Wifi

TheSmit Chheda
TheSmit ChhedaNational Geographic
Wi-Fi Technology
Wifi
Agenda Introduction Wi-Fi Technologies Wi-Fi Architecture Wi-Fi Network Elements How a Wi-Fi Network Works Wi-Fi Network Topologies Wi-Fi Configurations Applications of Wi-Fi Wi-Fi Security Advantages/ Disadvantages of Wi-Fi
Introduction • Wireless Technology is an alternative to Wired Technology, which is commonly used, for connecting devices in wireless mode. • Wi-Fi (Wireless Fidelity) is a generic term that refers to the IEEE 802.11 communications standard for Wireless Local Area Networks (WLANs). • Wi-Fi Network connect computers to each other, to the internet and to the wired network.
The Wi-Fi Technology Wi-Fi Networks use Radio Technologies to transmit & receive data at high speed: IEEE 802.11b IEEE 802.11a IEEE 802.11g
IEEE 802.11b • Appear in late 1999 • Operates at 2.4GHz radio spectrum • 11 Mbps (theoretical speed) - within 30 m Range • 4-6 Mbps (actual speed) • 100 -150 feet range • Most popular, Least Expensive • Interference from mobile phones and Bluetooth devices which can reduce the transmission speed.
IEEE 802.11a • Introduced in 2001 • Operates at 5 GHz (less popular) • 54 Mbps (theoretical speed) • 15-20 Mbps (Actual speed) • 50-75 feet range • More expensive • Not compatible with 802.11b
Components of Wi-Fi Access point Adapters
Wi-Fi Antenna Wi-Fi Bridge
PCI cards that accept wireless PC cards External USB wireless NICs
How a Wi-Fi Network Works • Basic concept is same as Walkie talkies. • A Wi-Fi hotspot is created by installing an access point to an internet connection. • An access point acts as a base station. • When Wi-Fi enabled device encounters a hotspot the device can then connect to that network wirelessly. • A single access point can support up to 30 users and can function within a range of 100 – 150 feet indoors and up to 300 feet outdoors. • Many access points can be connected to each other via Ethernet cables to create a single large network.
Wi-Fi Network Topologies • AP-based topology (Infrastructure Mode) • Peer-to-peer topology (Ad-hoc Mode) • Point-to-multipoint bridge topology
AP-based topology • The client communicate through Access Point. • BSA-RF coverage provided by an AP. • ESA-It consists of 2 or more BSA. • ESA cell includes 10-15% overlap to allow roaming.
Peer-to-peer topology • AP is not required. • Client devices within a cell can communicate directly with each other. • It is useful for setting up of a wireless network quickly and easily.
Point-to-multipoint bridge topology This is used to connect a LAN in one building to a LANs in other buildings even if the buildings are miles apart.These conditions receive a clear line of sight between buildings. The line-of-sight range varies based on the type of wireless bridge and antenna used as well as the environmental conditions.
Wi-Fi Configurations
Wi-Fi Configurations
Wi-Fi Configurations
Wi-Fi communication
Wi-Fi Applications • Home • Small Businesses or SOHO • Large Corporations & Campuses • Health Care • Wireless ISP (WISP) • Travellers
Wi-Fi Security Threats • Wireless technology doesn’t remove any old security issues, but introduces new ones • Eavesdropping • Man-in-the-middle attacks • Denial of Service
Eavesdropping • Easy to perform, almost impossible to detect • By default, everything is transmitted in clear text • Usernames, passwords, content ... • No security offered by the transmission medium • Different tools available on the internet • Network sniffers, protocol analysers . . . • Password collectors • With the right equipment, it’s possible to eavesdrop traffic from few kilometers away
MITM Attack 1. Attacker spoofes a disassociate message from the victim 2. The victim starts to look for a new access point, and the attacker advertises his own AP on a different channel, using the real AP’s MAC address 3. The attacker connects to the real AP using victim’s MAC address
Denial of Service • Attack on transmission frequecy used • Frequency jamming • Not very technical, but works • Attack on MAC layer • Spoofed deauthentication / disassociation messages • can target one specific user • Attacks on higher layer protocol (TCP/IP protocol) • SYN Flooding
Wi-Fi Security The requirements for Wi-Fi network security can be broken down into two primary components: • Authentication  User Authentication  Server Authentication • Privacy
Authentication • Keeping unauthorized users off the network • User Authentication • Authentication Server is used • Username and password • Risk: • Data (username & password) send before secure channel established • Prone to passive eavesdropping by attacker • Solution • Establishing a encrypted channel before sending username and password
Authentication (cont..) • Server Authentication • Digital Certificate is used • Validation of digital certificate occurs automatically within client software
Wi-Fi Security Techniques • Service Set Identifier (SSID) • Wired Equivalent Privacy (WEP) • 802.1X Access Control • Wireless Protected Access (WPA) • IEEE 802.11i
Service Set Identifier (SSID) • SSID is used to identify an 802.11 network • It can be pre-configured or advertised in beacon broadcast • It is transmitted in clear text • Provide very little security
Wired Equivalent Privacy (WEP) • Provide same level of security as by wired network • Original security solution offered by the IEEE 802.11 standard • Uses RC4 encryption with pre-shared keys and 24 bit initialization vectors (IV) • key schedule is generated by concatenating the shared secret key with a random generated 24-bit IV • 32 bit ICV (Integrity check value) • No. of bits in keyschedule is equal to sum of length of the plaintext and ICV
Wired Equivalent Privacy (WEP) (cont.) • 64 bit preshared key-WEP • 128 bit preshared key-WEP2 • Encrypt data only between 802.11 stations.once it enters the wired side of the network (between access point) WEP is no longer valid • Security Issue with WEP • Short IV • Static key • Offers very little security at all
802.1x Access Control • Designed as a general purpose network access control mechanism • Not Wi-Fi specific • Authenticate each client connected to AP (for WLAN) or switch port (for Ethernet) • Authentication is done with the RADIUS server, which ”tells” the access point whether access to controlled ports should be allowed or not • AP forces the user into an unauthorized state • user send an EAP start message • AP return an EAP message requesting the user’s identity • Identity send by user is then forwared to the authentication server by AP • Authentication server authenticate user and return an accept or reject message back to the AP • If accept message is return, the AP changes the client’s state to authorized and normal traffic flows
802.1x Access Control
Wireless Protected Access (WPA) • WPA is a specification of standard based, interoperable security enhancements that strongly increase the level of data protection and access control for existing and future wireless LAN system. • User Authentication • 802.1x • EAP • TKIP (Temporal Key Integrity Protocol) encryption • RC4, dynamic encryption keys (session based) • 48 bit IV • per packet key mixing function • Fixes all issues found from WEP • Uses Message Integrity Code (MIC) Michael • Ensures data integrity • Old hardware should be upgradeable to WPA
Wireless Protected Access (WPA)(cont.) • WPA comes in two flavors • WPA-PSK • use pre-shared key • For SOHO environments • Single master key used for all users • WPA Enterprise • For large organisation • Most secure method • Unique keys for each user • Separate username & password for each user
WPA and Security • Data is encrypted • Protection against eavesdropping and man-in-the- middle attacks • Denial of Service • Attack based on fake massages can not be used. • As a security precaution, if WPA equipment sees two packets with invalid MICs within a second, it disassociates all its clients, and stops all activity for a minute • Only two packets a minute enough to completely stop a wireless network
802.11i • Provides standard for WLAN security • Authentication • 802.1x • Data encryption • AES protocol is used • Secure fast handoff-This allow roaming between APs without requiring client to fully reauthenticate to every AP. • Will require new hardware
Advantages • Mobility • Ease of Installation • Flexibility • Cost • Reliability • Security • Use unlicensed part of the radio spectrum • Roaming • Speed
Limitations • Interference • Degradation in performance • High power consumption • Limited range
Wifi
1 sur 40

Wifi

Télécharger pour lire hors ligne
TheSmit Chheda
TheSmit ChhedaNational Geographic

Recommandé

Understanding IT Network Security for Wireless and Wired Measurement Applicat... par
Understanding IT Network Security for Wireless and Wired Measurement Applicat...Understanding IT Network Security for Wireless and Wired Measurement Applicat...
Understanding IT Network Security for Wireless and Wired Measurement Applicat...cmstiernberg
801 vues29 diapositives
Wireless Security null seminar par
Wireless Security null seminarWireless Security null seminar
Wireless Security null seminarNilesh Sapariya
4.2K vues51 diapositives
Wireless LAN security par
Wireless LAN securityWireless LAN security
Wireless LAN securityRajan Kumar
28.9K vues14 diapositives
Wireless Networking Security par
Wireless Networking SecurityWireless Networking Security
Wireless Networking SecurityAnshuman Biswal
4.8K vues30 diapositives
Wlan security par
Wlan securityWlan security
Wlan securitySajan Sahu
3.9K vues15 diapositives
Wifi Security par
Wifi SecurityWifi Security
Wifi SecurityShital Kat
2.4K vues28 diapositives

Contenu connexe

Tendances

Workshop on Wireless Security par
Workshop on Wireless SecurityWorkshop on Wireless Security
Workshop on Wireless Securityamiable_indian
3.5K vues45 diapositives
Wifi security par
Wifi securityWifi security
Wifi securityDooremoore
206 vues8 diapositives
5169 wireless network_security_amine_k par
5169 wireless network_security_amine_k5169 wireless network_security_amine_k
5169 wireless network_security_amine_kRama Krishna M
937 vues47 diapositives
Lecture 11 wifi security par
Lecture 11 wifi securityLecture 11 wifi security
Lecture 11 wifi securityrajakhurram
3.9K vues53 diapositives
Wireless hacking and security par
Wireless hacking and securityWireless hacking and security
Wireless hacking and securityAdel Zalok
2.4K vues29 diapositives
Ch7 ccna exploration 3 lan switching and wireless par
Ch7 ccna exploration 3 lan switching and wirelessCh7 ccna exploration 3 lan switching and wireless
Ch7 ccna exploration 3 lan switching and wirelesskratos2424
532 vues4 diapositives

Tendances(20)

Workshop on Wireless Security par amiable_indian
Workshop on Wireless SecurityWorkshop on Wireless Security
Workshop on Wireless Security
amiable_indian3.5K vues
Wifi security par Dooremoore
Wifi securityWifi security
Wifi security
Dooremoore206 vues
5169 wireless network_security_amine_k par Rama Krishna M
5169 wireless network_security_amine_k5169 wireless network_security_amine_k
5169 wireless network_security_amine_k
Rama Krishna M937 vues
Lecture 11 wifi security par rajakhurram
Lecture 11 wifi securityLecture 11 wifi security
Lecture 11 wifi security
rajakhurram3.9K vues
Wireless hacking and security par Adel Zalok
Wireless hacking and securityWireless hacking and security
Wireless hacking and security
Adel Zalok2.4K vues
Ch7 ccna exploration 3 lan switching and wireless par kratos2424
Ch7 ccna exploration 3 lan switching and wirelessCh7 ccna exploration 3 lan switching and wireless
Ch7 ccna exploration 3 lan switching and wireless
kratos2424532 vues
Understanding WiFi Security Vulnerabilities and Solutions par AirTight Networks
Understanding WiFi Security Vulnerabilities and SolutionsUnderstanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and Solutions
AirTight Networks4.4K vues
Wi-fi Hacking par Paul Gillingwater, MBA
Wi-fi HackingWi-fi Hacking
Wi-fi Hacking
Paul Gillingwater, MBA19.6K vues
Security & Privacy in WLAN - A Primer and Case Study par Mohammad Mahmud Kabir
Security & Privacy in WLAN - A Primer and Case StudySecurity & Privacy in WLAN - A Primer and Case Study
Security & Privacy in WLAN - A Primer and Case Study
Mohammad Mahmud Kabir1.1K vues
Wireless Lan Security par SANDEEPONSLIDESHARE
Wireless Lan SecurityWireless Lan Security
Wireless Lan Security
SANDEEPONSLIDESHARE1.3K vues
Wlan security par Upasona Roy
Wlan securityWlan security
Wlan security
Upasona Roy7.8K vues
Wi fi protected access par Lopamudra Das
Wi fi protected accessWi fi protected access
Wi fi protected access
Lopamudra Das2.4K vues
Wireless Network Security par Gyana Ranjana
Wireless Network SecurityWireless Network Security
Wireless Network Security
Gyana Ranjana1.6K vues
Wpa vs Wpa2 par Nzava Luwawa
Wpa vs Wpa2Wpa vs Wpa2
Wpa vs Wpa2
Nzava Luwawa3.9K vues
Wi fi protected-access par bhanu4ugood1
Wi fi protected-accessWi fi protected-access
Wi fi protected-access
bhanu4ugood11.8K vues
WiFi Secuiry: Attack & Defence par Prakashchand Suthar
WiFi Secuiry: Attack & DefenceWiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & Defence
Prakashchand Suthar16.2K vues
Wireless LAN Security par Abu Rayhan Ahmmed Rimu
Wireless LAN SecurityWireless LAN Security
Wireless LAN Security
Abu Rayhan Ahmmed Rimu2.7K vues
Wireless and WLAN Secuirty, Presented by Vijay par thevijayps
Wireless and WLAN Secuirty, Presented by VijayWireless and WLAN Secuirty, Presented by Vijay
Wireless and WLAN Secuirty, Presented by Vijay
thevijayps570 vues
Securing wireless network par Syed Ubaid Ali Jafri
Securing wireless networkSecuring wireless network
Securing wireless network
Syed Ubaid Ali Jafri726 vues
Wireless security using wpa2 par Tushar Anand
Wireless security using wpa2Wireless security using wpa2
Wireless security using wpa2
Tushar Anand3.3K vues

En vedette

Copy of module private sub calculate par
Copy of module private sub calculateCopy of module private sub calculate
Copy of module private sub calculateFarid Diah
474 vues2 diapositives
Advancements in PCIe Storage par
Advancements in PCIe StorageAdvancements in PCIe Storage
Advancements in PCIe StorageSCSIExpress
401 vues1 diapositive
Diaposi de multi 1 par
Diaposi de multi 1Diaposi de multi 1
Diaposi de multi 1Vanesa Pozo Soliz
339 vues19 diapositives
Sistema Circulatório par
Sistema CirculatórioSistema Circulatório
Sistema CirculatórioRanlig
2.4K vues11 diapositives
Socialnetstatusquo16marzo 12.00 par
Socialnetstatusquo16marzo 12.00Socialnetstatusquo16marzo 12.00
Socialnetstatusquo16marzo 12.00Massimo Micucci
418 vues39 diapositives
Clase 8 2 multi y divi par
Clase 8 2 multi y diviClase 8 2 multi y divi
Clase 8 2 multi y dividianamilena111
1.1K vues17 diapositives

En vedette(20)

Copy of module private sub calculate par Farid Diah
Copy of module private sub calculateCopy of module private sub calculate
Copy of module private sub calculate
Farid Diah474 vues
Advancements in PCIe Storage par SCSIExpress
Advancements in PCIe StorageAdvancements in PCIe Storage
Advancements in PCIe Storage
SCSIExpress401 vues
Diaposi de multi 1 par Vanesa Pozo Soliz
Diaposi de multi 1Diaposi de multi 1
Diaposi de multi 1
Vanesa Pozo Soliz339 vues
Sistema Circulatório par Ranlig
Sistema CirculatórioSistema Circulatório
Sistema Circulatório
Ranlig2.4K vues
Socialnetstatusquo16marzo 12.00 par Massimo Micucci
Socialnetstatusquo16marzo 12.00Socialnetstatusquo16marzo 12.00
Socialnetstatusquo16marzo 12.00
Massimo Micucci418 vues
Clase 8 2 multi y divi par dianamilena111
Clase 8 2 multi y diviClase 8 2 multi y divi
Clase 8 2 multi y divi
dianamilena1111.1K vues
Presentacion españa 2013 par x1training
Presentacion españa 2013Presentacion españa 2013
Presentacion españa 2013
x1training452 vues
Urbanismo par diana271293
UrbanismoUrbanismo
Urbanismo
diana271293372 vues
Social Media in der Betriebsorganiation par Tobias Mitter
Social Media in der BetriebsorganiationSocial Media in der Betriebsorganiation
Social Media in der Betriebsorganiation
Tobias Mitter618 vues
Web Trends Brandon Hall par Janet Clarey
Web Trends Brandon HallWeb Trends Brandon Hall
Web Trends Brandon Hall
Janet Clarey791 vues
Despacho organizac3a7c3a3o-ano-letivo-2013 2014 par mcelpais
Despacho organizac3a7c3a3o-ano-letivo-2013 2014Despacho organizac3a7c3a3o-ano-letivo-2013 2014
Despacho organizac3a7c3a3o-ano-letivo-2013 2014
mcelpais658 vues
SecondScreen Umfrage an der HdM Stuttgart SS13 par Anna_Vorderdoerfler
SecondScreen Umfrage an der HdM Stuttgart SS13SecondScreen Umfrage an der HdM Stuttgart SS13
SecondScreen Umfrage an der HdM Stuttgart SS13
Anna_Vorderdoerfler303 vues
طريق التفكير المنطقى par guestbfd7302
طريق التفكير المنطقىطريق التفكير المنطقى
طريق التفكير المنطقى
guestbfd7302320 vues
[FR] ParisJS en 2 minutes par Thomas Bassetto
[FR] ParisJS en 2 minutes[FR] ParisJS en 2 minutes
[FR] ParisJS en 2 minutes
Thomas Bassetto440 vues
Modelos Multi-Higgs par Pablo Vasconcelos
Modelos Multi-HiggsModelos Multi-Higgs
Modelos Multi-Higgs
Pablo Vasconcelos320 vues
Chinese Manufacturer Pos System,Barcode scanner,Thermal Printer,POS Keyboard par lanpos
Chinese Manufacturer Pos System,Barcode scanner,Thermal Printer,POS KeyboardChinese Manufacturer Pos System,Barcode scanner,Thermal Printer,POS Keyboard
Chinese Manufacturer Pos System,Barcode scanner,Thermal Printer,POS Keyboard
lanpos1.4K vues
Projeto de Apredizagem par marise brandao
Projeto de ApredizagemProjeto de Apredizagem
Projeto de Apredizagem
marise brandao303 vues
ApresentaçãO Multi 09.09.2008 par vivian_elizabeth
ApresentaçãO Multi 09.09.2008ApresentaçãO Multi 09.09.2008
ApresentaçãO Multi 09.09.2008
vivian_elizabeth307 vues
Glossário do-marketing-digital par Flavio Henrique
Glossário do-marketing-digitalGlossário do-marketing-digital
Glossário do-marketing-digital
Flavio Henrique522 vues
Duxxi v19 final_portugues par Duxxi
Duxxi v19 final_portuguesDuxxi v19 final_portugues
Duxxi v19 final_portugues
Duxxi687 vues

Similaire à Wifi

Wifi vignan final par
Wifi vignan finalWifi vignan final
Wifi vignan finalPREMKUMAR
562 vues27 diapositives
Wireless and how safe are you par
Wireless and how safe are youWireless and how safe are you
Wireless and how safe are youMarcus Dempsey
741 vues30 diapositives
Wi fi security par
Wi fi securityWi fi security
Wi fi securityVirendra Thakur
1.9K vues20 diapositives
Recent Trends in Wireless communication par
Recent Trends in Wireless communicationRecent Trends in Wireless communication
Recent Trends in Wireless communicationJigsAshley
12 vues88 diapositives
Wireless Network security par
Wireless Network securityWireless Network security
Wireless Network securityFathima Rahaman
558 vues29 diapositives
4 wifi security par
4 wifi security4 wifi security
4 wifi securityal-sari7
1.1K vues27 diapositives

Similaire à Wifi(20)

Wifi vignan final par PREMKUMAR
Wifi vignan finalWifi vignan final
Wifi vignan final
PREMKUMAR562 vues
Wireless and how safe are you par Marcus Dempsey
Wireless and how safe are youWireless and how safe are you
Wireless and how safe are you
Marcus Dempsey741 vues
Wi fi security par Virendra Thakur
Wi fi securityWi fi security
Wi fi security
Virendra Thakur1.9K vues
Recent Trends in Wireless communication par JigsAshley
Recent Trends in Wireless communicationRecent Trends in Wireless communication
Recent Trends in Wireless communication
JigsAshley12 vues
Wireless Network security par Fathima Rahaman
Wireless Network securityWireless Network security
Wireless Network security
Fathima Rahaman558 vues
4 wifi security par al-sari7
4 wifi security4 wifi security
4 wifi security
al-sari71.1K vues
2nd lec wireless terminologies par Inocentshuja Ahmad
2nd lec wireless terminologies2nd lec wireless terminologies
2nd lec wireless terminologies
Inocentshuja Ahmad213 vues
Topic 4.0 wireless technology par Atika Zaimi
Topic 4.0 wireless technologyTopic 4.0 wireless technology
Topic 4.0 wireless technology
Atika Zaimi423 vues
Wifi- technology_moni par MD MONIRUZZAMAN
Wifi- technology_moniWifi- technology_moni
Wifi- technology_moni
MD MONIRUZZAMAN872 vues
Embedded Systems: Lecture 8: Lab 1: Building a Raspberry Pi Based WiFi AP par Ahmed El-Arabawy
Embedded Systems: Lecture 8: Lab 1: Building a Raspberry Pi Based WiFi APEmbedded Systems: Lecture 8: Lab 1: Building a Raspberry Pi Based WiFi AP
Embedded Systems: Lecture 8: Lab 1: Building a Raspberry Pi Based WiFi AP
Ahmed El-Arabawy2.3K vues
Wi fi technology par Himanshu Shakyawar
Wi fi technologyWi fi technology
Wi fi technology
Himanshu Shakyawar1.4K vues
Wi fi presentation par Purushottam Naidu
Wi fi presentationWi fi presentation
Wi fi presentation
Purushottam Naidu458 vues
Shashank wireless lans security par Shashank Srivastava
Shashank wireless lans securityShashank wireless lans security
Shashank wireless lans security
Shashank Srivastava760 vues
Wireless Security.ppt par NotSure11
Wireless Security.pptWireless Security.ppt
Wireless Security.ppt
NotSure1112 vues
Wireless Security.ppt par Mavaz
Wireless Security.pptWireless Security.ppt
Wireless Security.ppt
Mavaz7 vues
Wireless networking par Online
Wireless networkingWireless networking
Wireless networking
Online 47.3K vues
Wireless networks par Derick Ochia
Wireless networksWireless networks
Wireless networks
Derick Ochia191 vues
Wireless Networks.ppt par xdarlord
Wireless Networks.pptWireless Networks.ppt
Wireless Networks.ppt
xdarlord4 vues
WPA3 - What is it good for? par Tom Isaacson
WPA3 - What is it good for?WPA3 - What is it good for?
WPA3 - What is it good for?
Tom Isaacson1.2K vues
Wi Fi Technology par Alok Pandey (AP)
Wi Fi TechnologyWi Fi Technology
Wi Fi Technology
Alok Pandey (AP)826 vues

Wifi

  • 3. Agenda Introduction Wi-Fi Technologies Wi-Fi Architecture Wi-Fi Network Elements How a Wi-Fi Network Works Wi-Fi Network Topologies Wi-Fi Configurations Applications of Wi-Fi Wi-Fi Security Advantages/ Disadvantages of Wi-Fi
  • 4. Introduction • Wireless Technology is an alternative to Wired Technology, which is commonly used, for connecting devices in wireless mode. • Wi-Fi (Wireless Fidelity) is a generic term that refers to the IEEE 802.11 communications standard for Wireless Local Area Networks (WLANs). • Wi-Fi Network connect computers to each other, to the internet and to the wired network.
  • 5. The Wi-Fi Technology Wi-Fi Networks use Radio Technologies to transmit & receive data at high speed: IEEE 802.11b IEEE 802.11a IEEE 802.11g
  • 6. IEEE 802.11b • Appear in late 1999 • Operates at 2.4GHz radio spectrum • 11 Mbps (theoretical speed) - within 30 m Range • 4-6 Mbps (actual speed) • 100 -150 feet range • Most popular, Least Expensive • Interference from mobile phones and Bluetooth devices which can reduce the transmission speed.
  • 7. IEEE 802.11a • Introduced in 2001 • Operates at 5 GHz (less popular) • 54 Mbps (theoretical speed) • 15-20 Mbps (Actual speed) • 50-75 feet range • More expensive • Not compatible with 802.11b
  • 8. Components of Wi-Fi Access point Adapters
  • 9. Wi-Fi Antenna Wi-Fi Bridge
  • 10. PCI cards that accept wireless PC cards External USB wireless NICs
  • 11. How a Wi-Fi Network Works • Basic concept is same as Walkie talkies. • A Wi-Fi hotspot is created by installing an access point to an internet connection. • An access point acts as a base station. • When Wi-Fi enabled device encounters a hotspot the device can then connect to that network wirelessly. • A single access point can support up to 30 users and can function within a range of 100 – 150 feet indoors and up to 300 feet outdoors. • Many access points can be connected to each other via Ethernet cables to create a single large network.
  • 12. Wi-Fi Network Topologies • AP-based topology (Infrastructure Mode) • Peer-to-peer topology (Ad-hoc Mode) • Point-to-multipoint bridge topology
  • 13. AP-based topology • The client communicate through Access Point. • BSA-RF coverage provided by an AP. • ESA-It consists of 2 or more BSA. • ESA cell includes 10-15% overlap to allow roaming.
  • 14. Peer-to-peer topology • AP is not required. • Client devices within a cell can communicate directly with each other. • It is useful for setting up of a wireless network quickly and easily.
  • 15. Point-to-multipoint bridge topology This is used to connect a LAN in one building to a LANs in other buildings even if the buildings are miles apart.These conditions receive a clear line of sight between buildings. The line-of-sight range varies based on the type of wireless bridge and antenna used as well as the environmental conditions.
  • 20. Wi-Fi Applications • Home • Small Businesses or SOHO • Large Corporations & Campuses • Health Care • Wireless ISP (WISP) • Travellers
  • 21. Wi-Fi Security Threats • Wireless technology doesn’t remove any old security issues, but introduces new ones • Eavesdropping • Man-in-the-middle attacks • Denial of Service
  • 22. Eavesdropping • Easy to perform, almost impossible to detect • By default, everything is transmitted in clear text • Usernames, passwords, content ... • No security offered by the transmission medium • Different tools available on the internet • Network sniffers, protocol analysers . . . • Password collectors • With the right equipment, it’s possible to eavesdrop traffic from few kilometers away
  • 23. MITM Attack 1. Attacker spoofes a disassociate message from the victim 2. The victim starts to look for a new access point, and the attacker advertises his own AP on a different channel, using the real AP’s MAC address 3. The attacker connects to the real AP using victim’s MAC address
  • 24. Denial of Service • Attack on transmission frequecy used • Frequency jamming • Not very technical, but works • Attack on MAC layer • Spoofed deauthentication / disassociation messages • can target one specific user • Attacks on higher layer protocol (TCP/IP protocol) • SYN Flooding
  • 25. Wi-Fi Security The requirements for Wi-Fi network security can be broken down into two primary components: • Authentication  User Authentication  Server Authentication • Privacy
  • 26. Authentication • Keeping unauthorized users off the network • User Authentication • Authentication Server is used • Username and password • Risk: • Data (username & password) send before secure channel established • Prone to passive eavesdropping by attacker • Solution • Establishing a encrypted channel before sending username and password
  • 27. Authentication (cont..) • Server Authentication • Digital Certificate is used • Validation of digital certificate occurs automatically within client software
  • 28. Wi-Fi Security Techniques • Service Set Identifier (SSID) • Wired Equivalent Privacy (WEP) • 802.1X Access Control • Wireless Protected Access (WPA) • IEEE 802.11i
  • 29. Service Set Identifier (SSID) • SSID is used to identify an 802.11 network • It can be pre-configured or advertised in beacon broadcast • It is transmitted in clear text • Provide very little security
  • 30. Wired Equivalent Privacy (WEP) • Provide same level of security as by wired network • Original security solution offered by the IEEE 802.11 standard • Uses RC4 encryption with pre-shared keys and 24 bit initialization vectors (IV) • key schedule is generated by concatenating the shared secret key with a random generated 24-bit IV • 32 bit ICV (Integrity check value) • No. of bits in keyschedule is equal to sum of length of the plaintext and ICV
  • 31. Wired Equivalent Privacy (WEP) (cont.) • 64 bit preshared key-WEP • 128 bit preshared key-WEP2 • Encrypt data only between 802.11 stations.once it enters the wired side of the network (between access point) WEP is no longer valid • Security Issue with WEP • Short IV • Static key • Offers very little security at all
  • 32. 802.1x Access Control • Designed as a general purpose network access control mechanism • Not Wi-Fi specific • Authenticate each client connected to AP (for WLAN) or switch port (for Ethernet) • Authentication is done with the RADIUS server, which ”tells” the access point whether access to controlled ports should be allowed or not • AP forces the user into an unauthorized state • user send an EAP start message • AP return an EAP message requesting the user’s identity • Identity send by user is then forwared to the authentication server by AP • Authentication server authenticate user and return an accept or reject message back to the AP • If accept message is return, the AP changes the client’s state to authorized and normal traffic flows
  • 34. Wireless Protected Access (WPA) • WPA is a specification of standard based, interoperable security enhancements that strongly increase the level of data protection and access control for existing and future wireless LAN system. • User Authentication • 802.1x • EAP • TKIP (Temporal Key Integrity Protocol) encryption • RC4, dynamic encryption keys (session based) • 48 bit IV • per packet key mixing function • Fixes all issues found from WEP • Uses Message Integrity Code (MIC) Michael • Ensures data integrity • Old hardware should be upgradeable to WPA
  • 35. Wireless Protected Access (WPA)(cont.) • WPA comes in two flavors • WPA-PSK • use pre-shared key • For SOHO environments • Single master key used for all users • WPA Enterprise • For large organisation • Most secure method • Unique keys for each user • Separate username & password for each user
  • 36. WPA and Security • Data is encrypted • Protection against eavesdropping and man-in-the- middle attacks • Denial of Service • Attack based on fake massages can not be used. • As a security precaution, if WPA equipment sees two packets with invalid MICs within a second, it disassociates all its clients, and stops all activity for a minute • Only two packets a minute enough to completely stop a wireless network
  • 37. 802.11i • Provides standard for WLAN security • Authentication • 802.1x • Data encryption • AES protocol is used • Secure fast handoff-This allow roaming between APs without requiring client to fully reauthenticate to every AP. • Will require new hardware
  • 38. Advantages • Mobility • Ease of Installation • Flexibility • Cost • Reliability • Security • Use unlicensed part of the radio spectrum • Roaming • Speed
  • 39. Limitations • Interference • Degradation in performance • High power consumption • Limited range