Introduction Wi-Fi Technologies Wi-Fi Protocols Wi-Fi Channel Wi-Fi Network Elements How a Wi-Fi Network Works Wi-Fi Network Topologies Wi-Fi Security Threats Wi-Fi Security Techniques Advantages/ Disadvantages of Wi-Fi
Wi-Fi(Wireless Fidelity) is a generic term that refers to the IEEE 802.11 communications standard for Wireless Local Area Networks (WLANs). Wi-Fi is the wireless way to handle networking. Wi-Fi Network can connect computers to each other, to the internet and to the wired network.
Wi-Fi Networks use Radio Technologies to transmit & receive data at high speed: Wi-Fi protocols: There are several new extensions have been added to the core 802.11 protocols. IEEE 802.11b IEEE 802.11a IEEE 802.11g
Appear in late 1999 Operates at 2.4GHz radio spectrum 11 Mbps (theoretical speed) - within 30 m Range 4-6 Mbps (actual speed) 100 -150 feet range Most popular, Least Expensive Interference from mobile phones and Bluetooth devices which can reduce the transmission speed.
Introduced in 2001 Operates at 5 GHz (less popular) 54 Mbps (theoretical speed) 15-20 Mbps (Actual speed) 50-75 feet range More expensive Not compatible with 802.11b
Introduced in 2003 Combine the feature of both standards (a,b) 100-150 feet range 54 Mbps Speed 2.4 GHz radio frequencies Compatible with ‘b’
Direct Sequence Spread Spectrum (DSSS) Frequency Hoping Spread Spectrum (FHSS) Orthogonal Frequency Division Multiplexing(OFDM)
Direct sequence signaling technique divides the 2.4 GHz band into 11 22-MHz channels. Adjacent channels overlap one another partially, with three of the 11 being completely non- overlapping. Data is sent across one of these 22 MHz channels without hopping to other channels.
Each of three UNII bands(lower,upper & middle) provides 4 chennels for communication in 802.11a network. Chennels are separated with no overlapping. Each channel is 20MHz wide surrounding the center frequency.
FHSS system hop from frequency to frequency using a pseudorandom hopping sequence. This hopping sequence or pattern is defined as the channel.
THREE IMPORTANT CONCEPTS Data Rate Actual Throughput Dynamic Rate Selection
Access Point (AP) - The AP is a wireless LAN transceiver or “base station” that can connect one or many wireless devices simultaneously to the Internet. Wi-Fi cards - They accept the wireless signal and relay information.They can be internal and external.(e.g PCMCIA Card for Laptop and PCI Card for Desktop PC) Safeguards - Firewalls and anti-virus software protect networks from uninvited users and keep information secure.
Basic concept is same as Walkie talkies. A Wi-Fi hotspot is created by installing an access point to an internet connection. An access point acts as a base station. When Wi-Fi enabled device encounters a hotspot the device can then connect to that network wirelessly. A single access point can support up to 30 users and can function within a range of 100 – 150 feet indoors and up to 300 feet outdoors. Many access points can be connected to each other via Ethernet cables to create a single large network.
Wireless network can function in one of two basic modes: 1) Ad-hoc 2) Infrastructure
Wireless technology doesn’t remove any old security issues, but introduces new ones Eavesdropping Man-in-the-middle attacks Denial of Service
Easy to perform, almost impossible to detect By default, everything is transmitted in clear text Usernames, passwords, content... No security offered by the transmission medium Different tools available on the internet Network sniffers, protocol analysers... Password collectors With the right equipment, it’s possible to eavesdrop traffic from few kilometers away.
1. Attacker spoofes a disassociate message from the victim 2. The victim starts to look for a new access point, and the attacker advertises his own AP on a different channel, using the real AP’s MAC address 3. The attacker connects to the real AP using victim’s MAC address
Attack on transmission frequecy used Frequency jamming Not very technical, but works Attack on MAC layer Spoofed deauthentication / disassociation messages can target one specific user
The requirements for Wi-Fi network security can be broken down into two primary components: Authentication User Authentication Server Authentication Privacy
Service Set Identifier Hiding(SSID) Wired Equivalent Privacy (WEP) 802.1X Access Control Wireless Protected Access (WPA) IEEE 802.11i
Mobility Easy Installation Flexibility Cost Reliability Use unlicensed part of the radio spectrum Speed
Interference High power consumption Limited range Security