Wireless NetworksWireless NetworksTamus, Zoltán ÁdámTamus, Zoltán Ádám

zoltanadam_tamus@yahoo.com

http://adaminf.atw.huhttp://adaminf.atw.hu

Basics of CommunicationBasics of Communication

TransmitterTransmitter (coding)->Channel->(decoding) Receiver(coding)->Channel->(decoding) Receiver

The Radio-ChannelThe Radio-Channel

Wireless technologies use electromagnetic Wireless technologies use electromagnetic waves as channelwaves as channel RadioRadio wavewavess (freq. 30 kHz-30 GHz) (freq. 30 kHz-30 GHz) Light (Infra Red) (wavelength ~900 nm)Light (Infra Red) (wavelength ~900 nm)

Personal Area NetworksPersonal Area Networks

InterconnectInterconnecting ing devices without wiredevices without wire HeadsetsHeadsets NotebooksNotebooks PDA (Personal Digital Assistant)PDA (Personal Digital Assistant) Mobile phonesMobile phones GPSGPS Peripherals (Keyboard, Mouse, Printer, Game Peripherals (Keyboard, Mouse, Printer, Game

controller etc.) controller etc.)

BluetoothBluetooth 1998, Special Interest Group (Ericsson, IBM, 1998, Special Interest Group (Ericsson, IBM,

Intel, Nokia, Toshiba)Intel, Nokia, Toshiba) Uses radiofrequency: in the 2.4 GHz band, Uses radiofrequency: in the 2.4 GHz band,

frequency hopping spread spectrum systemfrequency hopping spread spectrum system Max. 1 Mb/sec bandwidthMax. 1 Mb/sec bandwidth Operating range ~10 m, but in high power Operating range ~10 m, but in high power

applications can be extended to 100 mapplications can be extended to 100 m

Personal Area NetworksPersonal Area Networks

Personal Area NetworkPersonal Area Network Bluetooth devicesBluetooth devices

Personal Area NetworkPersonal Area Network

IrDA (Infrared Data IrDA (Infrared Data Association) 1993Association) 1993 Use Infrared lightUse Infrared light Operating range Operating range

max. 1 mmax. 1 m Bandwidth: 4 Bandwidth: 4

Mb/sec.Mb/sec.

Local Area NetworksLocal Area Networks

HomeHome OfficesOffices Public WLAN, Wi-Fi Hot SpotsPublic WLAN, Wi-Fi Hot Spots

HotelsHotels AirportsAirports Net CafesNet Cafeshttp://www.wi-fihotspotlist.com/ http://www.hotspotter.hu/en/

Ad Hoc peer to peerAd Hoc peer to peer

Local Area NetworkLocal Area Network

Typical Typical WLAN WLAN application application in home or in home or small officesmall office

Local Area NetworkLocal Area Network

Network Access in BuildingsNetwork Access in Buildings Desktop PCsDesktop PCs NotebooksNotebooks PDAsPDAs

Local Area NetworksLocal Area Networks IEEE 802.11 standardIEEE 802.11 standard

802.11a802.11a 19991999 5 GHz band5 GHz band Max. 54 Mb/secMax. 54 Mb/sec

802.11b802.11b 2.5 GHz2.5 GHz Max. 11 Mb/secMax. 11 Mb/sec

802.11g 802.11g 2.5 GHz2.5 GHz Max. 54 Mb/secMax. 54 Mb/sec

SecuritySecurity Eavesdropping & EspionageEavesdropping & Espionage

Wireless technologies use radio waves. Wireless technologies use radio waves. Eavesdroppers can easily pick up Eavesdroppers can easily pick up unencrypted messages by listening the etherunencrypted messages by listening the ether

Rouge Access PointsRouge Access Points An employee of an organization might hook An employee of an organization might hook

up an access point without the permission or up an access point without the permission or even knowledge of IT.even knowledge of IT.

Accidental Associations Accidental Associations A wireless network is setup using the same A wireless network is setup using the same

SSID as your network and within range of your SSID as your network and within range of your wireless device. Connecting to another wireless device. Connecting to another wireless LAN can divulge passwords or wireless LAN can divulge passwords or sensitive document to anyone on the sensitive document to anyone on the neighbouring network neighbouring network

Denial of ServiceDenial of Service Flowing packages to the network take the Flowing packages to the network take the

resourcesresources RF interference with an external transmitterRF interference with an external transmitter

SecuritySecurity

SecuritySecurity Securing Wireless NetworksSecuring Wireless Networks

WEP (Wired Equivalent Privacy)WEP (Wired Equivalent Privacy) Problems: Easily vulnerable because of the Problems: Easily vulnerable because of the

permanent keys and the short initialization vectorpermanent keys and the short initialization vector

WPA (Wi-Fi Protocol Access)WPA (Wi-Fi Protocol Access) The clients use periodically changed different keysThe clients use periodically changed different keys

VPN (Virtual Private Network)VPN (Virtual Private Network)

AuthenticationAuthentication SSID (Service Set Identifier)SSID (Service Set Identifier)

Weakness in IEEE 802.11: the SSID is sent Weakness in IEEE 802.11: the SSID is sent without encrypting!without encrypting!

MAC address filteringMAC address filtering MAC (Media Access Control)MAC (Media Access Control) WEP not encodes the MAC field of the frame!WEP not encodes the MAC field of the frame!

SecuritySecurity

Setting up a wireless router Setting up a wireless router Connection to the broadband routerConnection to the broadband router Connecting a PCConnecting a PC

Access to Web-based utility software by Access to Web-based utility software by RouterRouter’’s IP addresss IP address

User Name: User Name: <blank><blank> Password: Password: adminadmin

Configuration Configuration

Setting up Internet ConnectionSetting up Internet Connection

DHCPDHCP Static IPStatic IP PPPoEPPPoE PPTPPPTP

Setting up Wireless NetworkSetting up Wireless Network Mode: B/GMode: B/G

SSID SSID Broadcasting ?Broadcasting ? ChannelChannel

Security SettingsSecurity Settings WEPWEP

Level of WEP encryption: 64-bit or 128-bitLevel of WEP encryption: 64-bit or 128-bit

WPAWPA WPA2WPA2 WPA2 MixedWPA2 Mixed

Set the Passphrase and Renewal periodSet the Passphrase and Renewal period

Security SettingsSecurity Settings

Access controlAccess control

MAC address MAC address filteringfiltering

Security PrecautionsSecurity Precautions

Change the default SSID. Disable SSID Broadcast. Change the default password for the

Administrator account. Enable MAC Address Filtering. Change the SSID periodically. Use the highest encryption algorithm possible.

Use WPA if it is available. Please note that this may reduce your network performance.

Change the WEP encryption keys periodically.