Book Image

Building a Pentesting Lab for Wireless Networks

By : Andrey Popov, Vyacheslav Fadyushin, Aaron Woody
Book Image

Building a Pentesting Lab for Wireless Networks

By: Andrey Popov, Vyacheslav Fadyushin, Aaron Woody

Overview of this book

Starting with the basics of wireless networking and its associated risks, we will guide you through the stages of creating a penetration testing lab with wireless access and preparing your wireless penetration testing machine. This book will guide you through configuring hardware and virtual network devices, filling the lab network with applications and security solutions, and making it look and work like a real enterprise network. The resulting lab protected with WPA-Enterprise will let you practice most of the attack techniques used in penetration testing projects. Along with a review of penetration testing frameworks, this book is also a detailed manual on preparing a platform for wireless penetration testing. By the end of this book, you will be at the point when you can practice, and research without worrying about your lab environment for every task.
Table of Contents (15 chapters)
Building a Pentesting Lab for Wireless Networks
About the Authors
About the Reviewers

Network-based security solutions

In this chapter, we are not trying to adhere to the levels of the standard ISO/OSI model, but we distinguish two main abstract security levels: network and host levels.

The host level is represented with host-based security solutions that are aimed towards protecting a certain host. However, network-based solutions are aimed towards protecting the whole network or its parts (or groups of hosts). We would like to start the chapter with network-based solutions.

Configuring network access control

In order to imitate a real network and to protect our lab from access from an external network, we need to implement access control measures between our various lab VLANs on the network level. The access control mechanism that we are going to use is called access control lists (ACLs) and can be implemented on the core router.

Generally speaking, ACL is a list of rules determining which traffic is allowed or disallowed and in which directions. We are also going to create...