Wi-Fi Technology
AgendaIntroductionWi-Fi TechnologiesWi-Fi ArchitectureWi-Fi Network ElementsHow a Wi-Fi Network WorksWi-Fi Network Topolog...
Introduction•   Wireless Technology is an alternative to Wired    Technology, which is commonly used, for    connecting de...
The Wi-Fi TechnologyWi-Fi Networks use Radio Technologies totransmit & receive data at high speed:  IEEE 802.11b  IEEE 802...
IEEE 802.11b•   Appear in late 1999•   Operates at 2.4GHz radio spectrum•   11 Mbps (theoretical speed) - within 30 m Rang...
IEEE 802.11a•   Introduced in 2001•   Operates at 5 GHz (less popular)•   54 Mbps (theoretical speed)•   15-20 Mbps (Actua...
Components of Wi-FiAccess point                  Adapters
Wi-Fi Antenna                Wi-Fi Bridge
PCI cards that accept wireless PC cards                       External USB wireless NICs
How a Wi-Fi Network Works•   Basic concept is same as Walkie talkies.•   A Wi-Fi hotspot is created by installing an acces...
Wi-Fi Network Topologies•   AP-based topology (Infrastructure Mode)•   Peer-to-peer topology (Ad-hoc Mode)•   Point-to-mul...
AP-based topology•   The client communicate through Access Point.•   BSA-RF coverage provided by an AP.•   ESA-It consists...
Peer-to-peer topology•   AP is not required.•   Client devices within    a        cell       can    communicate directly  ...
Point-to-multipoint bridge topologyThis is used to connect a LAN in one building to a LANsin other buildings even if the b...
Wi-Fi Configurations
Wi-Fi Configurations
Wi-Fi Configurations
Wi-Fi communication
Wi-Fi Applications•   Home•   Small Businesses or SOHO•   Large Corporations & Campuses•   Health Care•   Wireless ISP (WI...
Wi-Fi Security Threats•   Wireless technology doesn’t remove any    old security issues, but introduces new    ones    •  ...
Eavesdropping•   Easy to perform, almost impossible to detect•   By default, everything is transmitted in clear text    • ...
MITM Attack1.   Attacker spoofes a     disassociate message     from the victim2.   The victim starts to     look for a ne...
Denial of Service•   Attack on transmission frequecy used    •   Frequency jamming    •   Not very technical, but works•  ...
Wi-Fi Security The requirements for Wi-Fi network  security can be broken down into two  primary components:• Authenticati...
Authentication•   Keeping unauthorized users off the network•   User Authentication    •   Authentication Server is used  ...
Authentication (cont..)•   Server Authentication    •   Digital Certificate is used    •   Validation of digital certifica...
Wi-Fi Security Techniques•   Service Set Identifier (SSID)•   Wired Equivalent Privacy (WEP)•   802.1X Access Control•   W...
Service Set Identifier (SSID)•   SSID is used to identify an 802.11 network•   It can be pre-configured or advertised in  ...
Wired Equivalent Privacy (WEP)•   Provide same level of security as by wired network•   Original security solution offered...
Wired Equivalent Privacy (WEP)            (cont.)•   64 bit preshared key-WEP•   128 bit preshared key-WEP2•   Encrypt dat...
802.1x Access Control•   Designed as a general purpose network access control mechanism    •   Not Wi-Fi specific•   Authe...
802.1x Access Control
Wireless Protected Access (WPA)•   WPA is a specification of standard based, interoperable security    enhancements that s...
Wireless Protected Access (WPA)(cont.)•   WPA comes in two flavors    •   WPA-PSK        •   use pre-shared key        •  ...
WPA and Security Threats•   Data is encrypted    •   Protection against eavesdropping and man-in-the-        middle attack...
802.11i•   Provides standard for WLAN security•   Authentication    •   802.1x•   Data encryption    •   AES protocol is u...
Advantages•   Mobility•   Ease of Installation•   Flexibility•   Cost•   Reliability•   Security•   Use unlicensed part of...
Limitations•   Interference•   Degradation in performance•   High power consumption•   Limited range
wi-fi technology
wi-fi technology
Upcoming SlideShare
Loading in …5
×

wi-fi technology

1,591 views

Published on

0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,591
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
168
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

wi-fi technology

  1. 1. Wi-Fi Technology
  2. 2. AgendaIntroductionWi-Fi TechnologiesWi-Fi ArchitectureWi-Fi Network ElementsHow a Wi-Fi Network WorksWi-Fi Network TopologiesWi-Fi ConfigurationsApplications of Wi-FiWi-Fi SecurityAdvantages/ Disadvantages of Wi-Fi
  3. 3. Introduction• Wireless Technology is an alternative to Wired Technology, which is commonly used, for connecting devices in wireless mode.• Wi-Fi (Wireless Fidelity) is a generic term that refers to the IEEE 802.11 communications standard for Wireless Local Area Networks (WLANs).• Wi-Fi Network connect computers to each other, to the internet and to the wired network.
  4. 4. The Wi-Fi TechnologyWi-Fi Networks use Radio Technologies totransmit & receive data at high speed: IEEE 802.11b IEEE 802.11a IEEE 802.11g
  5. 5. IEEE 802.11b• Appear in late 1999• Operates at 2.4GHz radio spectrum• 11 Mbps (theoretical speed) - within 30 m Range• 4-6 Mbps (actual speed)• 100 -150 feet range• Most popular, Least Expensive• Interference from mobile phones and Bluetooth devices which can reduce the transmission speed.
  6. 6. IEEE 802.11a• Introduced in 2001• Operates at 5 GHz (less popular)• 54 Mbps (theoretical speed)• 15-20 Mbps (Actual speed)• 50-75 feet range• More expensive• Not compatible with 802.11b
  7. 7. Components of Wi-FiAccess point Adapters
  8. 8. Wi-Fi Antenna Wi-Fi Bridge
  9. 9. PCI cards that accept wireless PC cards External USB wireless NICs
  10. 10. How a Wi-Fi Network Works• Basic concept is same as Walkie talkies.• A Wi-Fi hotspot is created by installing an access point to an internet connection.• An access point acts as a base station.• When Wi-Fi enabled device encounters a hotspot the device can then connect to that network wirelessly.• A single access point can support up to 30 users and can function within a range of 100 – 150 feet indoors and up to 300 feet outdoors.• Many access points can be connected to each other via Ethernet cables to create a single large network.
  11. 11. Wi-Fi Network Topologies• AP-based topology (Infrastructure Mode)• Peer-to-peer topology (Ad-hoc Mode)• Point-to-multipoint bridge topology
  12. 12. AP-based topology• The client communicate through Access Point.• BSA-RF coverage provided by an AP.• ESA-It consists of 2 or more BSA.• ESA cell includes 10-15% overlap to allow roaming.
  13. 13. Peer-to-peer topology• AP is not required.• Client devices within a cell can communicate directly with each other.• It is useful for setting up of a wireless network quickly and easily.
  14. 14. Point-to-multipoint bridge topologyThis is used to connect a LAN in one building to a LANsin other buildings even if the buildings are milesapart.These conditions receive a clear line of sightbetween buildings. The line-of-sight range varies basedon the type of wireless bridge and antenna used as wellas the environmental conditions.
  15. 15. Wi-Fi Configurations
  16. 16. Wi-Fi Configurations
  17. 17. Wi-Fi Configurations
  18. 18. Wi-Fi communication
  19. 19. Wi-Fi Applications• Home• Small Businesses or SOHO• Large Corporations & Campuses• Health Care• Wireless ISP (WISP)• Travellers
  20. 20. Wi-Fi Security Threats• Wireless technology doesn’t remove any old security issues, but introduces new ones • Eavesdropping • Man-in-the-middle attacks • Denial of Service
  21. 21. Eavesdropping• Easy to perform, almost impossible to detect• By default, everything is transmitted in clear text • Usernames, passwords, content ... • No security offered by the transmission medium• Different tools available on the internet • Network sniffers, protocol analysers . . . • Password collectors• With the right equipment, it’s possible to eavesdrop traffic from few kilometers away
  22. 22. MITM Attack1. Attacker spoofes a disassociate message from the victim2. The victim starts to look for a new access point, and the attacker advertises his own AP on a different channel, using the real AP’s MAC address3. The attacker connects to the real AP using victim’s MAC address
  23. 23. Denial of Service• Attack on transmission frequecy used • Frequency jamming • Not very technical, but works• Attack on MAC layer • Spoofed deauthentication / disassociation messages • can target one specific user• Attacks on higher layer protocol (TCP/IP protocol) • SYN Flooding
  24. 24. Wi-Fi Security The requirements for Wi-Fi network security can be broken down into two primary components:• Authentication  User Authentication  Server Authentication• Privacy
  25. 25. Authentication• Keeping unauthorized users off the network• User Authentication • Authentication Server is used • Username and password • Risk: • Data (username & password) send before secure channel established • Prone to passive eavesdropping by attacker • Solution • Establishing a encrypted channel before sending username and password
  26. 26. Authentication (cont..)• Server Authentication • Digital Certificate is used • Validation of digital certificate occurs automatically within client software
  27. 27. Wi-Fi Security Techniques• Service Set Identifier (SSID)• Wired Equivalent Privacy (WEP)• 802.1X Access Control• Wireless Protected Access (WPA)• IEEE 802.11i
  28. 28. Service Set Identifier (SSID)• SSID is used to identify an 802.11 network• It can be pre-configured or advertised in beacon broadcast• It is transmitted in clear text • Provide very little security
  29. 29. Wired Equivalent Privacy (WEP)• Provide same level of security as by wired network• Original security solution offered by the IEEE 802.11 standard• Uses RC4 encryption with pre-shared keys and 24 bit initialization vectors (IV)• key schedule is generated by concatenating the shared secret key with a random generated 24-bit IV• 32 bit ICV (Integrity check value)• No. of bits in keyschedule is equal to sum of length of the plaintext and ICV
  30. 30. Wired Equivalent Privacy (WEP) (cont.)• 64 bit preshared key-WEP• 128 bit preshared key-WEP2• Encrypt data only between 802.11 stations.once it enters the wired side of the network (between access point) WEP is no longer valid• Security Issue with WEP • Short IV • Static key• Offers very little security at all
  31. 31. 802.1x Access Control• Designed as a general purpose network access control mechanism • Not Wi-Fi specific• Authenticate each client connected to AP (for WLAN) or switch port (for Ethernet)• Authentication is done with the RADIUS server, which ”tells” the access point whether access to controlled ports should be allowed or not • AP forces the user into an unauthorized state • user send an EAP start message • AP return an EAP message requesting the user’s identity • Identity send by user is then forwared to the authentication server by AP • Authentication server authenticate user and return an accept or reject message back to the AP • If accept message is return, the AP changes the client’s state to authorized and normal traffic flows
  32. 32. 802.1x Access Control
  33. 33. Wireless Protected Access (WPA)• WPA is a specification of standard based, interoperable security enhancements that strongly increase the level of data protection and access control for existing and future wireless LAN system.• User Authentication • 802.1x • EAP• TKIP (Temporal Key Integrity Protocol) encryption • RC4, dynamic encryption keys (session based) • 48 bit IV • per packet key mixing function • Fixes all issues found from WEP• Uses Message Integrity Code (MIC) Michael • Ensures data integrity• Old hardware should be upgradeable to WPA
  34. 34. Wireless Protected Access (WPA)(cont.)• WPA comes in two flavors • WPA-PSK • use pre-shared key • For SOHO environments • Single master key used for all users • WPA Enterprise • For large organisation • Most secure method • Unique keys for each user • Separate username & password for each user
  35. 35. WPA and Security Threats• Data is encrypted • Protection against eavesdropping and man-in-the- middle attacks• Denial of Service • Attack based on fake massages can not be used. • As a security precaution, if WPA equipment sees two packets with invalid MICs within a second, it disassociates all its clients, and stops all activity for a minute • Only two packets a minute enough to completely stop a wireless network
  36. 36. 802.11i• Provides standard for WLAN security• Authentication • 802.1x• Data encryption • AES protocol is used• Secure fast handoff-This allow roaming between APs without requiring client to fully reauthenticate to every AP.• Will require new hardware
  37. 37. Advantages• Mobility• Ease of Installation• Flexibility• Cost• Reliability• Security• Use unlicensed part of the radio spectrum• Roaming• Speed
  38. 38. Limitations• Interference• Degradation in performance• High power consumption• Limited range

×