Book Image

Building a Pentesting Lab for Wireless Networks

By : Andrey Popov, Vyacheslav Fadyushin, Aaron Woody
Book Image

Building a Pentesting Lab for Wireless Networks

By: Andrey Popov, Vyacheslav Fadyushin, Aaron Woody

Overview of this book

Starting with the basics of wireless networking and its associated risks, we will guide you through the stages of creating a penetration testing lab with wireless access and preparing your wireless penetration testing machine. This book will guide you through configuring hardware and virtual network devices, filling the lab network with applications and security solutions, and making it look and work like a real enterprise network. The resulting lab protected with WPA-Enterprise will let you practice most of the attack techniques used in penetration testing projects. Along with a review of penetration testing frameworks, this book is also a detailed manual on preparing a platform for wireless penetration testing. By the end of this book, you will be at the point when you can practice, and research without worrying about your lab environment for every task.
Table of Contents (15 chapters)
Building a Pentesting Lab for Wireless Networks
About the Authors
About the Reviewers

Chapter 4. Designing Application Lab Components

In the previous chapter, we prepared a network "basis" for the lab in two options: hardware and virtual. Now, it is time to fill the lab network with application-level functional components such as web servers and database servers. Those components are needed to build a lab network that has most of the capabilities of a real enterprise network to let a penetration tester practice the most common and "must-know" cases and techniques.

Usually, applications and network services are the main goal for attackers and the main target of their attacks. Such components are usually used to process and store financial and private data, trade secrets, and other sensitive confidential data. They are often used to manage other network components and accounts, thus controlling the access to network resources. Some of them can provide various customer services and are therefore one of the key profit or reputation systems for a commercial company, so-called business...