1 / 51

“In the name of ALLAH, most Beneficent and Merciful”

“In the name of ALLAH, most Beneficent and Merciful”. Technology. Presentation. ON. Group Members. Taha Khan Danish Hussain Saleem Qadeer Farrukh Ali Imran Khan Shah Mehmood. Contents. Introduction Wi-Fi Technologies Wi-Fi Architecture & Types Wi-Fi Network Elements

tamasine-mitsuyama
Télécharger la présentation

“In the name of ALLAH, most Beneficent and Merciful”

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. “In the name of ALLAH, most Beneficent and Merciful” BZUpages.com

  2. Technology Presentation ON BZUpages.com

  3. Group Members • Taha Khan • Danish Hussain • Saleem Qadeer • Farrukh Ali • Imran Khan • Shah Mehmood BZUpages.com

  4. Contents • Introduction • Wi-Fi Technologies • Wi-Fi Architecture & Types • Wi-Fi Network Elements • How a Wi-Fi Network Works • Wi-Fi Network Topologies • Wi-Fi Configurations • Applications of Wi-Fi • Wi-Fi Security • Advantages/ Disadvantages of Wi-Fi BZUpages.com

  5. Introduction • Wireless Technology is an alternative to Wired Technology, which is commonly used, for connecting devices in wireless mode. • Wi-Fi (Wireless Fidelity) is a generic term that refers to the IEEE 802.11 communications standard for Wireless Local Area Networks (WLANs). • Wi-Fi Network connect computers to each other, to the internet and to the wired network. BZUpages.com

  6. What is Wi-Fi • Wi-Fi or 802.11b/g is the wireless standard used for local area • networks operating at 2.4GHz. • Virtually every new laptop and mobile being sold today comes • already equipped with a compatible wireless WiFi adapter. • The WiFi dial-up wireless router is compatible with either • 802.11b or 802.11g adapters and allows local network data transfers at speeds of up to 11Mbps (megabits per second). • All Intel Centrino laptops as well as adapters marked 802.11a/g are compatible. BZUpages.com

  7. The Wi-Fi Technology Wi-Fi Networks use Radio Technologies to transmit & receive data at high speed: • IEEE 802.11b • IEEE 802.11a • IEEE 802.11g BZUpages.com

  8. IEEE 802.11b • Appear in late 1999 • Operates at 2.4GHz radio spectrum • 11 Mbps (theoretical speed) - within 30 m Range • 4-6 Mbps (actual speed) • 100 -150 feet range • Most popular, Least Expensive • Interference from mobile phones and Bluetooth devices which can reduce the transmission speed. BZUpages.com

  9. IEEE 802.11a • Introduced in 2001 • Operates at 5 GHz (less popular) • 54 Mbps (theoretical speed) • 15-20 Mbps (Actual speed) • 50-75 feet range • More expensive • Not compatible with 802.11b BZUpages.com

  10. IEEE 802.11g • Introduced in 2003 • Combine the feature of both standards (a,b) • 100-150 feet range • 54 Mbps Speed • 2.4 GHz radio frequencies • Compatible with ‘b’ BZUpages.com

  11. Wi-Fi Architecture & Types BZUpages.com

  12. WLAN Architecture We can manage the WLAN (wireless local area network) with several types: • Ad-Hoc Mode • Mesh Mode • Infrastructure Mode BZUpages.com

  13. Ad-Hoc Mode • Peer-to-peer setup where clients can connect to each other directly. Generally not used for business networks. BZUpages.com

  14. Ad Hoc Structure • Mobile stations communicate to each other directly. • It’s set up for a special purpose and for a short period of time. • For example, the participants of a meeting in a conference room may create an ad hoc network at the beginning of the meeting and dissolve it when the meeting ends. BZUpages.com

  15. Mesh Mode • Every client in the network also acts as an access or relay point, creating a “self-healing” and (in theory) infinitely extensible network. • Not yet in widespread use, unlikely to be in homes. BZUpages.com

  16. WLAN Architecture-Infrastructure Mode There is an Access Point (AP), which becomes the hub of a “star topology.” BZUpages.com

  17. Infrastructure network • There is an Access Point (AP), which becomes the hub of a “star topology.” • Any communication has to go through AP. If a Mobile Station (MS), like a computer, a PDA, or a phone, wants to communicate with another MS, it needs to send the information to AP first, then AP sends it to the destination MS • Multiple APs can be connected together and handle a large number of clients. • Used by the majority of WLANs in homes and businesses. BZUpages.com

  18. Elements of a WI-FI Network • Access Point (AP) - The AP is a wireless LAN “base station” that can connect one or many wireless devices simultaneously to the Internet. • Wi-Fi cards - They accept the wireless signal and relay information.They can be internal and external.(e.g PCMCIA Card for Laptop and PCI Card for Desktop PC) • Safeguards - Firewalls and anti-virus software protect networks from uninvited users and keep information secure. BZUpages.com

  19. Antennas, Antennas come in all shapes and styles: • Omni-directional: • Vertical Whip • Ceiling mount • Directional: • Yagi (“Pringles can”) • Wall mounted panel • Parabolic dish BZUpages.com

  20. Types of Hardware BZUpages.com

  21. How a Wi-Fi Network Works • Basic concept is same as Walkie talkies. • A Wi-Fi network is created by installing an access point to an internet connection. • An access point acts as a base station. BZUpages.com

  22. A single access point can support up to 30 users and can function within a range of 100 – 150 feet indoors and up to 300 feet outdoors. • Many access points can be connected to each other via Ethernet cables to create a single large network. BZUpages.com

  23. Wi-Fi Network Topologies BZUpages.com

  24. Wi-Fi Network Topologies • AP-based topology (Infrastructure Mode) • Peer-to-peer topology (Ad-hoc Mode) • Point-to-multipoint bridge topology BZUpages.com

  25. AP-based topology • The client communicate through Access Point. • BSA-RF coverage provided by an AP. • ESA-It consists of 2 or more BSA. • ESA cell includes 10-15% overlap to allow roaming. BZUpages.com

  26. Peer-to-peer topology • AP is not required. • Client devices within a cell can communicate directly with each other. • It is useful for setting up of a wireless network quickly and easily. BZUpages.com

  27. Point-to-multipoint bridge topology This is used to connect a LAN in one building to a LANs in other buildings even if the buildings are miles apart.These conditions receive a clear line of sight between buildings. The line-of-sight range varies based on the type of wireless bridge and antenna used as well as the environmental conditions. BZUpages.com

  28. Wi-Fi Configurations BZUpages.com

  29. Wi-Fi Applications • Home • Small Businesses • Large Corporations & Campuses • Health Care • Wireless ISP (WISP) • Travellers BZUpages.com

  30. Wireless Security BZUpages.com

  31. Wi-Fi Security Threats • Wireless technology doesn’t remove any old security issues, but introduces new ones • Eavesdropping • Man-in-the-middle attacks • Denial of Service BZUpages.com

  32. Eavesdropping • Easy to perform, almost impossible to detect • By default, everything is transmitted in clear text • Usernames, passwords, content ... • No security offered by the transmission medium • Different tools available on the internet • Network sniffers, protocol analysers . . . • Password collectors • With the right equipment, it’s possible to eavesdrop traffic from few kilometers away BZUpages.com

  33. Man-in-the-middle attacks • Attacker spoofes a disassociate message from the victim • The victim starts to look for a new access point, and the attacker advertises his own AP on a different channel, using the real AP’s MAC address • The attacker connects to the real AP using victim’s MAC address BZUpages.com

  34. Denial of Service • Attack on transmission frequecy used • Frequency jamming • Not very technical, but works • Attack on MAC layer • Spoofed deauthentication / disassociation messages • can target one specific user • Attacks on higher layer protocol (TCP/IP protocol) • SYN Flooding BZUpages.com

  35. Wi-Fi Security The requirements for Wi-Fi network security can be broken down into two primary components: • Authentication • User Authentication • Server Authentication • Privacy BZUpages.com

  36. Authentication • Keeping unauthorized users off the network • User Authentication • Authentication Server is used • Username and password • Risk: • Data (username & password) send before secure channel established • Prone to passive eavesdropping by attacker • Solution • Establishing a encrypted channel before sending username and password BZUpages.com

  37. Server Authentication • Digital Certificate is used • Validation of digital certificate occurs automatically within client software BZUpages.com

  38. Security Techniques BZUpages.com

  39. Wi-Fi Security Techniques • Service Set Identifier (SSID) • Wired Equivalent Privacy (WEP) • 802.1X Access Control • Wireless Protected Access (WPA) • IEEE 802.11i BZUpages.com

  40. Service Set Identifier (SSID) • SSID is used to identify an 802.11 network • It can be pre-configured or advertised in beacon broadcast • It is transmitted in clear text • Provide very little security BZUpages.com

  41. Wired Equivalent Privacy (WEP) • Provide same level of security as by wired network • Original security solution offered by the IEEE 802.11 standard • Uses RC4 encryption with pre-shared keys and 24 bit initialization vectors (IV) • key schedule is generated by concatenating the shared secret key with a random generated 24-bit IV • 32 bit ICV (Integrity check value) • No. of bits in keyschedule is equal to sum of length of the plaintext and ICV BZUpages.com

  42. Wired Equivalent Privacy (WEP) • 64 bit preshared key-WEP • 128 bit preshared key-WEP2 • Encrypt data only between 802.11 stations.once it enters the wired side of the network (between access point) WEP is no longer valid • Security Issue with WEP • Short IV • Static key • Offers very little security at all BZUpages.com

  43. 802.1x Access Control • Designed as a general purpose network access control mechanism • Not Wi-Fi specific • Authenticate each client connected to AP (for WLAN) or switch port (for Ethernet) • Authentication is done with the RADIUS server, which ”tells” the access point whether access to controlled ports should be allowed or not • AP forces the user into an unauthorized state • user send an EAP start message • AP return an EAP message requesting the user’s identity • Identity send by user is then forwared to the authentication server by AP • Authentication server authenticate user and return an accept or reject message back to the AP • If accept message is return, the AP changes the client’s state to authorized and normal traffic flows BZUpages.com

  44. 802.1x Access Control BZUpages.com

  45. Wireless Protected Access (WPA) • WPA is a specification of standard based, interoperable security enhancements that strongly increase the level of data protection and access control for existing and future wireless LAN system. • User Authentication • 802.1x • EAP • TKIP (Temporal Key Integrity Protocol) encryption • RC4, dynamic encryption keys (session based) • 48 bit IV • per packet key mixing function • Fixes all issues found from WEP • Uses Message Integrity Code (MIC) Michael • Ensures data integrity • Old hardware should be upgradeable to WPA BZUpages.com

  46. Wireless Protected Access (WPA) • WPA comes in two flavors • WPA-PSK • use pre-shared key • For SOHO environments • Single master key used for all users • WPA Enterprise • For large organisation • Most secure method • Unique keys for each user • Separate username & password for each user BZUpages.com

  47. WPA and Security Threats • Data is encrypted • Protection against eavesdropping and man-in-the-middle attacks • Denial of Service • Attack based on fake massages can not be used. • As a security precaution, if WPA equipment sees two packets with invalid MICs within a second, it disassociates all its clients, and stops all activity for a minute • Only two packets a minute enough to completely stop a wireless network BZUpages.com

  48. 802.11i • Provides standard for WLAN security • Authentication • 802.1x • Data encryption • AES protocol is used • Secure fast handoff-This allow roaming between APs without requiring client to fully reauthenticate to every AP. • Will require new hardware BZUpages.com

  49. Advantages • Mobility • Ease of Installation • Flexibility • Cost • Reliability • Security • Use unlicensed part of the radio spectrum • Roaming • Speed BZUpages.com

  50. Disadvantages • Interference • Degradation in performance • High power consumption • Limited range BZUpages.com

More Related