POP3 Email Traffic – Connect to a POP3 server and capture passwords using Winsniffer .

Lab 3.3       Capture and Analyze Web Email Traffic – Connect to Hotmail / Yahoo mail and capture and reassemble emails with NetResident

Lab 3.4       Using three AirPcap's to capture ALL the packets as a device roams across channels - Demo

Lab 3.5       Capture and Analyze Web Site Traffic – Connect to a web server and view images with driftnet and etherape .

4. Cracking 802.11 Encryption and Authentication Mechanisms on Protected Networks

Lab 4.1       LEAP Cracking - Asleap /Pre-Hashed Dictionary file

Lab 4.1       WPA-PSK dictionary attacks - CoWPAtty /Dictionary file/ wpa_crack

Lab 4.3       WEP Cracking and decrypting WEP traffic - Omnipeek/Aircrack/Commview

Lab 4.4       WEP Cracking Acceleration tools - Aireplay & Script

Lab 4.5       Making & Using Very Large Hacker Dictionary

5. Rogue Access Points & Client Hijacking

Lab 5.1       Using Zyzel Soft AP

Lab 5.2       Using DD-WRT firmware to create a captive portal

Lab 5.3       Client Hijacking / Evil Twin AP

Lab 5.4       Using Linux script to create a Fake hotspot

Lab 5.5       Piggybacking on a Captive Portal

Lab 5.6       Using Ethernet Over Power as AP Demo

6. Denial of Service Wireless Attacks

Lab 6.1       Narrowband RF Jamming w/Video Camera

Lab 6.2       Wideband RF Jamming Demo

Lab 6.3       Queensland DoS

Lab 6.4       Windows Deauth Atttacks - Use CommView to generate deauth frames. Use AirDefense to terminate sessions Demo . 

Lab 6.5       Linux Deauth Atttacks Use linux script to Deauth a client

Lab 6.6       802.11 Associate / Authenticate Flood Massdeauth

7. Using a Wireless Intrusion Detection/Prevention System

Lab 7.1       Airtight sensor – stand-alone hardware IDS

Lab 7.2       AirDefense Mobile as a local IDS

Lab 7.3       AirMagnet – Catching MacSpoofing - Demo

8. Creative Advanced Attacks

Lab 8.1       Create a honey pot  - KF sensor honey pot

Lab 8.2       Hacker's Choice for Creative Wireless Attacks - Demo

Lab 8.3       Using USB Attack Stick to gather information 

Lab 8.4       Peer Attacks – Demo

Lab 8.5       Ad Hoc – Split Tunnel - Demo

9. Integrating Wireless Security Assessment & Testing

            Sample Wireless Security Assessment Report        

10. IT Professional's Toolbox Course

            Introduction to Entire USB Course Materials – Over 100 lab exercises

www.hotlabs.org/usb

11. Using the Linux Wireless Testing Script

Lab 11.1     Using all the tools in the Linux Wireless Testing Script

Wireless LAN Security Assessment Toolkit

Student Kit Contents

Hardware

• Dell D620 Laptop – This is the one you want for yourself - $1895

2.0 GHz Intel Core Duo – 2GB RAM – 120GB HD – 1440 X 900 WXGA+

8X DVD+/-RW – Fingerprint Reader – Intel 3945 a/b/g – Bluetooth

Dual Boot – Windows XP Pro & Linux, includes upgrade to Vista

• Spare 80GB HD in Dell D620 caddy - for personal use - $125
• Nokia N800 - Internet Tablet –

802.11 b/g and Bluetooth - for wVoIP, internet browsing and watching training videos as well as the ‘second' client for various lab exercises

• USB 'Attack' Stick – 256Mb small form factor w/Bootable Linux & Attack tools
• Lexar Lightning 2GB USB Stick – with software from IT Professionals Toolbox
• Garmin eTrex Legend GPS – for War Driving
• Ubiquiti 300mw a/b/g PCMCIA NIC w/External Antenna
• 500mw USB Wireless NIC w/External Antenna - for high power attacks
• Prism 802.11 b NIC – for Linux driver compatibility
• Microsoft Wireless Notebook Mouse
• 2.4GHz Wireless Video Camera – for narrow-band Jamming
• WiSpy USB Spectrum Analyzer w/Chanalyzer software
• ZyXEL AG-225H - WiFi Finder, USB a/b/g NIC, Soft AP
• Linksys WRTG54 - w/Linux Interface – DD-WRT firmware
• Antenna Group

2dBi External Antenna – mmcx – attached to NIC

5dBi External Antenna – mmcx – attached to laptop

7dBi MagMount Antenna w/6' 'N' connector – for War Driving

13dBi 35° panel w/'N' connector – for long-distance finding & attacking

mmcx to 'N' pigtail 2' and 10'

Software

All software installed and tested – ready for you to start!

• Microsoft Office - $250
• NetScanTools Pro - $350
• Forensics Toolkit Imager - $89
• KF Sensor Professional - $999
• SnagIt - $39
• Invisible Secrets 4 - $39
• System Lifeguard - $29
• The Network Toolkit - $40
• AirDefense Mobile - $1,295
• Wireshark with AirPcap USB NIC - $198
• Tamosoft Commview for WiFi – $199
• Tamosoft NetResident - $99
• SpaceMonger - $19
• VisualRoute 2007 - $49
• MyVoIPSpeed PC - $49
• WildPacket OmniPeek Personal - $free for personal use
• WiFi Hopper - $35
• WinSniffer - $45
• Custom Linux Script for simple penetration testing - $150

Training

• WLSAT Training Manual & Student DVDs - $1500

Including three days of hands-on training with more than 45 lab exercises

• Laura Chappell Master Library – 5 DVD Set - $1999
• CWNA Practice Test Voucher - $49
• CWSP Practice Test Voucher - $49
• CWAP Study Guide – Electronic Format - $49
• Linux Quick Reference Guide - $15
• Keith Parsons' - Introduction to Wireless LANs – CBT - $249
• IT Professionals' Toolbox – Full Course including software & USBs - $999
• Video presentations of all Course Lab Exercises – watch from Nokia N800

Other

• Targus Computer Case - $100
• WLSAT System Restore DVD
• WLSAT Software Installers DVD
• SkyRidr (Linux) CD
• Backtrack (Linux) CD
• Blank CD-Rs with WLSAT Labels
• Small Tools Case
• Squid Power Strip - $25
• Grounded Extension Cord 10'
• 2 X Cat5 Cables - $25
• Cat5 Crossover Adapter - $15