Bitmindframes cisco study guides
Why use wireless?
Networks are evolving to support people on the move
Many different infastructures (wired LAN, service providers) allow mobility.
Productivity is no longer restricted to a fixed work location or a defined time period.
WLAN's reduce cost.
COMPARING WLAN to a LAN
The dominant IEEE 802 groups are 802.3 & 802.11
However there are important differences between the two
Radio Frequency has no boundaries like a wire so data frames travel to anyone that can receive Radio Frequency signals. Radio Frequency is un protected from outside signals.
Radio Frequency has some unique challenges, The further from the source the weaker the transmission.
Radio Frequency bands are regulated differently in different countries. In a wireless topology a wireless AP can be used instead of a switch.
WLANs hosts contend for access to the Radio Frequency media.
802.11 uses collision avoidance instead of Collision detection.
WLANS use a different frame format than ethernet lans.
WLANS require additional info in the L2.
WLANS raise privacy issues since RF can reach outside the facility.
INTRO TO WIRELESS LANS
802.11 LANS extend the 802.3 infrastructure to provide additional connectivity options
Requires additional components & protocols
In 802.3 the switch is the AP for clients
In 802.11 clients use a wireless adapter to access a wireless router or AP
Once connected wireless clients can access resources just as if they were wired
WLAN STANDARDS
802.11 uses the unlicensed industrial, scientific, medical(ISM) frequencies for the physical & mac sub layer.
Early 802.11 was 2 MBs @ 2.4 GHz
Standards improved with 11a, 11b, 11g, 11n
802.11a & g = 54MBs
802.11b = 11MBs
802.11n appear to have a rate greater than 100Mbs
OFDM is faster & more expensive to implement than DSSS
802.11a
OFDM 5GHz, less prone to interference, smaller antennas
Poor range & performance susceptible to obstructions
802.11b & g both use 2.4 GHz
802.11b uses DSSS
802.11g uses OFDM & DSSS
2.4GHz has better range & not as easily obstructed, but still prone to interference
802.11n
Improves data & range without new RF band
Uses multiple input multi output (IMMO) technology
Theoretical 248Mbs
Expected to be ratified by sept 08
RF bands allocated by ITU-R
Bands administered by the FCC,CRTC
Wi-Fi CERTIFICATION
WiFi cert is provided by the WiFi
Standards ensure interoperability
Three key organizations influencing WLAN standards are
ITU-R:allocates RF bands
IEEE: specifies how RF is modulated
WiFi Alliance: interportability across vendors
The WiFi alliance certifies all 3 IEEE 802.11 standards as well as IEEE drafts & the WPA WPA2 standards based on 802.11i.
WIRELESS NICS
Uses the config modulation tech encoded a data stream onto an RF signal
Early wireless NICS were cards PCMCIA but are built into laptops now
PCI & USB Nics are available as well
WIRELESS ACCESS POINTS
Clients do not typically communicate directly to each
AN AP connects clients to wired LAN and converts tcp-ip packets from 802.11 to 802.3 frames.
Clients must associate with an AP to obtain net services. An AP is a L2 device that functions like an Ethernet hub. Radio Frequency is a shared medium just like early Ethernet buses. Devices that want to use the medium must contend for it. Wireless NIC's cannot detect collisions, so instead they must avoid them.
CSMA/CA
AP's oversee a distributed coordination function (DCF) called CSMA/CA
Devices on a WLAN must sense the medium for energy & wait until the medium is free before sending.
If an AP receives data from a client it sends an ACK. This ACK keeps the client from assuming that a collision occurred & prevents a retransmission. Attenuation cause problems in a WLAN where stations contend for media. RTS/CTS allows negotiation between a client and an AP.
RTS: Request to send
CTS: Clear to send
When enabled AP's allocate the medium to a requesting station. When the transmission is complete other stations can request the channel.
WIRELESS CONFIGURATION
To create a connection, parameters must be configured on both AP & client.
Because 11g is backwards compatible with 11b AP's support both standards.
A SSID is a unique identifier that client devices use to distinguish between wifi networks.
SSID is alphanumeric, case sensitive and can be between 2-32 characters.
Several AP's can share an SSID. The 2.4GHz band has 11 channels in North America & 13 in Europe
These channels actually overlap, so best practices for multiple AP's is used non overlapping channels.
Planning the wireless LAN
Implementing a good WLAN requires careful planning
The number of users WLAN is not a straightforward calculation
It depends on the layout , the data rates needed, the use of non-overlapping channels & transmit power
When planning the location of AP's, drawing coverage circles may not be enough.
If AP's need existing wiring or there are locations where AP's cannot be placed, note these locations on the map
Position AP's above obstructions
Position AP's vertically
Position AP's where users are expected to be
When these points are addresses, estimate the expected coverage
Place AP's so that coverage circles are overlapping
Coverage area is usually square, but BSA takes its radius diagonally from the center of the square
Threats to wireless security
Unauthorized access
A business relies on the protection of its information. Security difficulties are amplified with a wireless network. A WLAN is open to anyone in range with credentials to associate to it.
There are 3 major categories of threats:
WARDRIVERS
Hackers/Crackers
Employees
War driving used to exploit cell phone numbers, but now means driving around exploiting unsecured networks.
Hackers were originally benign explorers, but now hacker/cracker often means malicious intruders.
Unfortunately employees are often unwittingly the biggest source of security issues,often by installing rogue AP's.
Most wireless devices have default settings & can be used with little or no config but this is never recommended. These settings are easily compromised using wire sniffers, This allows admins to capture data packets for debugging, and can be exploited. A rogue AP is any AP installed without permission that can be used to capture data.
MAN IN THE MIDDLE ATTACKS
In a wired network the attacker needs physical access but wireless signals can provide access from outside.
Because AP's act like hubs, each nic hears all the traffic.
Attackers can modify their nic so that it accepts all traffic. Hackers can observe clients connecting to an AP and record user/server names & IP. When all legitimate users are known you can then monitor for rogue users.
Denial Of Service
The 2.4GHz ISM band is used by most consumer products. Attackers can actually create noise using these commonly available devices. The attacker can use a PC as an AP and flood the BSS with CTS messages which defeats CSMA/CA. The AP's then flood the BSS causing a stream of collisions. Another attack is sending disassociate commands to cause all stations to disconnect.
WIRELESS SECURITY
2 types of authentication originally: OPEN & SHARED WEP
Open auth is really none, & WEP keys proved to be flawed. To counteract WEP companies tried cloaking SSID and filtering MAC addresses. The WEP algorithm is crackable & since keys are manually entered they are susceptible to entry errors. There was a period of interim security measures from vendors as 802.11i evolved. TKIP encryption was linked to the WiFi Alliance WPA.
Today 802.11i is the security standard( similar to WPA2)
WPA2 includes a connection to a RADIUS database.
AUTHENTCATING TO WLAN
In Enterprise networks,association alone is not enough: additional authentication is usually required.
This is managed by Extensible Authentication Protocol.
EAP is an auth framework used in 802.1x which is a port based authentication protocol.
Configured AP's block all data except for 802.1x traffic. 802.1x frames carry EAP packets to a server that maintains authentication credentials.
This is an AAA server running a RADIUS protocol.
If successful the AAA server advises the AP which then allows traffic from client to pass through the virtual port. Before opening the port L2 encryption between client & AP is established to ensure integrity.
MAC address filtering is easily fooled with spoofing, but it should still be used in tandem with WPA2
Even without SSID broadcasts the SSID is still revealed.
The best security incorporates port based access control such as WPA2
ENCRYPTION
2 mechanisms specified by 802.11i WPA & WPA2
Temperal Key Integrity Protocol
Advanced Encryption Standard
TKIP certified as WPA supports legacy equip & WEP
TKIP encrypts L2 payload & adds messag integrity check to the encrypted packet
TKIP is good but AES is perferred for 802.11i
When configuring wireless routers instead of a reference to WPA/WPA2 you may see pre-shared key
PSK or PSK2 with TKIP = WPA
PSK or PSK2 with AES = WPA2
PSK2 with no encryption specified = WPA2
Controlling ACCESS to WLANs
WPA2 is like having a security system. You can always add Depth to your security.
SSID CLOAKING.
MAC ADDRESS filtering.
Configure AP's near outside walls to transmit with less power.
Security mode -select from 7 modes
Mode parameters - PSK, PSK2 & RADIUS ONLY
Troubleshooting
Work up the tc/ip stack from L1 to L7
Step1 eliminate the pc's as the source of the problem.
Try to determine the severity of the problem.
Confirm that the device can connect to the wired network.
Check security & encryption....MATCH?
Check for interference (other devices).
SITE SURVEY
Manual site surveys can include a site evaluation to be followed by a more thorough assessment
A site evaluation involves inspecting area for potential issues: multi WLANS, building structures & usage(day/night).
Utility-assisted surveys use tools such as airmagnet.
Mount AP's on tripods & set them in planned locations, then walk the facility using a survey meter in the client utility of your pc.
Busby Seo Challenge | Nursing Assistant
