Chapter 7 : CCNA Cisco Academy: LAN Switching and Wireless.
This chapter discusses the basic wireless concepts:
- Comparison between WLAN and LAN.
- The difference between wireless PAN, LAN, MAN and WAN.
- Infrared and Radio Frequency (RF).
- Benefits and limitations of the wireless technology.
- Difference between licensed and unlicensed bands.
- Wi-Fi and the key organizations influencing WLAN standards.
- Wireless infrastructure components which are the wireless NIC, Wireless Access Points and wireless routers.
- The Hidden node problem.
- Configuration parameters SSID, network modes and channels.
- Wireless 802.11 typologies: Ad hoc (IBSS), BSS and ESS.
Client and Access Point Association: Beacons, probe, authenticate and associate.
- Threats to Wireless Security- Unauthorized Access: War Drivers, Hackers and employees.
- Man-in-the-Middle Attacks, Denial of Service.
- Wireless Security Protocol Overview: open authentication, WEP authentication.
- Encryption – TKIP and AES.
- Configuring the Wireless Access Point
- Configuring security: personal and enterprise (AAA and EAP ).
- WLAN Troubleshooting: Incorrect Channel Settings, Solving RF Interference, Access Point Misplacement and Authentication and Encryption
2. If you found any mistake’s’ on these slides or if you have any
other questions or comments, please feel free to contact me at:
abdu.elsaid@gmail.com or abdu.elsaid@yahoo.com
Linkedin : https://www.linkedin.com/in/AbdelkhalikMosa
Twitter : https://twitter.com/AbdelkhalikMosa
Facebook : https://www.facebook.com/Abdelkhalik.Mosa
Thanks,
Abdelkhalik Mosa
Suez Canal University
Faculty of Computers and Informatics - Ismailia - Egypt
Note …
3. Introduction
• Wireless technologies use electromagnetic waves to carry
information between devices.
• WLANs use radio frequencies (RF) instead of cables at the
Physical layer and MAC sub-layer of the Data Link layer.
5. Wireless PAN, LAN, MAN and WAN
PAN : Personal Area Networks
LAN : Local Area Networks
WLAN : Wireless Local Area Networks
MAN : Metropolitan Area Networks
WAN : Wide Area Networks
6. Introduction: Infrared
• Infrared (IR) is relatively low energy and cannot penetrate
through walls or other obstacles.
• A specialized communication port known as an Infrared Direct
Access (IrDA) port uses IR to exchange information between
devices.
• IR only allows a one-to-one type of connection.
• IR is also used for remote control devices, wireless mice, and
wireless keyboards.
• IR generally used for short-range, line-of-sight, communications.
7. Introduction: Radio Frequency (RF)
• RF waves can penetrate through walls and other obstacles,
allowing a much greater range than IR.
• Certain areas of the RF bands have been set aside for use by
unlicensed devices such as WLANs, and computer peripherals.
– This includes the 900 MHz, 2.4 GHz, and the 5 GHz frequency ranges.
These ranges are known as the ISM bands.
10. Wireless LANs (WLANs)
• 802.11 wireless LANs extend the 802.3 Ethernet LAN
infrastructures to provide additional connectivity options.
11. Wireless LAN Standards
• The governmental agencies in countries, license some frequency
bands, leaving some frequency bands unlicensed.
• Licensed bands:
– The most common are AM and FM radio, shortwave radio (for
police department communications), and mobile phones.
• Unlicensed frequencies:
– Can be used by all kinds of devices; however, the devices must
still conform to the rules set up by the regulatory agency.
• A device using an unlicensed band must use power levels at or
below a particular setting so as not to interfere too much with
other devices sharing that unlicensed band.
12. Wireless LAN Standards
• OFDM have faster data rates than DSSS.
• DSSS is simpler and less expensive to implement than OFDM.
13. Wireless Fidelity (Wi-Fi) Certification
• Wi-Fi Alliance, a global, nonprofit, industry trade association
devoted to promoting the growth and acceptance of WLANs.
• The Wi-Fi Alliance is an association of vendors whose objective is
to improve the interoperability of products that are based on the
802.11 standard.
• The Wi-Fi logo on a device means it meets standards and should
interoperate with other devices of the same standard.
• The three key organizations influencing WLAN standards are:
ITU-R regulates allocation of RF bands.
IEEE specifies how RF is modulated to carry info.
Wi-Fi ensures that vendors make devices that
are interoperable.
15. Wireless Infrastructure Components: Wireless Access Points
• An access point is a Layer 2 device that functions like a 802.3
Ethernet hub.
• An access point connects wireless clients to the wired LAN.
• Association is the process by which a client joins an 802.11
network.
• RF signals attenuate as they move away from their point of
origin, causing the Hidden node problem.
• One means of resolving the hidden node problem is a CSMA/CA
feature called request to send/clear to send (RTS/CTS).
25. Client and Access Point Association: Association
• Association: The process for establishing the data link between
an access point and a WLAN client.
26. Threats to Wireless Security: Unauthorized Access
• Major categories of threats that lead to unauthorized access:
1. War Drivers:
• Find open networks and use them to gain free internet
access.
2. Hackers:
• Exploit weak privacy measures to view sensitive WLAN
information and even break into WLANs.
3. Employees:
• Plug consumer-grade APIs/gateways into company
Ethernet ports to create their own WLANs.
29. Wireless Security Protocol Overview
• Open Authentication: no authentication.
• WEP authentication: was supposed to provide privacy to a link.
Static, crackable, and not scalable.
Cloaking SSIDs and filtering MAC addresses were used.
31. Authenticating to the Wireless LAN
• EAP is a framework for authenticating network access.
32. Encryption – TKIP and AES
• TKIP is the encryption method certified as WPA.
It encrypts the Layer 2 payload.
It carries out a message integrity check (MIC) in the encrypted
packet which ensures against a message being tampered with.
• AES is the encryption method certified as WPA2.
• PSK or PSK2 with TKIP is the same as WPA.
• PSK or PSK2 with AES is the same as WPA2.
• PSK2, without an encryption method, is the same as WPA2.
33. Controlling Access to the Wireless LAN
• The concept of depth means having multiple solutions available.
• Implement this three-step approach:
1. SSID cloaking: Disable SSID broadcasts from access points
2. MAC address filtering: Permit or deny clients based on their
MAC address
3. WLAN security implementation: WPA or WPA2.
• Neither SSID cloaking nor MAC address filtering are considered
a valid means of securing a WLAN for the following reasons:
1. MAC addresses are easily spoofed.
2. SSIDs are easily discovered even they aren’t broadcasted.