A Message & Special Offer from SANS Instructor Josh Wright Regarding Wireless Network Security

A couple months ago I saw some amazing wireless attack demos at Shmoocon that took advantage of weak cryptography, weak authentication, and implementation and design flaws. The lesson I took away from the event was that wireless attacks have changed, but they aren't slowing down.  We are seeing more and more tools to exploit wireless technologies, including WiFi, Bluetooth, ZigBee, IEEE 802.15.4, cellular networks, and proprietary systems.  If you want to protect your data and wireless networks it is critical that you understand the technology, threats, exploits, and defense techniques for wireless systems.  SANS' SEC617: Wireless Ethical Hacking, Penetration Testing, and Defenses (https://www.sans.org/info/71593) will help you gain that understanding.  Keep reading if you'd like to learn more about this course and how to get a free MetaGeek Wi-Spy DBx spectrum analyzer ($599 retail value).

As the author of SEC617, I am continuously updating the course.  Each update adds coverage of emerging attack tools and new trends, such as the Ubertooth Bluetooth attack hardware and the KillerBee framework for exploiting ZigBee networks.  Even WiFi networks, thought to be secure by many organizations, are now known to be susceptible to VeriSign-approved RADIUS servers and a number of client-side exploits.  I also cover advanced techniques in SEC617, such as "bridging the airgap" (leveraging remote Windows Vista/7 and OS X compromised clients to exploit internal wireless networks).

Beginning April 19th I'll be teaching SEC617 on vLive!, SANS' live, online training platform.  This is one of my favorite teaching methods; students receive all the benefits of a conference event (live instructor, live demos, lab exercises, detailed Q&A), but the course is taught in smaller blocks, giving students more time to digest and process the material. Students also receive recordings of each session that can be replayed to reinforce topics or catch up on a missed session.  The class will be meeting two evenings a week over a six week period.  You can register at https://www.sans.org/info/71593.

As a special bonus for students in this class, SANS vLive! is giving away a FREE Wi-Spy DBx ($599 retail value) to students who enter promo code WISPY_EH!  I am very excited about this offer because MetaGeek's Wi-Spy DBx gives you much-needed visibility into the behavior of the RF spectrum.  I use my Wi-Spy DBx for identifying unauthorized transmitters, interfering devices, and any number of attacks against the wireless network.  Moreover, it is incredibly useful as a network troubleshooting and WLAN design tool to help you optimize the configuration of AP's at 2.4 and 5 GHz.  If you work with wireless networks, you should have a Wi-Spy DBx.  Just remember to enter promo code WISPY_EH when you register!

If you or your organization uses wireless technology in any form, you will benefit from SEC617: Wireless Ethical Hacking, Penetration Testing, and Defenses.  Join me online starting April 19th and have fun while learning the tools and techniques for assessing, manipulating and exploiting wireless systems. 

Questions? Feel free to drop me a note at jwright@willhackforsushi.com.  Thanks!

Josh Wright