Transcript Ch12

Chapter Overview


Wireless Technologies
Wireless Security
1
Wireless communication

Wireless communication is the transfer of information over a distance
without wire



Wireless communication can be via:




Short distance – TV remote
Long distance – radio
radio frequency communication,
microwave communication, for example long-range line-of-sight via highly
directional antennas, or short-range communication, or
infrared (IR) short-range communication, for example from remote controls
or via Infrared Data Association (IrDA).
Applications may involve

point-to-point communication, point-to-multipoint communication,
broadcasting, cellular networks and other wireless networks.
2
Wireless networking




Use various types of unlicensed 2.4 and 5 GHz WiFi
(Wireless Fidelity) devices
Is used to connect computers (mostly laptops) users
Another common use is for mobile networks that connect via
satellite.
We use wireless network:




To span a distance beyond the capabilities of typical cabling to
overcome situations where wiring is difficult or financially impractical,
To link portable or temporary workstations,
To remotely connect mobile users or networks.
Generally, we refer them as IEEE 802.11
3
Basic operation model



Half-duplex
Broadcast
Using 2.4 and 5 GHz radio frequencies


These are FCC released for public use
The 900MHz and 2.4 GHz are referred as ISM
(Industrial, Scientific, and Medical)


The reason you cannot use cell phone in hospitals
The 5 GHz is knowns as (UNII) Unlicensed
National Information Infrastructure
4
Where is 2.4 GHz
5
802.11 network standards (Wiki)
802.1
Freq. Bandwidth
Release
Protoco
(GHz)
l
–
Jun-97 2.4
5
Data rate per
stream
1, 2
DSSS
1
OFDM
1
DSSS
(Mbit/s)
20
a
Sep-99
3.7
20
b
Sep-99
2.4
20
1, 2, 5.5, 11
n
Jun-03
2.4
Oct-09 2.4/5
20
1, 2, 6, 9, 12, 18,
24, 36, 48, 54
7.2, 14.4, 21.7,
28.9, 43.3, 57.8,
65, 72.2
40
15, 30, 45, 60,
90, 120, 135, 150
20
Modulation
MIMO
streams
1
(MHz)
6, 9, 12, 18, 24,
36, 48, 54
g
Allowabl
e
1
4
Apx.
indoor
range
Apx. Outdoor
range
(m) (ft)
(m)
(ft)
20 66
35 115
100
120
330
390
5,000
16,000
38 125
140
460
OFDM, DSSS 38 125
140
460
70 230
250
820
70 230
250
820
OFDM
--
--
6
In door range
7
Channels
8
Benefits of 802.11n


Up to 250 Mbps
40 Mhz channels


MAC Efficiency



Less protocol communication overhead
Multiple-Input Multiple-Output (MIMO) support
(pronounced my-moh or me-moh)


Waste less “real estate”
Need support of both NIC and AP
Great for home video
$$$, with little business values
9
MIMO
10
Wireless Network Components

Wireless Access Points



Can be very different for an enterprise vs. home usage
Always has a port to connect to wired network
Wireless Network Interface Card

Many types



Build in
PCI
USB
11
Antennas


Omni directional
Directional (Yagi)


Point to point
Longer range
12
Installing a wireless network

Add an access point (AP)

Configure it with its IP address 192.168.1.2 and a browser or
software cames with it

At least add a name for your network




You can select not to broadcast the network name, but it must have a name
(also called Service Set ID, SSID)
May consider not to set the security initially
Make sure the wired ports work
NIC part


Turn on the Wi-Fi button and let your computer search for a Wi-Fi
network
Move it up the list of networks if necessary
13
Infrastructure Mode: Basic Service Set (BSS)
14
Security


Open access out of the box
Basic security

Service Set ID – need to know the network to access




The device name
Does not have to broadcast
SSID is sent clear text in client messages (required )
Shared key authentication Wired Equivalent Privacy (WEP)


A key entered at the NIC config
AP sends client a message and asks the client to encrypt with the key
and authenticated only if it can do that


It is possible to decipher the key with the clear text and the respond
Or just “replay” if the same message is sent for authentication
15
Security (2)

Wired Equivalent Privacy (WEP)






A key entered at the NIC config and AP config
Key must match in order to communicate with the AP
Save enough for home network, not suitable for large networks
May have multiple so you can issue a few temporary ones
Still has holes
MAC address authentication

The MAC address of NICs are entered to communicate
16
Security (3)

RADIUS (Remote Authentication Dial In User
Service)


Authentication, Authorization, centralized access,
and accounting supervision
User ID and password in clear text on the RADIUS
server
17
Security (4)

TKIP (Temporal Key Integrity Protocol)



Build on top of WEP
Use up to 128-bit encryption
Each package has it own key = Basic Key + Mac
Address + 48-bit packet serial number



Cannot replay
Can still be attacked (differ from our book)
Wi-Fi Protected Access (WPA and WPA2)

Use an encryption mode with mathematically proven
security when select AES as the encryption method
18
WPA/WPA2
19
Locking things down

Once you have tested the AP and NIC with
open access – no security, locking everything
down with WPA
20
Wireless for enterprise

Very different game


APs need to have 10% overlap in terms of coverage
areas
Security considerations



Keys
MAC
Accounting
21
The ad hoc mode



Computer and computer can communicate
without access points
Generally not recommended
Need to change setting at the NIC configuration
level
22
?

Will wireless networks replace wired networks
23