1 / 50

Wireless LANs

Wireless LANs. Overview. What is Wireless? The term wireless refers to telecommunication technology, in which radio waves, infrared waves and microwaves, instead of cables or wires, are used to carry a signal to connect communication devices.

teneil
Télécharger la présentation

Wireless LANs

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Wireless LANs

  2. Overview • What is Wireless?The term wireless refers to telecommunication technology, in which radio waves, infrared waves and microwaves, instead of cables or wires, are used to carry a signal to connect communication devices. • These devices include pagers, cell phones, portable PCs, computer networks, location devices, satellite systems and handheld digital assistants. • Wireless networking is the transmission of data using a physical topology, not direct physical links.

  3. Wireless Landscape WiMAX as a last-mile alternative for remote areas not currently served by DSL or cable

  4. 2.5 GHz Service Circuit and Packet Data Cellular, CDPD, Mobitex, DataTac Broadband PCS Narrowband PCS Wireless Data Networks 50 Mbps 802.11 is WiFi WAP is small handhelds Spread Spectrum Wireless LANs 10 Mbps Infrared Wireless LANs 2 Mbps 1 Mbps Data Rates 56 Kbps 19.6 Kbps Narrow Band Wireless LANs Satellite 9.6 Kbps Local Wide Coverage Area

  5. PAN LAN MAN WAN 802.11a, 11b, 11g HiperLAN2 802.11 MMDS, LMDS GSM, GPRS, CDMA, 2.5–3G Standards Bluetooth Speed <1 Mbps 2–54+ Mbps 22+ Mbps 10–384 Kbps Range Short Medium Medium–Long Long PDAs, Mobile Phones, Cellular Access Peer-to-Peer Device-to-Device Enterprise Networks Fixed, Last Mile Access Applications Wireless Technologies WAN (Wide Area Network) MAN (Metropolitan Area Network) LAN (Local Area Network) PAN (Personal Area Network)

  6. Wireless • Two of the most common point-to-multipoint systems are: • Wireless Application Protocol (WAP) • a system developed to send data to small handheld devices such as cellular phones, wireless e-mail handhelds, and PDAs. • IEEE 802.11 • The 802.11 protocol has been standardized by the IEEE for wireless local area networks and has three versions currently in production, 802.11b, 802.11a, and the most recent 802.11g.

  7. Bluetooth • Bluetooth wireless technology is a short-range radio technology. • Bluetooth wireless technology makes it possible to transmit signals over short distances between telephones, computers and other devices and thereby simplify communication and synchronization between devices. • The Bluetooth wireless technology comprises hardware, software and interoperability requirements. • Transmits at up to 1 Mbps over a distance of 33 feet and is not impeded by physical barriers

  8. Bluetooth – Blue Snarfing • Blue-snarfing, the technique leaves no trace of intrusion, steals the contents of a cellphone's address book , or even gain access to a user's laptop. • "Bluejacking" allows a user to send an anonymous and unauthorized message to another cell user. It has become primarily a means of entertainment for some individuals in crowded places - who'll send anonymous comments like "I like your tie" to people nearby. Bluetooth was named after the 10th century Danish King Harold Bluetooth, who was responsible for unifying Scandinavia

  9. Applications

  10. Home Wireless Network

  11. Advantages Freedom – work anywhere Quick, effortless installation No cables to buy Save cabling time and hassle Easy to expand Available in Hotspots at coffee shops, businesses, airports Great on the road Disadvantages Higher cost Slower speed Shorter range Least efficient way to move large amounts of data Less Secure Advantages and Disadvantages of Wireless Home Networks http://www.linksys.com/edu/ourhouse.asp

  12. A few San Diego HotSpots http://www.socalfreenet.org/ • Sorrento Valley Food Court - corner of Mira Mesa Boulevard and Scranton Road near the 5/805 junctionSorrento Mesa area building campus near Karl StraussSanta Fe Depot - Amtrak StationOne America Plaza - 600 West BroadwayGelato Vero Caffe - 3753 India St. - 619-295-9269Influx - 1948 BroadwayLittle Italy Wi-Fi - free for introductory period - India Street between Cedar & FirUniversity of San Diego campusMount Etna Park - 4741 Mount Etna DriveBest Western Hacienda - lobby area - Old TownGolden Hill neighborhood - 4 locations - near 2035, 2426 Broadway, 26th and Broadway, 2302 C StSherman Heights neighborhood - 20th between Island and J StreetTravel University International - 3870 Murphy Canyon Road Suite 310 - 858-292-9755 Aztec Coin Laundry - 6931 El Cajon BlvdLestat's Coffee House - 3343 Adams Avenue - (619) 282-0437San Diego Public Library locations (eventual plans for all branches)Mission Valley Branch - 2123 Fenton ParkwayPoint Loma/Hervey Branch - 3701 Voltaire St.San Diego Technical Bookstore - 7512 Clairemont Mesa Blvd. - (858) 279-4990It's a Grind Coffeeshop - 13350 Camino Del Sur, Suite 9. - 858.780.2601Bandwidth Bay project provides access at the outdoor sitting area on the east side of the building at 225 BroadwayHotel Del Coronado - lobby area - Coronado Island

  13. Wi-Fi™ • Wi-Fi™ Alliance • Wireless Fidelity Alliance • 170+ members • Over 350 products certified • Wi-Fi’s™ Mission • Certify interoperability of WLAN products (802.11) • Wi-Fi™ is the “stamp of approval” • Promote Wi-Fi™ as the global standard

  14. Components

  15. WLAN Devices In-building Infrastructure Access Points • Combo (802.11a and 802.11b) • (802.11b) • (802.11b) not shown Bridge

  16. WLAN Devices Clients • 2.4 GHz client adapter (802.11b) • 5 GHz client adapter (802.11a) • Workgroup bridge (802.11b) Antenna • 2.4GHz • 5 GHz Antennas

  17. Cable, Accessories, Wireless IP Phone Cable and Accessories • Low Loss Cable • Antenna Mounts • Lightening Arrestor • Wireless IP Phone

  18. Optional 2.4GHz Antennas for Long Range • 13.5 dBi Yagi • Distances over • 7.3 miles @ 2 Mbps • 11.7 Km @ 2 Mbps • 3.6 miles @ 11 Mbps • 5.8 Km @ 11 Mbps • 21 dBi Solid Dish • For distances up to • 25+ miles @ 2 Mbps • 40+ Km @ 2 Mbps • 20.5 miles @ 11 Mbps • 33 Km @ 11 Mbps Note: Distances include 50 feet of low loss cable and 10 dB fade margin

  19. WLAN Standards

  20. 802.11 • Introduced in 1990 • Defined cable-free local area network with either fixed or mobile locations that transmit at either 1 or 2 Mbps which was insufficient for most network applications • A new standard was developed for sending packetsized data traffic over radio waves in the unlicensed 2.4 Ghz band. • Unlicensed, means it does not have to be certified by the FCC, and devices could possible share the bandwidth with other devices such as cordless phones, baby monitors etc.

  21. IEEE 802.11 Standards Activities • 802.11a: 5GHz, 54Mbps • 802.11b: 2.4GHz, 11Mbps • 802.11d: Multiple regulatory domains • 802.11e: Quality of Service (QoS) • 802.11f: Inter-Access Point Protocol (IAPP) • 802.11g: 2.4GHz, 54Mbps • 802.11h: Dynamic Frequency Selection (DFS) and Transmit Power Control (TPC) • 802.11i: Security • 802.11j: Japan 5GHz Channels (4.9-5.1 GHz) • 802.11k: Measurement

  22. Which Standard is right for me?

  23. 802.11b 802.11g 802.11a Frequency Band 2.4 GHz 5 GHz 2.4 GHz Worldwide US/AP Worldwide Availability MaximumData rate 11 Mbps 54 Mbps 54 Mbps Cordless Phones Microwave Ovens Wireless Video Bluetooth Devices Cordless Phones Microwave Ovens Wireless Video Bluetooth Devices Other Services (Interference) HyperLAN Devices The Laws of Radio Dynamics: Higher Data Rates = Shorter Transmission RangeHigher Power Output = Increased Range, but Lower Battery LifeHigher Frequency Radios = Higher Data Rates Shorter Ranges

  24. Topology

  25. Ad Hoc Topology • Peer-to-Peer (Ad Hoc) Topology • Can consist of 2 or more PCs with wireless network adapters. • Sometimes called an Independent BSS (IBSS). • Limited range.

  26. Infrastructure

  27. 802.11 Authentication and Association • The 802.11 standard includes rudimentary authentication and confidentiality controls. • Authentication is handled in its most basic form by the 802.11 access point (AP). • It forces the clients to perform a handshake when attempting to “associate” to the AP. Association is the process needed before the AP will allow the client to talk across the AP to the network. • Association occurs only if the client has all the correct parameters needed such as the service set identifier (SSID) in the handshake.

  28. Challenges and Issues

  29. Performance The actual performance of your wireless network depends on a number of factors, including: • In an Infrastructure environment, your distance from the access point. As you get farther away, the transmission speed will decrease. • Structural interference. The shape of your building or structure, the type of construction, and the building materials used may have an adverse impact on signal quality and speed. • The placement and orientation of the wireless devices.

  30. Radio Signal Interference Since the frequency is unlicensed, any device operating in the 2.4 GHz spectrum may cause network interference with a 802.11b wireless device. Some devices that may prove troublesome include 2.4 GHz cordless phones, microwave ovens, adjacent public hotspots, and neighboring 802.11b wireless LANs.

  31. Interference (cont.) Cardboard Paper Wood Firewalls Fluorescent Lighting Microwave Ovens Electrical Transformers

  32. Health Issues

  33. The Security Attack—Recon and Access War Chalking, War Driving, War Flying, Blue Snarfing

  34. Wireless LAN Security - War Driving “War Driving” Hacking into WEP War driving (drive-by hacking or LAN-jacking) is a play on “war dialing”. War dialing, in turn, comes from the 1983 movie War Games, now a classic in computer cracking circles. Literally, war driving is using a laptop‘s to pick up unsecured wireless networks for anonymous and free high-speed Internet access, akin to stealing long-distance phone service.

  35. War Chalking • Welcome to Warchalking! Warchalking is the practice of marking a series of symbols on sidewalks and walls to indicate nearby wireless access. That way, other computer users can pop open their laptops and connect to the Internet wirelessly. It was inspired by the practice of hobos during the Great Depression to use chalk marks to indicate which homes were friendly.

  36. War Flying • War flying uses airplanes to find the wireless access points. The obvious advantage is the extra height provides an unobstructed line. • Some people think war driving is illegal. Actually accessing someone's network is illegal, but detecting the network is not. You can think of war driving as walking up to a house, and checking to see if the door is unlocked. If you find an unlocked door, you write down the address and move to the next house. It becomes illegal when you open the door and walk in, which is similar to accessing the Internet through a AP without the owner's permission.

  37. WLAN Security Hierarchy Enhanced Security 802.1x, TKIP/WPA Encryption, Mutual Authentication, Scalable Key Mgmt., etc. Basic Security Open Access 40-bit or 128-bitStatic WEP Encryption No Encryption, Basic Authentication Home Use Business Public “Hotspots” VirtualPrivateNetwork (VPN) Business Traveler, Telecommuter Remote Access

  38. Using a Sniffer • Specialized sniffer tools have emerged recently, with a single objective, to crack WEP keys. • A sniffer and a wireless network card are a powerful attack tool. • A shared media wireless network exposes all packets to interception and logging. • They work by exploiting weak initialization vectors in the encryption algorithm. • To exploit this weakness, you need a certain number of ciphertext packets. However, once you have captured enough packets, the program can decipher the encryption key being used very quickly. • Popular wireless sniffers are Ethereal, WildPackets AiroPeek and Sniffer Pro 4.0.

  39. NetStumbler • The most widely used of these programs is called Netstumbler by Marius Milner. • It listens for access point beacon frames in a range and logs all available information about the access point for later analysis. • If the computer has a GPS unit attached to it, the program also logs the coordinates of the access point. • This information can be used to return to the access point, or to plot maps of access points in a city. • This is a Windows-based application, but there are programs that work on the same principle for Mac, BSD, Linux, and other operating systems.

  40. 802.11 Security Tools • WEP • WPA, • 802.11i • SSID • MAC Filtering • VPN • Userid and Password

  41. Product Review • Linksys - http://www.linksys.com/products • DLink – http://www.dlink.com/products • Netgear – http://www.netgear.com/products/wireless.php • Belkin – http://www.belkin.com • Cisco – http://www.cisco.com • Review - http://reviews-zdnet.com.com/Routers/4540-3319_16-20817312-4.html?tag=tab

  42. Installation

  43. DHCP ( Dynamic Host Configuration Protocol) • DHCP's purpose is to enable individual computers on an IP network to extract their configurations from a server (the 'DHCP server') or servers, in particular, servers that have no exact information about the individual computers until they request the information. • The overall purpose of this is to reduce the work necessary to administer a large IP network. The most significant piece of information distributed in this manner is the IP address.

  44. DNS (Domain Name Server)and DDNS (Dynamic Domain Name Server) • DNS – translates more or less alphabetic domain names into IP addresses. Because the internet is based on IP addresses, everytime a URL (www.cuyamaca.net) is used, a DNS server must translate the name into a corresponding IP. • DDNS - DDNS lets you assign a fixed host and domain name to a dynamic Internet IP address. It is useful when you are hosting your own website, FTP server, or other server behind the Gateway.

  45. MAC Addresses • Short for Media Access Control address, a hardware address that uniquely identifies each node of a network. • MAC addresses are in Hexadecimal which can represent binary numbers in a more readable form. • Hexadecimal is a base16 number system, 0-9 and A-F.

  46. SSID • Service Set Identifier. A unique identifier that stations must use to be able to communicate with an Access Point. The SSID can be an alphanumeric entry up to a maximum of 32 character. • If broadcast is enabled, most Wi-Fi cards will see them. If disabled, other cards won’t see your router and you are in a kind of stealth mode. If broadcast is on, then WEP is mandatory.

  47. Firewall Security • The term firewall is a blanket term describing security measures that protect a network. • A router with a built-in firewall protects your entire local network, like an alarm system for your house. • Software firewalls implemented on individual computers protect the computers themselves. • Using SPI (stateful packet inspection), the firewall in the WRT54GS will inspect the source and destination addresses of data packets passing through from the internal network and the Internet.  • If an incoming packet from the Internet does not belong to a currently opened connection from the internal network, it is dropped and not allowed to pass.

  48. WEP • WEP is a key. • WEP scrambles communications between AP and client. • AP and client must use same WEP keys. • WEP keys encrypt unicast and multicast. • WEP is easily attacked

  49. Port Forwarding and Port Triggering • Port forwarding is a method that allows you to run a server behind the router.  Port Forwarding opens a specific port to a computer behind the router, allowing all Incoming Traffic on that port to be sent directly to that server.  • It should be used to setup servers behind the router, typically Port Triggering is a better choice for non server applications (Such as instant messengers and game servers). • Port Triggering is a method which allows multiple computers on your LAN to access a server (Such as a game server or an instant messenger).  Port triggering will only work if an out going, "Trigger" request is made.  Once the trigger request is sent out, the router will open the "Incoming" ports for that computer. 

  50. VPN • When you use a VPN, you are creating a secure connection between your network and another one over the Internet. This is done by creating a "tunnel". • A VPN tunnel connects the two PCs and allows data to be transmitted over the Internet as if it were still within those networks. Not a literal tunnel, it is a connection secured by encrypting the data sent between the two networks. This encrypted data "tunnels" through the open region of the Internet.

More Related