Embed Size (px)
Citation preview
Part 1 1
WIRELESS NETWORK
SECURITY
Part 1 2
Understand basic wireless technology Understand the components of wireless
network and implement a wireless network
Build a wireless LAN Understand the security issues of
wireless network Look at various protection methods and
explore how to apply some of these protections to a school environment
Objective
Part 1 3
Brief introduction to networking WAN, MAN, LAN,
Fundamental Wireless Technologies Wireless LAN, Bluetooth Comparison of technologies and issues
Look at Wireless LAN component Wireless clients AP
Build different types of wireless networks Ad-hoc and infrastructure networks
Contents
Part 1 4
…..is a group of two or more personal computers or devices linked together with a media….
What is a Network?
Part 1 5
Typically connects computer in a single building or campus.
Medium : optical fibers, coaxial cables, twisted pair, wireless (WiFi).
High speed networks (100 Mbps/10 Gbps Ethernet)
Cheaper equipments, Ethernet, Token Ring
Setup Client and Server or Peer to Peer
Local Area Network (LAN)
Part 1 6
Generally covers large distances (states, countries, continents).
Typical Medium : Land and Ocean cables Wireless Medium - satallites. Problems with delays if using satellites. Typical speed : 20 - 2000 Kbits/s. -
expensive New standards (ATM) are changing the
landscape.
LAN vs WAN speed
Wide Area Network (WAN)
Part 1 7
Generally covers towns and cities (50 kms)
Typical medium : optical fibres, cables
Message routing is fast. Mobile technology – 2G, 3G and 4G
Metropolitan Area Network (MAN)
Part 1 8
Refers to Hardware and Software that allow information be transmitted between devices Devices
Equipment that can send and received Network
h/w & s/w used to link and transmit information over a media
Applications S/w that operate the wireless device
What is Wireless Technology?
Part 1 9
Mobility (Roaming) Easy of Installation Scalability (WiFi) Cost
Why Wireless
Part 1 10
Information access when needed, anywhere
Emergence of powerful handheld devices Improved network data exchange Maturing device, network and data
exchange standards
Why Wireless Now?
Part 1 11
To most people/organsiations wireless technology means:
Wireless technology refers to hardware and software that allows information to be transmitted between devices without using physical wired connections.
Wireless LAN GPRS
3GWiMax
Blue tooth
Some Wireless Technology?
Part 1 12
Home RF BlueTooth 802.11Max Trans. power 100mW 100mW 800mW
Data Rate 1-2 Mbps 1 Mbps Upto 300Mbps
Max device Up to 127 Up to 26 Up to 256
Security Blowfish 0, 40, and 60 bits 40, 128 RC4
TKIP, WPA
Range 150ft 30ft 400ft indoor
1500 OD
Cost Medium cheapest Most expensive
Roaming No No Yes
802.11 competes with HiperLAN
Wireless LAN Competing Technologies
Part 1 13
Operate in the gigahertz frequency spectrum but differ from other wireless technologies in the range of service, network capacity and data bit transfer rate.
Designed to operate over a much smaller service area.
Devices that participate in these types of peer based networks are designed to automatically discover other devices and services.
Connects personal computers to mobile devices including PDAs, phones, personal printers and other handheld devices.
Personal Area Network (PAN)
Part 1 14
Originated from an Ericsson internal project
To facilitate voice and data access Operate at 2.4 – 2.483 MHz ISM band Short range (10 meter) frequency-
hopping radio link between devices Data can be delivered up to 724 kbps
Bluetooth
Part 1 15
ClassMaximum Permitted Power(mW/dBm)
Range(approximate)
Class 1 100 mW (20 dBm) ~100 meters
Class 2 2.5 mW (4 dBm) ~10 meters
Class 3 1 mW (0 dBm) ~1 meter
1. Bluetooth 1.0 and 1.0B2. Bluetooth 1.1
1. Fixed problems with V1 and support for non encrypted channels3. Bluetooth 1.2
1. Better audio (Stereo sound, A2DP)4. Bluetooth 2.0
1. EDR (3Mbps)5. Bluetooth 2.1
1. Better power consumption2. Better Pairing
Bluetooth Standards (1)
Part 1 16
103 Hz
106 Hz
109 Hz
1012 Hz
1015 Hz
1018 Hz
1021 Hz
RadioUsed for
communication
MicrowaveUsed for heating, communication,
and radar
T-Ray
InfraredRemote control, optical network
Ultraviolet
X-RayPenetrating live tissues
Gamma RayEmitted by nuclear reaction
Radio Spectrum
Part 1 17
Mobile phones became popular in the 1980s and 1990s. Now in Hong Kong over 91% of the population owns a mobile phone. Various operators offer different services but they can be grouped into two types:
Mobile phones provide two major functions:Voice – GSM, CDMA, TDMA
Data - GRPS, WAP* SMS, EMS, MMS* Internet Access* Email* Value Added features
The most used wireless technology is the mobile phone
Mobile Phones Technology
Part 1 18
Cell using directional transceiver Cell using omnidirectional transceiver
Overlapping circular cellsIdealised hexagonal network
Microcell within network
Transmission and Cells
Part 1 19
1st Generation This the analog phones dominated by two main standards,
Analog Mobile Phone System (AMPS) and Total Access Communication System (TACS)
2nd Generation Digital phones with better sound quality CDMA, TDMA, GSM and PCS became common terms Basic data transmission, modem, fax at 9.6kbps
2.5 Generation Faster data transmission with GPRS, for SMS, MMS at 14.4k –
115kbps Enhanced Data for GSM Evolution (EDGE) allowed 384Kbps
3rd Generation WCDMA, CDMA2000 - Video streaming, high-speed Internet Development even faster data access at 2Mbps for Internet
applications
Since the development of mobile phones have seen a number of generations
Mobile Phone Development
Part 1 20
WIRELESS LAN TECHNOLOGIES
Part 1 21
The most popular WLAN technology today is based on the Institute of Electrical and Electronics Engineers (IEEE) 802.11x standard.
IEEE 802.11
Frequency Range Throughput Data Rate Indoor dist.
802.11a 5 GHz 27 Mbps 6-54 Mbps ~ 35m
802.11b 2.4 GHz 5 Mbps 1-11 Mbps ~ 38m
802.11g 2.4 GHz 22 Mbps 6-54 Mbps ~ 100m
802.11n 5 and/or 2.4 Ghz Unknown 600 Mbps ~ 300m
plus error correction code
Draft 2(expect to rectify late 2009)
Wireless LAN Technology
Part 1 22
Proposed by IEEE 802.11 working group Started in May 1991 and completed in 1997 Transmission rate 1Mbps and 2Mbps 3 data transmission adopted
Frequency Hop Spread Spectrum (FHSS- 1Mbps) Direct Sequence Spread Spectrum (DSSS- 2Mbps) Infrared (IrDA – Infrared Data Association)
Original 802.11
Part 1 23
Added in Dec. 1999 Operating at 2.4GHz range Support speed 11, 5.5, 2 & 1Mbps Using Higher Rate - Direct-Sequence Spread
Spectrum (HR-DSSS) Employs the Complementary Code Keying
(CCK) modulation technique Newly added 22Mbps (802.11b+) Not official
802.11b
Part 1 24
Added in Dec. 1999 Operating at 5 GHz range Support speed 6, 9, 12, 18, 24, 36, 48 &
54Mbps Using Orthogonal Frequency Division
Multiplexing (OFDM)
802.11a
Part 1 25
• Added 2003 (Ratified in June)• Operating at 2.4 GHz range • Support speed between 24 and 54Mbps• Using Orthogonal Frequency Division
Multiplexing (OFDM) - Mandatory• Also support Complimentary Code Keying
(CCK) – Optional (backward compatibles with 802.11b)
802.11g
Part 1 26
IEEE 802.11 Specification
Part 1 27
BAND Frequency Range
UHF ISM 902 – 928 MHz
S-Band 2 – 4 GHz
S-Band ISM 2.4 – 2.5 GHz
C-Band 4 – 8 GHz
C-Band Satellite downlink 3.7 – 4.2 GHz
C-Band Radar (Whether) 5.25 – 5.925 GHz
C-Band ISM 5.725 -5.875 GHz
C-Band Satellite uplink 5.925 – 6.425 GHz
X-Band 8 – 12 GHz
X-band Radar (police) 8.25 – 10.55 GHz
Ku-Band 12 – 18 GHz
Ku-Band Radar (Police) 13.4 – 14 GHz
15.7 - 17.7 GHz
Allocated For Frequency Range
Mobile Phone 800 – 900 MHz
DECT 1.8 – 1.9 GHz
ISM 2.4 – 2.5 GHz
ISM (feasible) 5.725 -5.875 GHz
Fix Links (considering) 17, 18, 19 GHz
European Wireless LAN
(Await standards)
24.1 GHz
USA Allocation Hong Kong Allocation
ISM = Industrial, Scientific and Medical
Radio Frequency for Wireless LAN
Part 1 28
Hong Kong Allocation for
802.11b
Part 1 29
Hong Kong Allocation for
802.11a
Part 1 30
Channel Frequency Channel Frequency
1 2.412Ghz 8 2.447Ghz
2 2.417Ghz 9 2.452Ghz
3 2.422Ghz 10 2.457Ghz
4 2.427Ghz 11 2.462Ghz
5 2.432Ghz 12 2.467Ghz
6 2.437Ghz 13 2.472Ghz
7 2.442Ghz 14 2.484Ghz
Wireless 802.11b networks operate in UHF band, specifically between 2.4GHz and 2.5GHz. These Wireless 802.11b networks operate in UHF band, specifically between 2.4GHz and 2.5GHz. These frequency is divided into 14 channelsfrequency is divided into 14 channels..US & Canada channel 1- 11 is available, Europe use 1 – 13, France uses 10-13 and Japan 1-14.US & Canada channel 1- 11 is available, Europe use 1 – 13, France uses 10-13 and Japan 1-14.
802.11b Channels
Part 1 31
CH1 CH2 CH3 CH4 CH5
CH1 CH2 CH3 CH4 CH5 CH6
CH1 CH2 CH3 CH4 CH5 CH6 CH7
CH1 CH2 CH3 CH4 CH5 CH6 CH7 CH8
CH1 CH2 CH3 CH4 CH5 CH6 CH7 CH8 CH9
CH2 CH3 CH4 CH5 CH6 CH7 CH8 CH9 CH10
CH3 CH4 CH5 CH6 CH7 CH8 CH9 CH10 CH11
CH4 CH5 CH6 CH7 CH8 CH9 CH10 CH11
CH5 CH6 CH7 CH8 CH9 CH10 CH11
CH6 CH7 CH8 CH9 CH10 CH11
CH7 CH8 CH9 CH10 CH11
Data is not transmitted in a single frequency, it is spread over multiple frequenciesData is not transmitted in a single frequency, it is spread over multiple frequencies
From the rule set only channel 1 , 6 and 11 do not overlap. From the rule set only channel 1 , 6 and 11 do not overlap. But channel 5, 6 , and 7 affects all rule sets (Ideal for Jammers)But channel 5, 6 , and 7 affects all rule sets (Ideal for Jammers)
Channel used for sending data
Part 1 32
Each DS (Direct Sequence) Channel is transmitted over 22 Mhz Each DS (Direct Sequence) Channel is transmitted over 22 Mhz Channel Centers are separated by 5 MhzChannel Centers are separated by 5 Mhz
Channel Allocations for 802.11b
Part 1 33
20 Mhz 20 Mhz
5150 5180 5200 5220 5240 5260 5280 5300 5320 5350
Each channel is 20MhzEach channel is 20Mhz
Channel Allocations for 802.11a
Part 1 34
Wire LAN
1. Connect to AP2. Configure to AP3. Test connection to Internet
Wireless LAN setup Demo
Part 1 35
Speed Out Doors In Doors
11Mbps 150m (500ft) 30m (100ft)
5.5Mbps 270m (880ft) 50m (160ft)
2Mbps 400m (1300ft) 70m (220ft)
1Mbps 460m (1500ft) 90m (280ft)
Speed vs Distance (2.4 Ghz)
Part 1 36
Speed Out Doors In Doors
72 Mbps 40m (133ft) 20m (66ft)
54 Mbps 80m (262ft) 25m (82ft)
48 Mbps 230m (755ft) 35m (115ft)
36 Mbps 300m (984ft) 40m (131ft)
24 Mbps 340m (1115ft) 45m (148ft)
18 Mbps 370m (1214ft) 50m (164ft)
12 Mbps 400m (1312ft) 55m (180ft)
9 Mbps 465m (1526ft) 57ft (187ft)
6 Mbps 500m (1650ft) 60m (197ft)
802.11a+ ?802.11a+ ?
Speed vs Distance (5 Ghz)
Part 1 37
RF Barrier Relative Degree of Attenuation Example:Air Minimal
Wood Low Office partitions
Plaster Low Inner walls
Synthetic material
Low Office partitions
Asbestos Low Ceiling
Glass Low Windows
Water Medium Damp wood, aquariums
Brick Medium Inner and outer wall
Marble Medium Inner wall
Paper High Paper rolls, cardboard boxes
Concrete High Floor and outer walls
Bullet-proff glass High Security booth
Metal Very High Desks, office partitions, elevator shafts, reinforced walls
What affects Range of Transmission
Part 1 38
Newest Wireless LAN standard Final retification expected to be at late 2009
• Currently is Draft version 2• Backward compatible to 802.11a/b/g
Release Date
Op. FrequencyData Rate (Typ)
Data Rate (Max)
Range (Indoor)
Mid 20085 GHz and/or 2.4 GHz
150 Mbit/s300Mbit/s (2 stream)
~70 meters
802.11n
Part 1 39
MIMO (Multiple Input - Multiple Output) defines many "M x N" antenna configurations, ranging from "1
x 1" to "4 x 4". This refers to the number of transmit (M) and receive (N) antennas – for example, an AP with two transmit and three receive antennas is a "2 x 3" MIMO device.
Better dealing with multipath signal reflections and attenuation
Channel Bonding bonding to combine two adjacent 20 MHz channels into a single
40 MHz channel (most effective at 5GHz) increases that throughput to 150 Mbps per channel
Aggregating of Frame Transmit more than one application in single frame with fix
header
802.11n New Feature
Part 1 40
Wireless LAN
Components
Part 1 41
Wireless client a computing device that is equipped with a wireless LAN network adapter. Wireless clients can communicate directly with each other or through a wireless access point.
Wireless Access Pointa networking device equipped with a wireless LAN network adapter that acts as a bridge between wireless client and a traditional wired network
Wireless LAN Components
Part 1 42
PCMCIAPCMCIA
USBUSB
Internal Internal PCMCIA PCMCIA AdapterAdapter Internal Wireless Internal Wireless
InterfaceInterface
Various Wireless Adapters for client
Part 1 43
The basic building block of an 802.11 network is the Basic Service set (BSS), which is simply a group of stations that communicate with each other
Ad-hoc BSS Infrastructure BSS
Basic Service Set
Part 1 44
Extended Service Set is for large networks
Internet
Extended BSS
AP (Bridge mode setting)
Extended Service Set
Part 1 45
Wire LAN
1. Ist client create a SSID(making it visible) and create a share folder with a file for other clients to download
2. Other Clients join this network3. Test connection by download a file from 1st client
Workshop – Build simple wireless LAN (Ad-Hoc)
Part 1 46
Need wireless network adapter Define an SSID (Service Set
IDentification) for “Adhoc” network All client connects to this SSID
Install driver of Wireless Network AdapterClient 1 – set up a wireless group with SSID ADHOCxx – xx = 01 – 10Client 2 – Connect to the ad-hoc network
Building A Simple wireless network
Part 1 47
At least 2 interface Wireless Interface (802.11x) Wired Interface (Ethernet or WAN port)
Bridge table Dynamic Host Configuration Protocol
(DHCP) Network Address Translation (NAT) Security filtering and Monitoring
Access Point is a mean connecting wireless world and the wired world
Some feature provided by APSome feature provided by AP
What is an Access Point?
Part 1 48
Target at price-conscious users Simple connectivity Limited functions
1 - Residential Gateways/Routers1 - Residential Gateways/Routers
2 – Enterprise Gateways (AP)2 – Enterprise Gateways (AP)
• More expensive• Large network connectivity and multi APs• More sophisticated functions
– Device management– Greater Security functions
2 types of APs
Part 1 49
Suitable for home or small office use Deploy with one routable IP address, so
NAT is implemented Aim for connecting to a WAN via modem May support VPN pass-through
IPSec PPTP
Example:Linksys WRT610NSMC WGBR14S-NDlink DIR655
Residential Gateways / Routers
Part 1 50
Wireless NIC
Internet
ADSL/Cable Modem
Wireless Router
Internal Addresses
Perform NATInternal Real IP address
Home / small office setup
Part 1 51
Various different names but often just call AP Provide a bridging function between wireless
devices and wired network Provide Inter-Access Point Protocol (IAPP - 802.11F) Roaming Upgrade path, from 802.11b, to 802.11a to
802.11g and to 802.11n Provide SNMP management tools included Provide external antenna facilities VPN, VLAN functions
Example:Example:Orinoco AP2000Orinoco AP2000Cisco Aironet 1220Cisco Aironet 12203COM AirConnect3COM AirConnect
Enterprise Gateways
Part 1 52
Sales Dept.HR. Dept
Wired Network
SwitchInternet
Router
Wireless PCMCIA
Bridge the wireless to Wired
Network address same as wired segment
Enterprise AP
Part 1 53
Should be Wi-Fi (Wireless Fidelity) Number of ports (including printer?) Device Management facility - Web based? More than one AP? Roaming required? Security functions Price Transmission power
Selecting Access Point
Part 1 54
1. Access the AP with browser or vendor supplied software, either wireless or directly connected. Use factory URL (192.168.1.1)
2. Login with factory user ID and password (1234)3. Use Web configurator to set up SSID for Open Access (no security)4. Create a share folder with some files for sharing
Workshop – Build Enterprise wireless LAN (Router Mode)
Part 1 55
Disable all wired Network adapters Insert USB wireless Client (install driver) Use Windows XP’s Zero Configuration Utility
and scan for available wireless network Locate your group’s SSID and Connect to
your group’s network Use the command IPCONFIG at cmd prompt
to identify what IP address was assigned to your system
Use IE to access an external site. Were u successful?
Workshop – Build Enterprise wireless LAN (client setup)
Part 1 56
1. Access the AP with browser or vendor supplied software, either wireless or directly connected. Use factory URL (192.168.1.1)
2. Login with factory user ID and password (1234)3. Configure the Access Point to run as AP mode (bridge mode)
Workshop – Build Enterprise wireless LAN (AP Mode)
Part 1 57
Use Windows XP’s Zero Configuration Utility and scan for available wireless network
Locate your group’s SSID and Connect to your group’s network
Use the command IPCONFIG at Command prompt to identify what IP address was assigned to your system. Any different to the previous exercise?
Use IE to access an external site. Were you successful?
Workshop – Build Enterprise wireless LAN (client setup)
Part 1 58
ANTENNAS
Part 1 59
Gain is a measure of increase in power.
GAIN
DirectionDirection is the shape of the transmission pattern.
An antenna rating is typically to the gain of an isotropic or dipole antenna. An isotropic antenna is a theoretical antenna with a uniform three-dimensional radiation pattern (similar to a light bulb with no reflector). dBi is used to compare the power level of a given antenna to the theoretical isotropic antenna.An isotropic antenna is said to have a power rating of 0 dB; for example, zero gain/loss when compared to itself.
Some antennas are rated in comparison to dipole antennas. This is denoted by the suffix dBd. Dipole have a stronger gain of 2.14 db when compare with isotropic antenna. Hence, dipole antennas have a gain of 0 dBd (= 2.14 dBi).
An antenna gives the wireless system two fundamental properties
Antenna Properties
Part 1 60
Omni-Directional Directional
360 degree Radiation pattern The Standard increased power of 2.4dbi (“Rubber Duck”)
Normally no increase of power Redirect s the energy Angle of radiation is decreasedGreater distance is covered
Directional Antennas
Part 1 61
Antenna Examples
Part 1 62
increase Factor Decrease Factor
0 dB 1x 0 dB 1x
1 dB 1.25 x -1 dB 0.8x
3 dB 2x -3 dB 0.5x
6 dB 4x -6 dB 0.25x
10 dB 10x -10 dB 0.1x
12 dB 16x -12 dB 0.06x
20 dB 100x -20 dB 0.01x
30 dB 1000x -30 dB 0.001x
40 dB 10,000x -40 dB 0.0001x
dB = 10 log10 (Power A/Power B)
When replacing antenna, this can be used for reference
Antenna Power factor
Part 1 63
Good reception Gain maximum speed and distance Reduce interference Security
Why Select Correct Antenna?
Part 1 64
Review the wireless needs of your school Prepare a network diagram , if needed (simple
PowerPoint) Consider any security issues that may exist or may
have
For discussion at next session
Assignment
Part 1 65
APPENDIX
Part 1 66
Power LED Switch LED WAN LEDGreen – 100MbpsOrange – 1000MbpsBlink – data Tx/Rx
Wireless LEDBlink – data Tx/Rx
Encryption ON/OFF
Reset switch at back of device
Workshop AP introduction
Part 1 67
Changing Router mode to AP mode
Workshop AP introduction
Part 1 68
All AP (not in router mode) must be on same subnet and configured with same ESSID
Adjacent AP must use a different channel when coverage area overlapped
All APs must use same port number to relay roaming information
APs must be connected to the wired network and uses DHCP server to assign dynamic IP address
If 802.1x is used for user authentication, it is recommended to use server. If authentication is performed locally at the AP, then all APs must have user’s profile
Roaming Requirements
