Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Mastering Kali Linux Wireless Pentesting

You're reading from   Mastering Kali Linux Wireless Pentesting Test your wireless network's security and master advanced wireless penetration techniques using Kali Linux

Arrow left icon
Product type Paperback
Published in Feb 2016
Publisher
ISBN-13 9781785285561
Length 310 pages
Edition 1st Edition
Arrow right icon
Authors (2):
Arrow left icon
Jilumudi Raghu Ram Jilumudi Raghu Ram
Author Profile Icon Jilumudi Raghu Ram
Jilumudi Raghu Ram
Brian Sak Brian Sak
Author Profile Icon Brian Sak
Brian Sak
Arrow right icon
View More author details
Toc

Table of Contents (11) Chapters Close

Preface 1. Wireless Penetration Testing Fundamentals FREE CHAPTER 2. Wireless Network Scanning 3. Exploiting Wireless Devices 4. Wireless Cracking 5. Man-in-the-Middle Attacks 6. Man-in-the-Middle Attacks Using Evil Twin Access Points 7. Advanced Wireless Sniffing 8. Denial of Service Attacks 9. Wireless Pentesting from Non-Traditional Platforms Index

SSL stripping attack


In a wireless network, when two parties are communicating with each other over plain text protocols, it is easy for a third party to intercept the traffic, extract useful information, or manipulate the communication. To reduce the possibility of an attacker sniffing on the wireless network, network-based encryption mechanisms, such as WPA or WPA2, are used. If the attacker has been able to derive the wireless network password, as demonstrated in previous chapters, they can still extract the data exchanged between two endpoints.

As a secondary form of security, many applications use additional encryption protocols, such as SSL or TLS. When using TLS, two clients set up an encrypted tunnel and securely pass the data through the tunnel rather than passing the data unencrypted. This does not prevent the attacker from sniffing the network, but capturing encrypted traffic without knowing the encryption key is generally pointless. The private encryption key resides on endpoints...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at AU $24.99/month. Cancel anytime