Objectives Describe wireless technology Describe the various
components & structure of a wireless LAN Describe wireless
security issues and mitigation strategies Configure an integrated
wireless access point and wireless client
Slide 3
Slide 4
Understanding Wireless Electromagnetic Spectrum Radio, TV,
Light, X-Rays, Gamma Rays Each has a specific wavelength Like the
distance between waves Wireless uses Electromagnetic Waves Same as
carrying radio signals Well discuss the most common
wavelengths
Slide 5
Infrared (IR) Low energy Cant go through walls, short range
(30) Line of sight One to one communication Wireless Mice &
Keyboards, Remotes, PDA Infrared Direct Access (IrDA) port
Slide 6
IR & Your TV Your TV remote has an infrared LED inside
Switches on & off to create 0s and 1s when you push a button
Push a button to send a 7 digit sequence of 0s & 1s Sony TV
Channel Up is 0000011, channel down is 0010001
Slide 7
Radio Frequency (RF) Wireless LAN, cordless phone, Bluetooth
LAN & Phone Signal travels through walls, longer range, higher
power 900 MHz, 2.4 GHz and the 5 GHz frequency Bluetooth Low speed,
short range, lower power One to many devices Uses 2.4GHz Starting
to use Bluetooth for wireless mice, etc.
Slide 8
Activity- Which is it?
Slide 9
Review Bluetooth or RF. Which has higher power output? RF Two
doctors are beaming their business cards to each other through
their PDAs. Which signal is being used? IR
Slide 10
Wireless Benefits
Slide 11
Wireless Limitations Many devices use wireless Cordless Phones
2.4GHz Interference Microwave Ovens Interference Range Solid Walls
a problem Not as fast as, or reliable as, wired Security Wireless
is east to access & can be intercepted Authentication &
Encryption now used
Slide 12
Types of Wireless Networks WWAN WLAN WPAN
Slide 13
WPAN- SMALLEST Wireless Personal Area Network Used to connect
wireless mice, keyboards & PDAs to computer IR or Bluetooth
Short Range Device to device Peer to peer
Slide 14
WLAN Wireless Local Area Network RF IEEE 802.11 standards Users
connect to a wired network through an Access Point (AP) Medium
range
Slide 15
Access Point Between your wired equipment and your wireless
devices
Slide 16
WWAN Wireless Wide Area Network Cell phone network GSM, CDMA
Long range Government regulated
Slide 17
Wireless Networks WPANWLANWWAN Standard Range Uses
Slide 18
Review
Slide 19
Slide 20
Wireless Standards Specifies data speed, range, RF spectrum
IEEE standards, Wi-Fi 802.11a, 802.11b, 802.11g and 802.11n Wi-Fi
Alliance tests devices from manufacturer Will work with other
devices w/ same logo
Slide 21
802.11b 1999 2.4GHz 11Mbps 150ft range indoors 300 ft range
outdoors
Slide 22
802.11a 1999 5GHz Unused at that time Less congestion 54Mbps
(faster than B) NOT compatible with b/g/n 75ft-150ft range
Originally too expensive Now hard to find
Slide 23
802.11g 2003 2.4GHz 54Mbps 150ft range indoors 300 ft range
outdoors Compatible with 802.11b
Slide 24
802.11n 2.4Ghz Up to 750ft range Backwards compatible b/g
Slide 25
Wireless Components Access Point Connects wireless devices to
wired network Client Any host device that connects to wireless Also
known as STA (station) Bridge Antenna
Slide 26
Omni-Directional Antenna Equally in all directions Found on
APs
Slide 27
Directional Antenna Concentrate signal in one direction Better
distance Connects networks 25 miles or more apart Bridge to Bridge-
connects 2 networks wirelessly
Slide 28
Want a bridge? Aironet 1400 Find it on
www.cdwg.comwww.cdwg.com
Slide 29
Activity
Slide 30
WLANs & the SSID Your WLAN has to be identified
Slide 31
SSID-Service Set Identifier Tells wireless devices which WLAN
they belong to & which other devices they can communicate with
Case-sensitive & up to 32 characters All of your devices MUST
have same SSID Broadcast or Not?
Slide 32
WLAN Install 1:Ad-hoc Mode- IBSS Wireless devices can talk to
each other without involving Access Point Peer-to-peer or small
networks Less $$$, no AP
Slide 33
WLAN Install 2: Infrastructure Mode- BSS Most used AP/Router
controls communication Access to Internet Basic Service Set (BSS)
Area covered by a single AP
Slide 34
Cover More Areas Connect many BSSs to get expanded area You get
an ESS, Extended Service Set Areas should overlap Think about this
school & coverage
Slide 35
Question?
Slide 36
Slide 37
Slide 38
Slide 39
Lab Activity 7.2.3.4 Setting the SSID on an AP READ THE
INSTRUCTIONS!!! Click Topology, then the host View browser, follow
directions
Slide 40
Wireless Channels Used to control multiple conversations Like
how all of your TV channels travel across a cable Divides up the
2.4GHz for each conversation Selection of channels is usually
automatic Sometimes they use a single wide channel to get more
bandwidth
Slide 41
Going to a Concert General Admission compared to tickets for a
seat Whats the different experiences? Wireless has a method to
avoid collisions A ticketing system
Slide 42
Wireless Detecting Collisions CSMA/CA Reserves a channel for
conversation No one else may use that channel Request to Send (RTS)
to the AP If available, a Clear to Send (CTS) is sent OK to send
Broadcast is sent to all, notifying channel in use ACK sent to AP
to notify done All devices see ACK & know channel is open
Slide 43
CSMA/CA- (7.2.4.2)
Slide 44
Activity- Setting the Channel 7.2.4.3 Most of the time,
automatic is fine
Slide 45
Configuring an AP
Slide 46
Configuring the Client What is a wireless host known as? STA
(station) Its a device with wireless NIC & software for it
Settings MUST match AP SSID, security settings, and channel
Slide 47
Configuring the Client- Software As part of the OS OR supplied
with Wireless NIC Contains link info, profiles, etc. Usually the OS
one is okay
Slide 48
Now Test It Look at signal strength Then test data transmission
Use the ping test Ping another PC 1 st If that doesnt work, ping
the AP
Slide 49
Lab 7.2.5.3 & 7.2.6.4 Configure the AP and Wireless Client
Test
Slide 50
Slide 51
Wireless Security Tradeoff: Ease & convenience of
availability vs. putting info to the airwaves What can they do? Use
your Internet for FREE Access your computers Damage files Steal
private info SolutionSET UP SECURITY!
Slide 52
Why is security important? Its possible that an individual or a
business owner can be held responsible for what an unauthorized
user does with your network Computer Fraud Law Accessing a computer
without authorization
Slide 53
Getting In Easily
Slide 54
Take Security Measures Use all of the following to secure your
wireless network: 1.Change the router password from the default
2.Change the SSID & disable the broadcast 3.Use MAC Address
Filtering 4.Authentication (PSK) 5.Encryption (WPA)
Slide 55
Slide 56
Change the Password!
Slide 57
Slide 58
Change SSID & Disable Broadcast Problem SSID must be known
to connect Broadcast by default Solution TURN SSID BROADCAST OFF!!
Change the default settings SSID Passwords IP addresses These
solutions help, but you can still be hacked!
Slide 59
The SSIDs- Discovered!!!
Slide 60
Slide 61
Get your MAC Addresses
Slide 62
Set up MAC Address Filtering
Slide 63
MAC Address Filtering Use your devices MAC address to limit
connectivity to you KNOWN devices You pre-configure the MACs in the
AP The AP will check its list Only those in list will connect
Slide 64
MAC Address Filtering What could go wrong? Typo on the MAC
address New devices cant enter network without adding Mac to the AP
configuration MAC address cloning 1.Sniff network traffic (MAC
address in packet) 2.Find MAC addresses on that network 3.Change
your MAC address to match one on the target network.
Slide 65
Sniffing to Clone
Slide 66
Slide 67
Authentication to the AP Permitting entry to network Like
username & password Works with encryption methods Occurs before
client connects to WLAN 3 types: Open (Default) PSK (Used at home)
EAP (Used at big businesses)
Slide 68
Open Authentication Default Anyone can connect
Slide 69
Pre-Shared Keys (PSK) Authentication AKA Personal Same
passphrase set on AP & Client Client asks AP to connect One
way
Slide 70
Pre-Shared Keys (PSK) Authentication AKA Personal Same
passphrase (or key) set on AP & Client Client asks AP to
connect One way
Slide 71
EAP Authentication (Enterprise) Two-way PLUS username/password
Talks to RADIUS server Has database of allowed clients In medium to
large businesses
Slide 72
Authentication & MAC Filter Authenticate 1 st MAC Filtering
2 nd These hacker from gaining access only!
Slide 73
Encryption Protect data traveling through the air Prevents
signal from being intercepted Sniffing WEP WPA Personal (WPA-PSK;
WPA Personal) WPA2 Personal (WPA2-PSK; WPA2 Personal)
Slide 74
WEP Wired Equivalency Protocol All devices use same WEP key 64
or 128 bits long Set up using a passphrase Generates Key 1 to use
WEAK!!!! Same static key
Slide 75
WPA or WPA2 Wi-Fi Protected Access 64 to 256 bits long New key
each time client connects to AP Pick how it encrypts TKIP (Temporal
Key Integrity Protocol) AES (Advanced Encryption System)
Slide 76
Review WEP/WPA _______________ the data. Encrypt PSK/EAP are
used to _____________ the user to the WLAN. Authenticate WEP or
WPA. Which is stronger? WPA Whats the difference between open
authentication & PSK? PSK has the secret key
Slide 77
Activity 7.3.4.3 Configure encryption and authentication
Slide 78
Access Restrictions You can control the type of data Entering
or leaving the AP Going to/from a specific MAC or IP Block by port
# Time
Slide 79
Lab 7.3.5.2 Configuring Wireless Security
Slide 80
Slide 81
Planning the WLAN Determining the type of wireless standard to
use Determining the most efficient layout of devices An
installation and security plan A strategy for backing up and
updating the firmware of the wireless devices.
Slide 82
Wireless Standard Bandwidth requirements, coverage areas,
existing implementations, and cost. This information is gathered by
determining end-user requirements. Ask the following What
throughput is actually required by the applications running on the
network? How many users will access the WLAN? What is the necessary
coverage area? What is the existing network structure? What is the
budget?
Slide 83
Planning the WLAN Which 802.11 standards support a larger BSS?
Means less equipment to buy Is there an existing standard in use?
Total Cost of Ownership (TCO) which includes the purchase of the
equipment as well as installation and support costs
Slide 84
Installation of Devices Site Survey Measurements Consider
interference sources & locations
Slide 85
Install & Secure the AP
Slide 86
Back It Up!!! 7.4.3.2 Activity Home & Small Business Select
Backup Configuration in Menu To restore, select it Factory Default
Setting
Slide 87
Updating the Firmware The OS of the device is in firmware
Update for new features, etc 1.Get the current version 2.Research
issues & features that may cause you to want the upgrade
3.Download it to a HD (directly connected machine) 4.Select
Firmware upgrade DO NOT INTERRUPT THE PROCESS!