• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
wlan-tutorial-031402..
 

wlan-tutorial-031402..

on

  • 1,510 views

 

Statistics

Views

Total Views
1,510
Views on SlideShare
1,253
Embed Views
257

Actions

Likes
1
Downloads
65
Comments
0

4 Embeds 257

http://www.ustudy.in 230
http://ustudy.in 23
http://www.slideshare.net 3
http://translate.googleusercontent.com 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • Hello, I’m Chris Tracy. Welcome to the Wireless Tutorial. I am a recent graduate of Pitt with a degree in Computer Engineering. Currently I’m the senior network engineer at Telerama Internet. Telerama is a local ISP who is currently providing wireless access at various businesses in the city of Pittsburgh. We are setting up access points in or near locations such as restaurants and cafes and other points of interest. Our system is currently in testing and you can visit any of these locations and get on-line in a matter of minutes for free. More details will be given at the very end of this presentation.
  • 802.11b devices we have here today: Linksys WAP11 (seems to be everyone’s favorite right now, cheap, reliable, and manageable) SMC 2652W (has issues, not manageable) Hyperlink 1W antenna We don’t have any handheld wireless devices to play with except our cell phones. I haven’t had a chance to mess around with wireless palms but I have messed around with palm-top portable PCs like the HP Jornada, etc... The HP Jornada + Orinoco card has some compatibility issues with the SMC I remember.
  • Any of these topics could consume many hours of discussion so we are going to limit ourselves to 802.11.
  • Members of the 802.11 working group felt that a choice of PHY layer implementations was necessary so that systems designers can choose a technology that matches the price, performance, and operations profile of a specific application. These choices are exactly analogous to choices such as 10Base-T, 10Base-2, and 100Base-T in the extremely successful Ethernet arena. Moreover, enterprise LANs will regularly mix wired Ethernet and wireless nodes with no logical distinction between the two. So at the PHY layer, IEEE 802.11 defines three physical characteristics for wireless local area networks: diffused infrared, direct sequence spread spectrum (DSSS), and frequency hopping spread spectrum (FHSS). The infrared PHY layer provides for peak data rates of 1 Mbps (in 850 nanometer spectrum) with an optional 2-Mbps rate, and relies on pulse position modulation (PPM).
  • Spread spectrum products are so named because they spread their transmitted signal over a wide range of the spectrum. They therefore avoid concentrating power in a single narrow frequency band. There are two main alternatives, Direct Sequence Spread Spectrum (DSSS) and Frequency Hopping Spread Spectrum (FHSS). Though both DSSS and FHSS (also known as Radio Frequency) artificially spread the transmission band so that the transmitted signal can be accurately received and decoded in the face of noise the two RF PHY layers, however, approach the spreading task in significantly different ways. FHSS systems essentially use conventional narrowband data transmission techniques, but regularly change the frequency at which they transmit. The systems hop at a fixed time interval around a spread or wideband using different center frequencies in a predetermined sequence. The hopping phenomena allows the FHSS system to avoid narrowband noise in portions of the transmission band.
  • DSSS systems, meanwhile, artificially broaden the bandwidth needed to transmit a signal by modulating the data stream with a spreading code. The receiver can detect error-free data even if noise persists in portions of the transmission band. In 802.11, the DSSS PHY layer defines peak data rates of both 1 Mbps and 2 Mbps. The former uses differential binary phase shift keying (DBPSK) and the latter uses differential quadrature phase shift keying (DQPSK). The standard defines the FHSS PHY layer to operate at 2 Mbps with fallback to 1 Mbps in extremely noisy environments, and allows for optional 2-Mbps operation. The PHY layer uses 2- or 4-level Gaussian frequency shift keying (GFSK) modulation. DSSS and FHSS operate at 1 Mbps or 2 Mbps in the 2.4-GHz to 2.4835-GHz spectrum. This frequency band (2.4GHz to 2.4835GHZ) is part of the ISM band, a global band primarily set aside for industrial, scientific and medical use, but can be used for operating wireless LAN devices without the need for end-user licenses. In order for wireless devices to be interoperable they have to conform to the same PHY standard.
  • DSSS systems, meanwhile, artificially broaden the bandwidth needed to transmit a signal by modulating the data stream with a spreading code. The receiver can detect error-free data even if noise persists in portions of the transmission band. In 802.11, the DSSS PHY layer defines peak data rates of both 1 Mbps and 2 Mbps. The former uses differential binary phase shift keying (DBPSK) and the latter uses differential quadrature phase shift keying (DQPSK). The standard defines the FHSS PHY layer to operate at 2 Mbps with fallback to 1 Mbps in extremely noisy environments, and allows for optional 2-Mbps operation. The PHY layer uses 2- or 4-level Gaussian frequency shift keying (GFSK) modulation. DSSS and FHSS operate at 1 Mbps or 2 Mbps in the 2.4-GHz to 2.4835-GHz spectrum. This frequency band (2.4GHz to 2.4835GHZ) is part of the ISM band, a global band primarily set aside for industrial, scientific and medical use, but can be used for operating wireless LAN devices without the need for end-user licenses. In order for wireless devices to be interoperable they have to conform to the same PHY standard. 1Mbps is done using Binary Phase Shift Keying 2Mbps uses Quadrature Phase Shift Keying (QPSK) 5.5 & 11Mbps use Complementary Sequences (vs. Barker code) then uses QPSK
  • IFS is imporant: The period between completion of packet transmission and start of the ACK frame is one Short Inter Frame Space (SIFS). ACK frames have a higher priority than other traffic. Fast acknowledgement is one of the salient features of the 802.11 standard, because it requires ACKs to be handled at the MAC sublayer. Transmissions other than ACKs must wait at least one DCF inter frame space (DIFS) before transmitting data. If a transmitter senses a busy medium, it determines a random back-off period by setting an internal timer to an integer number of slot times.
  • not going into the pcf or the dcf, see the standard for more information if you want it...
  • Regardless of the type of PHY chosen, IEEE 802.11 supports three basic topologies for WLANs—the Independent Basic Service Set (IBSS), the Basic Service Set (BSS), and the Extended Service Set (ESS).
  • IBSS configurations are also referred to as an independent configuration or an ad-hoc network. Logically, an IBSS configuration is analogous to a peer-to-peer office network in which no single node is required to function as a server. IBSS WLANs include a number of nodes or wireless stations that communicate directly with one another on an ad-hoc, peer-to-peer basis. Thus it contains set of wireless stations that communicate directly with one another without using an access point or any connection to a wired network. It is useful for quickly and easily setting up a wireless network at anyplace where a wireless infrastructure does not exist or is not required for services, such as a hotel room, convention center, or airport, or where access to the wired network is barred (such as for consultants at a client site). Generally, IBSS implementations cover a limited area and aren’t connected to any larger network
  • BSS consists of at least one access point connected to the wired network infrastructure and a set of wireless end stations. This configuration is called a Basic Service Set (BSS). Thus, BSS configurations rely on an Access Point (AP) that acts as the logical server for a single WLAN cell or channel. Communications between node A and node B actually flow from node A to the AP and then from the AP to node B.
  • An Extended Service Set (ESS) consists of a series of overlapping BSSs (each containing AP) connected together by means of a Distributed System (DS). Although the DS could be any type of network, it is almost invariably an Ethernet LAN. Mobile nodes can roam between APs and like this seamless campus-wide coverage is possible. Since most corporate WLANs require access to the wired LAN for services (file servers, printers, Internet links) they will operate in BSS/ESS topology. Note that WLAN can be used either to replace wired LANs, or as an extension of the wired LAN infrastructure. 802.11 defines two pieces of equipment, a wireless station, which is normally a PC equipped with a wireless network interface card (NIC), and an access point (AP). AP acts as a bridge between the wireless and wired networks. It usually consists of a radio, a wired network interface (e.g., 802.3), and bridging software conforming to the 802.1d bridging standard. The access point acts as the base station for the wireless network, aggregating access for multiple wireless stations onto the wired network. Wireless end stations can be 802.11 PC Card, PCI, or ISA NICs, or embedded solutions in non-PC clients (such as an 802.11-based telephone handset).
  • * key generators: for 40-bit keys, folding of keys gaurantees only 2^21 unique sets of WEP keys 128-bit keys not really affected by this problem * keystream reuse: shared key is static and rarely changed randomness of key stream depends on initialization vector (IV) 2^24 possible IVs, so repeated after ~16 million packets collisions cause keystream reuse as well, most clients reset IV to 0 and increment by 1 for each packet * key scheduling algorithm: given 1-8 million packets, attacker can gain access Main problem is a weakness in the way the RC4 encryption algorithm is implemented in WEP. By having a “known” plaintext prepended on the key (I.e., the IV), it leads to weak keys that will generate known ciphertext output from the RC4 engine. A llows the attacker to "reverse engineer" the secret key from encrypted packets * message authentication: CRC chosen for authentication is weak, designed for error detection can inject/modify messages so they have the same CRC but is not the same message as what was sent
  • Radiation pattern of directional antennas depends on the type of antenna you have...
  • Radiation pattern of directional antennas depends on the type of antenna you have... In addition to getting external antennas... Need card that supports external antennas (Orinoco for example) Must orient the antennas as well

wlan-tutorial-031402.. wlan-tutorial-031402.. Presentation Transcript

  • present: A Wireless Tutorial by Chris Tracy The Pittsburgh SAGE Group and
  • Before We Get Started
    • Testing: can everyone hear and see OK?
    • Stop me and ask questions if anything seems confusing or incorrect.
    • There will be a Questions & Answers session afterwards, but feel free to ask questions during the presentation.
  • Meeting Contents
    • What we will discuss in this meeting:
      • IEEE 802.11 wireless LAN (WLAN) services
        • Understanding wireless networking services for laptops and some handheld devices
        • Security, configuration and usage of wireless networking services
      • IEEE 802.11[ag] high-speed WLAN services
        • The upcoming high-speed physical layer(s)
      • Features & usage of a few select 802.11b devices
  • Meeting Contents
    • What we will not discuss in this meeting:
      • In-depth Radio Frequency (RF) concepts
      • Cellular wireless services/protocols
        • i.e. AMPS, IMPS, CDMA, CDPD, PCS, TDMA
      • Non-IEEE 802.11 wireless standards
        • i.e. GSM, Bluetooth, HomeRF, satellite
      • An exhaustive evaluation of every wireless device and provider
  • Meeting Objectives
    • After this meeting, we are hoping that you are able to:
      • Understand the major protocols and standards used by wireless LANs (WLANs)
      • Identify important features and configuration options associated with access points (APs) and client cards
      • Recognize the major security threats to wireless IP networks
  • What is IEEE 802.11?
    • IEEE:
      • Institute of Electrical and Electronics Engineers
    • 802.11:
      • Family of standards set forth by the IEEE to define the specifications for wireless LANs
      • Defines:
        • Medium Access Control (MAC)
        • Physical Layer (PHY) Specifications
  • IEEE 802.11 and the ISO stack
  • What is IEEE 802.11?
    • Local, high-speed wireless connectivity for fixed, portable and moving stations
      • stations can be moving at pedestrian and vehicular speeds
    • Standard promises interoperability
      • vendors products on the same physical layer should interoperate
    • Targetted for use in
      • inside buildings, outdoor areas, anywhere!
  • IEEE 802.11
    • Uses Direct Sequence spread spectrum (DSSS) technology
      • Frequency-Hopping spread spectrum (FHSS) can only be used for 1 or 2Mbps in US due to FCC regulations
    • Operates in unlicensed 2.4 GHz ISM band
      • ISM: Industrial, Scientific and Medical
      • ISM regulatory range:
        • 2.4 GHz to 2.4835 GHz for North America
  • IEEE 802.11
    • Supported Speeds and Distances
      • 1, 2, 5.5, 11 Mbps at distances of 150-2000 feet without special antenna
      • Greater distances can be achieved by using special antennas
      • Distance (or signal strength) greatly depends on obstructions such as buildings and other objects
      • Maximum speed obtained depends on signal strength
  • IEEE 802.11b
    • ‘ b’ in IEEE 802.11b
      • September 1999, 802.11b “High Rate” amendment was ratified by the IEEE
      • 802.11b amendment to 802.11 only affects the physical layer, basic artitecture is the same
        • Added two higher speeds
          • 5.5 and 11 Mbps
        • More robust connectivity
    • 802.11b is the current ‘favorite’ in 802.11
      • also known as Wi-Fi (Wireless Fidelity)
  • IEEE 802.11a
    • “ Fast Ethernet” standard of wireless LANs
    • Speeds of up to 54 Mbps
    • 5 GHz (U-NII band) instead of 2.4 GHz
      • Unlicensed National Information Infrastructure
    • OFDM instead of DSSS for encoding
      • Orthogonal Frequency Division Multiplexing
    • 802.11a products are now on the market
      • SMC 2735W AP, $128
      • Lucent Orinoco 802.11a/b AP-2000, $799
  • IEEE 802.11a
    • Advantages
      • higher speed
      • less RF interference than 2.4 GHz
        • 2.4 GHz used by Bluetooth, cordless/cellular phones, etc.
      • some interoperability, vendors currently have “dual-standard” 802.11a/b equipment
    • Disadvantages
      • shorter range, need to increase AP density or power 4X to compensate
  • IEEE 802.11g
    • Another high-speed standard
    • Viewed as a ‘step’ towards 802.11a
    • Speeds of up to 54 Mbps
      • may be more like 20+ Mbps
    • Still works at 2.4 GHz
      • not in the 5 GHz range like 802.11a
    • Advantages
      • compatible with 802.11b
      • better range than 802.11a, for now
  • IEEE 802.11e
    • Another upcoming standard for WLANs
      • adds quality-of-service features to MAC layer of 802.11b compatible networks
        • error correction
        • better bandwidth management
          • significantly improves multimedia performance
        • works around RF interference
          • handles interference by moving away from it
          • i.e., moves to a new frequency when interferenece from a 2.4 GHz cordless phone is detected
      • research has been going on for a little over a year
  • IEEE 802.11 and the ISO stack
  • IEEE 802.11 Physical Layer
    • 802.11 Physical Layer Specifications
      • include FHSS, DSSS, IR
    • PLCP: Physical Layer Convergence Protocol
      • interface used by the other physical layer specs
      • maps data units into a suitable framing format
    • PMD system: Physical Medium Dependent
      • defines the characteristics/method of Tx/Rx data through a wireless medium between 2 or more stations
  • IEEE 802.11 Physical Layer
    • Spread Spectrum
      • spreads the transmitted signal over a wide range of spectrum
      • avoids concentrating power in a single narrow frequency band
      • noise makes this necessary so that receiver can accurately decode the transmitted signal
      • 2 major approaches to spread spectrum:
        • FHSS: Frequency Hopping Spread Spectrum
        • DSSS: Direct Sequence Spread Spectrum
  • IEEE 802.11 Physical Layer
    • FHSS
      • hop to other frequencies at a fixed time interval using a predetermined sequence
      • the “hopping” allows the system to avoid noise
    • DSSS
      • a different approach: artifically broaden the bandwidth needed to transmit a signal by modulating the data with a spreading code
      • allows for error detection
  • IEEE 802.11 Physical Layer
    • DSSS
      • modules the data (XOR’d) with an 11-bit sequence called the Barker code
        • 10110111000
        • a good pattern for generating radio waves
      • moduated sequence is a series of data objects called chips
      • chips are sent out by the wireless radio
        • wireless radio modulates a 2.4 GHz wave
        • modulation techniques: Binary PSK, Quadrature PSK
  • IEEE 802.11 Data Link Layer
    • 2 Sublayers
      • Logical Link Control (LLC)
      • Media Access Control (MAC)
    • 802.11 uses the same 802.2 LLC
      • same 48-bit addressing as other 802 LANs
        • MAC address is 6 bytes or 48 bits
      • allows for simple bridging to wired networks
    • MAC sublayer is unique in 802.11
  • IEEE 802.11 MAC Sublayer
    • MAC: Regulates access to the medium
    • Wired IEEE 802 LANs use CSMA/CD
    • 802.11 uses CSMA/CA
    • CSMA: carrier sense multiple access
      • CD: with collision detection
      • CA: with collision avoidance
    • Collision detection is not possible in 802.11
      • near/far problem: can’t transmit and “hear” a collision at the same time
  • IEEE 802.11 MAC Sublayer
    • CSMA/CA avoids collisions by explicit packet acknowledgment (ACK)
      • station wishing to transmit first senses the medium
      • if no activity detected, station waits an additional, random amount of time then transmits if the medium is still free
      • ACK packet is sent by receiving station to confirm the data packet arrived intact
      • collision assumed if sending station doesn’t get ACK, data is retransmitted after a random time
  • IEEE 802.11 MAC Sublayer
    • Other unique features in 802.11
      • IFS: Inter Frame Space
        • time interval between frames
      • Handling hidden stations (hidden-node problem)
        • virtual carrier sense
      • Power management functions
      • Data security (MAC address, WEP)
        • WEP: Wired Equivalent Privacy
      • Multirate support
      • Fragmentation / Defragmentation
  • IEEE 802.11: A Closer Look
  • IEEE 802.11 Frame Types
    • Three types of frames
      • Control
        • RTS, CTS, ACK, Contention-Free (CF), PS-Poll
      • Management
        • Probe request/response
        • Beacon
          • supported rates, timestamp, traffic indication map
        • Authentication / deauthentication
        • Announcement traffic indication message (ATIM)
          • sent after each frame
      • Data
  • IEEE 802.11 Topologies
    • Three basic topologies for WLANs
      • IBSS: Independent Basic Service Set
      • BSS: Basic Service Set
      • ESS: Extended Service Set
    • Independent of type of PHY chosen
  • IEEE 802.11 IBSS
    • IBSS: Independent Basic Service Set
      • Peer-to-peer or ad-hoc network
      • Wireless stations communicate directly with one another
      • Generally are not connected to a larger network
      • No Access Point (AP)
  • IEEE 802.11 BSS
    • BSS: Basic Service Set
      • Infrastructure mode
      • An AP connects clients to a wired network
  • IEEE 802.11 ESS
    • ESS: Extended Service Set
      • Infrastructure mode
      • Consists of overlapping BSSs (each with an AP)
        • DS connects APs together, almost always Ethernet
        • ESS allows clients to seamlessly roam between APs
  • Access Points (APs)
    • Broadcasts service
      • uses beacon management frames
    • Number of clients supported
      • device dependent
        • memory size, congestion,
        • SMC2652W - 128 clients
        • Cisco Aironet 340 - 2,048 clients
  • Access Points (APs)
    • Usually connects wireless and wired networks
      • if not wired
        • acts as an extension point (wireless bridge)
    • Creation of ESS by overlapping AP coverage
      • allows roaming operation
      • APs should be on different channels
      • more coming up on this setup...
  • Access Points (APs)
    • Capacity and Bandwidth
      • Advertised maximum of 11 Mbps
        • Physical Layer Convergence Protocol (PLCP) is always transmitted at 1 Mbps.
        • Therefore, 802.11b will never be 100% efficient at the physical layer
        • Normally, 802.11b is about 85% efficient at the PHY
      • Other degrading factors include
        • distance, barriers, collisions, interference, congestion
  • Access Points (APs)
    • Capacity and Bandwidth
      • Possible to keep these higher by using these techniques
        • Reducing size of coverage areas
        • Reducing client-to-AP ratio
        • Using bandwidth aggregation
          • AP-to-client ratio
          • load balancing
  • Access Points (APs)
    • Roaming
      • More than 1 AP provides signals to a single client
      • Client is responsible for choosing the best AP
        • first, signal strength. second, network utilization.
      • When signal in use degrades, client tries to find another AP
        • if found, tries to authenticate and associate
  • Access Points (APs)
    • Configuration
      • Management usually done via
        • HTTP, Telnet, SNMP, serial interface
      • Configuring Security Settings
        • SSID: Service Set Identifier
        • WEP: Wired Equivalent Privacy
        • EAP: Extensible Authentication Protocol
      • Configuring Network Settings
        • DHCP: Dynamic Host Configuration Protocol
        • NAT: Network Address Translation
  • Access Points (APs)
    • How to setup a secure access point
      • Enable WEP or EAP
      • Change SSID and disable broadcast
      • Change the management password of your AP
        • some have 2: read-only as well as read-write
      • Use MAC address filtering
      • Consider not using DHCP
        • instead use fixed IP addresses for wireless NICs
      • Consider other mechanisms for privacy
        • PPTP, VPN, SSL, SSH
  • IEEE 802.11 Security
    • Authentication
      • Open system
      • Shared key
    • Authorization
      • MAC address
    • Privacy
      • WEP: Wired Equivalent Privacy
        • not going to talk about the details of how WEP works
        • see references at the end of this document for info
  • IEEE 802.11 Security
    • WEP: Wired Equivalent Privacy
      • many debates over its “secureness”
      • doesn’t encrypt the SSID
      • can be broken with brute-force attacks
        • need several million packets
      • WEP keys
        • can be decrypted from the Windows registry for Lucent Orinoco cards
        • are stored directly onto Cisco cards
        • can be easily retrieved in most situations if you are determined enough
  • IEEE 802.11 Security
  • IEEE 802.11 Security
    • WEP: Wired Equivalent Privacy
      • covers station-to-station transmission
      • uses RC4 security algorithm from RSA
      • relies on either 40-bit key to encrypt payload
    • Major weaknesses with WEP
      • key generators
      • keystream reuse
      • RC4 key scheduling algorithm
      • message authentication
  • IEEE 802.11 Security
    • Current WEP status
      • WEP2
        • Enhanced security at the MAC layer
        • Use AES instead of RC4
          • Advanced Encryption Standard
          • http://csrc.nist.gov/encryption/aes
          • New standard for encrypted communication used by the government and government organizations
        • Still a work in progress, for more information see:
          • http://grouper.ieee.org/groups/802/11/Reports/tgi_update.htm
        • Won’t be available for mainstream use for awhile
  • AirSnort and WepCrack
    • WLAN tool that recovers encryption keys
      • Exploits weakness in Key Scheduling Algorithm of RC4
      • Requires 5-10 million encrypted packets
      • Once enough packets have been gathered, can guess the encryption key in under a second
      • Runs under Linux, requires wlan-ng drivers
      • For more information:
        • http://airsnort.sourceforge.net/
        • http://wepcrack.sourceforge.net/
  • Antenna Basics
    • 2.4 GHz ISM Band
      • doesn’t require a license to transmit
      • antenna must be able to accept interference from other devices or users
    • Antenna placement
      • radiation pattern of antenna
        • determines where the signal can be picked up at
      • finding best place for antenna is not always easy
        • want to pick places that will maximize range for clients
        • minimize stray RF signals and interference
  • Antenna Basics
    • Ideal antennas
      • radiate equally in all directions
      • called “isotropic” or “isotropic radiator”
    • Real antennas
      • real world antennas are not ideal
        • have radiation patterns that concentrate the RF energy in different ways
        • omnidirectional antennas, also called a dipole
          • radiate in a donut shape, very common on APs
        • directional antennas, i.e., biquad
          • concentrates energy into a cone or a beam
  • PCMCIA Antennas
    • Tend to be very directional
    • Effective gain is very low
    • This is one reason your signal strength will change drastically with small changes in position
    • Nearly all client cards have only 1 radio
      • can’t listen and talk at the same time
      • half-duplex
    • Getting external antennas makes a big difference
  • Antenna Positioning
    • In general, should be mounted:
      • as high as possible
      • as clear from obstructions as possible
    • Best performance achieved when:
      • direct line of sight
      • Tx/Rx antennas are at the same height
    • Gaining coverage is achieved thru gain,
      • gain is measured in decibels (dBi)
  • Building Your Own AP
    • More than one method
      • Recipe for a Linux 802.11b home network
        • http://www.oreillynet.com/pub/a/wireless/2001/03/06/recipe.html
        • detailed explanation on setting up a Linux machine to perform AP functions
      • Floppy based wireless gateway
        • http://nocat.net/ezwrp.html
        • turns a machine with a wireless adapter and an ethernet card into a wireless gateway
        • many features
  • Building Your Own AP
    • Advantages
      • Great for educational and experience purposes
      • Some functionality is enhanced
        • firewalling features
        • authentication/authorization
    • Disadvantages
      • Some functionality is limited
        • some hardware/software combos only support IBSS
        • setup is time-consuming, requires a lot of experience
        • may not support as many clients as some APs
  • References
    • IEEE 802.11 Working Group Page
      • http://www.ieee802.org/11/
      • Can download the 802 standards here for FREE
      • Has links to all the latest 802.11 developments
    • Sniffing
      • http://www.sniffer.com/products/wireless/
      • http://www.robertgraham.com/pubs/sniffing-faq.html
      • http://www.wildpackets.com/products/airopeek
  • References
    • SystemExperts Corporation
      • Practical Wireless IP:
        • Concepts, Administration and Security
      • Brad C. Johnson & Philip Cox
      • http://www.systemexperts.com/tutorial.html
    • Anand Trivedi’s IEEE 802.11 Page
      • http://alpha.fdu.edu/~anandt/introduction.html
    • NoCatNet
      • http://nocat.net
  • Mailing Lists
    • Bay Area Wireless Users Group (BAWUG)
      • http://lists.bawug.org/mailman/listinfo/wireless/
    • O’Reilly
      • http://oreilly.wirelessdevnet.com/
    • Aironet
      • http://csl.cse.ucsc.edu/mailman/listinfo/aironet
  • Telerama Wireless
    • http://wireless.telerama.com
    • 11 locations currently
    • 6+ coming soon
    • Free introductory period
    • Grab a copy of our current locations here
    • 802.11b, SSID: TELERAMA
    • Chris Tracy Senior Network Engineer
    • [email_address]
    • (412) 688-3200
    • http://www.telerama.com