Publisher: McGraw-Hill Professional
Wireless Security is one of the most talked about topics in the information security area. As more and more organizations are migrating from wired to wireless networks, questions surrounding the current status of the WiFi network implementations are emerging. The general opinion of both IT professionals and media outlets is that there is no wireless security, but that is just a superficial look on this technology. Books like the one I'm taking a look at today, clearly show that wireless security is not just about the infamous WEP. But is the book worth buying?
About the author
Stewart S. Miller has more than a decade of highly specialized technical security and privacy expertise. He has published 11 books in the computer field and over 1000 technical articles. He is an IBM Certified IT Security Consultant, charter member of National Association of Science Writers and has certifications in every module of SAP and PeopleSoft.
Inside the book
Mr. Miller opens the book with an introduction to the security standards surrounding Wireless Local Area Networks. Third page of the book presents the readers with a star-like diagram that notes the five most important factors of WLAN security - theft, access control, authentication, encryption and safeguards. Throughout the book, these phases are discussed from various perspectives, highlighting the security issues and solutions that can relate to them. For the readers new to wireless technology, there is brief chapter dealing with comparisons between 802.11b and few other wireless standards and specifications. Although the chapter is called "Technology Comparison", you won't find any useful information here as 802.11b is "taken against" HomeRF, SWAP and BlueTooth. As from the technological standards point of view, few chapters later, author presents some brief information on all the members of 802.11 group of standards.
After introducing the readers with the world of wireless networks, it is time to cover the security threats, wireless networks and users are susceptible to. The security issues aren't covered in details and the author notes both the points of vulnerability, as well the common security pitfalls. The book is of a theoretical nature, so don't expect any practical examples of security/hacking tools or actual demonstration of vulnerabilities.
The rest of the book covers a plethora of topics surrounding wireless technology and the means of creating a secure wireless network. The advice given on this is, yet again, just theoretical. The reader will be introduced with a number of mixed up facts about WLAN authentication, privacy, encryption and management.
What I think of it
In a pool of recently published Wireless LAN security oriented books, I surely wouldn't recommend this one. Although the author is an experienced member of the Information Security community, the book looks a bit messed up. The publication covers a lot of WLAN security issues, but the way the author spreads them over these 300 pages, makes no logic for the reader. For a couple of times, Miller repeats the same concepts and descriptions through several chapters, which makes the content look even more scattered.
There is another negative thing about this book - it reminds me about a large company sponsored whitepaper. Why company sponsored you ask? It's because of the preface of the book. Usually prefaces contain some background information on the topic, strategies or even inspirations the author/s had for writing the book, but this one has something different - 2 pages of the author's self-advertising. After noting that security is an essential element that forms the cornerstone of every corporate network, Miller talks about his extensive experience and provides the reader (who paid for the book) a text advertisement where he presents his core offerings in the fields of business development, market research and cost-effective IT product selection.
One more thing that bothered me while reading the book were pictures accompanying the text material. The images look like they were provided by some kind of a marketing department where they were used in presentations for executives not familiar with basics of general WLAN security. Also, the images are too large, so they look like they were added there with purpose of making a 200 page book into a 300 page one.
With all the other WLAN security books, you should probably skip this one.