Archive for the ‘Book Review’ Category

FREE Copy of “Wireless Hacking Exposed”

Posted June 24, 2010
Filed under: Book Review, Penetration Testing, Security, Wireless Security | Tags: , , , , , ,
* Comments (5)

There has been a thread going on the WiFiSec mailing list at SecurityFocus the past couple days about Wi-Fi testing on a Mac.

My friend and colleague, Joshua Wright weighed in with his tremendous expertise with the following post:

Johnny Cache, Vinnie Liu and I are just putting the finishing touches on

Hacking Exposed Wireless, 2nd Edition. It’s available for pre-order on

Amazon, and should be shipping in the middle of July (http://amzn.to/d4D2SU). In this fully-revised book we present step-by-step help for implementing multiple attacks against 802.11, Bluetooth, ZigBee and DECT, with countermeasures for each attack.

Pertinent to this discussion is Johnny’s chapter “Bridging the Airgap on

OS X” where he illustrated an example of compromising a remote OS X box

and leveraging it to attack local wireless networks. In this discussion

he talks about the OS X “airport” utility.

The airport utility is located at

/System/Library/PrivateFrameworks/Apple80211.framework/Versions/A/Resources/airport.

In 10.6 systems, you can use this tool to initiate a monitor-mode

packet capture saving to a libpcap file, as well as active scanning and

other interesting functions. During a packet capture with the airport

utility, the Airport icon on the task bar will turn into what we decided

is the “Eye of Sauron”.

While Windows Vista and 7 have native monitor-mode support in drivers,

there are no native tools, forcing us to rely on the NetMon package.

Fortunately with OS X, we have the native airport utility.

Some of Johnny’s scripts and tools from this chapter have been put

online at www.hackingexposedwireless.com. I’ll continue to post

materials there this week, as well as the free online chapters providing

in-depth analysis of 802.11, Bluetooth (including attacks against

Simple, Secure Pairing) and RF fundamentals.

–Josh

I can tell you from taking Josh’s Wireless Ethical Hacking, Penetration Testing, and Defenses course through the SANS Institute, that he *definitely* knows his stuff, and therefore, this book is a must read.

I think this book is such a must read, that I am giving away a copy for FREE.  Leave a comment with your best Wi-Fi Pentesting Tip. I’ll choose the best one a week from today (July 1st) and I’ll pre-order this book on your behalf.

Mojo – Book Review

Posted June 3, 2010
Filed under: Book Review | Tags: , , , , , ,
* Comments (1)

Fundamentally, this book was about living a life with happiness and purpose.

There were a couple powerful ideas that I took away from this book.  One was that “we continue doing what we’re doing even when we no longer want to do it”.

This is slightly different, although roughly similar to the theme of Marshall’s other book “What Got You Here Won’t Get You There”.  What we need to STOP doing is just as important as what we need to START doing.  Similar theories have been espoused in business articles from Jim Collins and by Seth Godin in his book, “The Dip”.

In “Mojo”, this particular point is best illustrated by one key sentence: “The most reliable predictor of what you will be doing five minutes from now is what you are doing now“.  Simple, yet extremely insightful, in my opinion.

This book is more than theory though.  It goes on to show how to practically evaluate all your daily activities to figure out which ones are worth continuing and which ones you should stop.  The framework is a “Mojo Scorecard” and there are example cards in both the book and on the accompanying website.

I don’t want to spoil it here, but my other key take away (and favorite part of the book) was the Coda.  It is at the end (starting on page 183 of the hardcover edition).  It is only two pages long.  It’s titled “You Go First” and has one of the most important life lessons I have ever read, especially for parents.  If I could urge you do one thing, it would be to go to your local library or bookstore and read the Coda.

CWAP Study Guide (Book Review)

Posted June 12, 2009
Filed under: Book Review, External Training, Professional Development, Troubleshooting | Tags: , , , ,
* Comments (2)

I read this book to prepare re-certify my CWNE (Certified Wireless Network Expert).

This is an *excellent* read, especially for seasoned wireless LAN engineers. It goes into a lot of the “beeps and squeaks” of wireless networking. It takes an in-depth look into the MAC and PHY layers, including all the bitwise fields of the 802.11 MAC header. A well written book that I have gone through at least 3 or 4 times.

There are not too many books that go this in-depth on Layers 1 and 2 of wireless networking.  The IEEE 802.11 Handbook is the “official” study guide for the CWNE, but I don’t think it is a clear as the CWAP Study Guide.

It isn’t a book that I would suggest for beginners.  For those folks, I would suggest either the McGraw Hill or the Sybex “CWNA Study Guide”.

Happy reading!

Twitter Power – Book Review

Posted May 21, 2009
Filed under: Book Review, Social Media | Tags: , , , ,
* Comments (1)

This should be considered the “how-to Twitter bible” for beginners and experts alike. For beginners, the book talks about how to use the technology for many different purposes including advertising, selling, customer service, etc.

For advanced users, the book discusses third-party tools, Twitter application development, and legal concerns.

Personally, the section I enjoyed the most was how to use Twitter to build and maintain a personal brand.

Joel writes in a very friendly, informal way which puts the reader at ease and enables them to digest the material at a rapid pace. Don’t let that fool you though – there are plenty of examples, case studies, and hyperlinks throughout the book.

The book ends with a 30 day action plan for how to get maximum value from using Twitter. It has specific steps to accomplish each day.

Purchasing the book also includes a free “ticket” to Joel’s online 4-week social media workshop. I found out about this feature watching Joel’s video preview of the book on Amazon. It was one of the deciding factors to purchase this versus another Twitter title. However, when the book arrived, I got so caught up in reading it, I haven’t registered for the online workshop yet. I guess that is the ultimate testimonial for how engrossing the book is…

Related Posts:

Groundswell by Charlene Li and Josh Bernoff – Book Review

Posted April 13, 2009
Filed under: Book Review, Social Media | Tags: , , , , ,
* Comments (1)

I would like to offer periodic book reviews on WiFiJedi.com   The plan is to review wireless networking and security books. However, I have been doing a lot of reading about blogging and social media these days. Therefore, this week I am reviewing the book “Groundswell” by Charlene Li and Josh Bernoff.  

Please let me know in the comments section if you like the idea of book reviews.  Also let me know if you would like them strictly on wireless, or if you don’t mind if they are off topic.  

I originally bought this book based on a You Tube video of the author, Charlene Li, making a presentation under the “Authors @Google” program. I guess the Groundswell sold one more copy of her book…

In many ways, this book reminded me of Jim Collin’s “Good to Great” book. “Groundswell” is very quantitative in nature. There are a TON of in-depth case studies – the book even contains a case index in addition to a subject index.

The book is well structured. It is broken into three main parts and has a logical idea flow of listening, talking, energizing, supporting, and embracing the groundswell. While I liked the structure, it took more time to read than most books due to its academic nature. 

Overall, the authors take a practical, high-level approach to social media. They focus on the people, objectives, and strategy BEFORE they focus on any given technology.

This should definitely be a cornerstone text in any library on Social Media!