Tyler Wrightson, CISSP, CCSP, CCNA, CCDA, MCSE, is the author of Wireless Security: A Beginner’s Guide (McGraw-Hill; 2012), the founder and president of Leet Systems, a next-generation security service provider, and Frigdo.com, a free online events search engine. He is currently a senior security consultant for Integralis, Inc., where he specializes in offensive security engagements and penetration testing. Follow Tyler’s security blog athttp://blog.leetsys.com or follow him on twitter @tbwrightson.
1. As an IT professional, you specialize in areas such as penetration testing and offensive security engagements. What were some of the reasons behind your decision to add “author” to your list of accomplishments?
I love to read, especially non-fiction. I’m typically reading at least half a dozen books, with the majority being IT related books. I’ve also taught a few classes in the past and have always enjoyed helping people learn new things. I knew that it was only a matter of time before I took my love for reading and teaching and wrote a book.
2. What is it about the current state of affairs in the wireless network security realm that prompted you to write “Wireless Network Security: A Beginner’s Guide”?
McGraw-Hill had a great idea for a series that really made sense to me. The beginners guides are a way for people who are already in the IT industry to get up to speed quickly in a specific area. It definitely fit my writing style as I prefer the no fluff and no nonsense approach. The wireless security realm is still very young and it’s been so interesting to watch it develop from the beginning. The proliferation of extremely simple attack tools really helped create the impetus for a good no nonsense book on securing wireless networks.
3. In what ways is your book different from other books focusing on wireless network security?
My book focuses on practical hands on concepts for both attacking and defending wireless networks rather than just a technical brain dump of how wireless security works under the hood. I think there are other really good books on attacking wireless networks but I think they can be a little too verbose and they fail a little short of helping IT administrators or network engineers come up with good ways of securing wireless networks.
4. If you had had access to a book like “Wireless Network Security: A Beginner’s Guide” when you first started your IT career, how might it have changed the way you operated?
It would have simply made it easier to execute attacks and allow me to create secure wireless networks. I have always appreciated books that can get me up to speed quickly on complex topics.
5. What are some of the major misconceptions that IT professionals have in terms of best practices in wireless network security and how can your book help?
I think the biggest and probably most dangerous misconception is simply that administrators don’t need to worry about attackers; assuming that it’s uncommon to actually have a wireless network attacked. Thus many administrators assume that just a few basic security settings are enough to secure their wireless network. Many administrators also forget about the security of their wireless clients. Unfortunately it’s become so easy to execute attacks against wireless networks and clients that security can’t be ignored.
6. In your book, you not only inform IT professionals about the numerous attack vectors that zero in on wireless networks and clients, but also provide tips for combating them. How would your beginner’s guide benefit IT professionals who already have lots of experience in the wireless network security space?
There are definitely some new concepts and ideas even for experienced IT professionals in both attacking and defending wireless networks. Of course if you have a ton of experience the book could also serve as a very nice paper weight.
7. If there was only one thing people could remember after reading your book, what would it be?
If you actively attack your networks using the same techniques as attackers then you’ll have the correct perspective to build a secure network.
8. Anything else you care to add?
Don’t just assume that you need wireless technologies in your business, sometimes the risk added far outweighs any operational benefits. Also, buy my book :D