Final WiFi Technology
-
Upload
rakesh-bhalerao -
Category
Documents
-
view
219 -
download
0
Transcript of Final WiFi Technology
-
8/8/2019 Final WiFi Technology
1/27
WiWi--Fi TechnologyFi Technology
-
8/8/2019 Final WiFi Technology
2/27
AgendaAgenda
IntroductionIntroduction
HistoryHistory
WiWi--FiFi TechnologiesTechnologies
WiWi--FiFi NetworkNetwork ElementsElements HowHow aa WiWi--FiFi NetworkNetwork WorksWorks
WiWi--FiFi NetworkNetwork TopologiesTopologies
WiWi--FiFi ConfigurationsConfigurations
ApplicationsApplications ofof WiWi--FiFi WiWi--FiFi SecuritySecurity
Advantages/Advantages/ DisadvantagesDisadvantages ofof WiWi--FiFi
-
8/8/2019 Final WiFi Technology
3/27
IntroductionIntroduction
WirelessWireless TechnologyTechnology isis anan alternativealternative toto WiredWiredTechnology,Technology, whichwhich isis commonlycommonly used,used, for forconnectingconnecting devicesdevices inin wirelesswireless modemode..
WiWi--FiFi (Wireless(Wireless Fidelity)Fidelity) isis aa genericgeneric termterm thatthatrefersrefers toto thethe IEEEIEEE 802802..1111 communicationscommunicationsstandardstandard forfor WirelessWireless LocalLocal AreaArea NetworksNetworks(WLANs)(WLANs)..
WiWi--FiFi NetworkNetwork connectconnect computerscomputers toto eacheach other,other,toto thethe internetinternet andand toto thethe wiredwired networknetwork..
-
8/8/2019 Final WiFi Technology
4/27
HistoryHistory
In 1991 WiIn 1991 Wi--Fi was invented byFi was invented by NCR CorporationNCR Corporation
/ AT & T./ AT & T.
Under the name WaveLAN with speeds ofUnder the name WaveLAN with speeds of
1Mbps/2Mbps.1Mbps/2Mbps.
Initially meant for Cashier systems.Initially meant for Cashier systems.
Vic HayesVic Hayes who is the inventor of Wiwho is the inventor of Wi--Fi has beenFi has been
named 'father of Winamed 'father of Wi--Fi.Fi. In 1997 the Institute of Electrical and ElectronicIn 1997 the Institute of Electrical and Electronic
Engineers (IEEE) worked out the 802.11Engineers (IEEE) worked out the 802.11
standard.standard.
-
8/8/2019 Final WiFi Technology
5/27
The WiThe Wi--Fi TechnologyFi Technology
WiWi--FiFi NetworksNetworks useuse RadioRadio TechnologiesTechnologies tototransmittransmit && receivereceive datadata atat highhigh speedspeed::
IEEE 802.11bIEEE 802.11b
IEEE 802.11aIEEE 802.11a
IEEE 802.11gIEEE 802.11g
-
8/8/2019 Final WiFi Technology
6/27
IEEE 802.11bIEEE 802.11b
Appear in late 1999Appear in late 1999
Operates at 2.4GHz radio spectrumOperates at 2.4GHz radio spectrum
11 Mbps (theoretical speed)11 Mbps (theoretical speed) -- within 30 m Rangewithin 30 m Range
44--6 Mbps (actual speed)6 Mbps (actual speed)
100100 --150 feet range150 feet range
Most popular, Least ExpensiveMost popular, Least Expensive
Interference from mobile phones and BluetoothInterference from mobile phones and Bluetooth
devices which can reduce the transmissiondevices which can reduce the transmission
speed.speed.
-
8/8/2019 Final WiFi Technology
7/27
IEEE 802.11aIEEE 802.11a
Introduced in 2001Introduced in 2001
Operates at 5 GHz (less popular)Operates at 5 GHz (less popular)
54 Mbps (theoretical speed)54 Mbps (theoretical speed) 1515--20 Mbps (Actual speed)20 Mbps (Actual speed)
5050--75 feet range75 feet range
More expensiveMore expensive Not compatible with 802.11bNot compatible with 802.11b
-
8/8/2019 Final WiFi Technology
8/27
IEEE 802.11gIEEE 802.11g
IntroducedIntroduced inin 20032003
CombineCombine thethe featurefeature ofof bothboth standardsstandards
(a,b)(a,b) 100100--150150 feetfeet rangerange
5454 MbpsMbps SpeedSpeed
22..44 GHzGHz radioradio frequenciesfrequencies CompatibleCompatible withwith bb
-
8/8/2019 Final WiFi Technology
9/27
Elements of a WIElements of a WI--FI NetworkFI Network
AccessAccess PointPoint (AP)(AP) -- TheThe APAP isis aa wirelesswireless LANLANtransceivertransceiver oror basebase stationstation thatthat cancan connectconnect oneone oror manymany
wirelesswireless devicesdevices simultaneouslysimultaneously toto thethe InternetInternet..
WiWi--FiFi cardscards -- TheyThey acceptaccept thethe wirelesswireless signalsignal andand relayrelayinformationinformation..TheyThey cancan be be internalinternal andand externalexternal..(e(e..gg PCMCIAPCMCIA
CardCard forfor LaptopLaptop andand PCIPCI CardCard forfor DesktopDesktop PC)PC)
SafeguardsSafeguards -- FirewallsFirewalls andand antianti--virusvirus softwaresoftware protectprotectnetworksnetworks fromfrom uninviteduninvited usersusers andand keepkeep informationinformation securesecure..
-
8/8/2019 Final WiFi Technology
10/27
How a WiHow a Wi--Fi Network WorksFi Network Works
BasicBasic conceptconcept isis samesame asas WalkieWalkie talkiestalkies..
AA WiWi--FiFi hotspothotspot isis createdcreated byby installinginstalling anan accessaccess pointpoint
toto anan internetinternet connectionconnection..
AnAn accessaccess pointpoint actsacts asas aa basebase stationstation.. WhenWhen WiWi--FiFi enabledenabled devicedevice encountersencounters aa hotspothotspot thethe
devicedevice cancan thenthen connectconnect toto thatthat networknetwork wirelesslywirelessly..
AA singlesingle accessaccess pointpoint cancan supportsupport upup toto 3030 usersusers andand
cancan functionfunction withinwithin aa rangerange ofof 100100 150150 feetfeet indoorsindoors andandupup toto 300300 feetfeet outdoorsoutdoors..
ManyMany accessaccess pointspoints cancan bebe connectedconnected toto eacheach otherother viavia
EthernetEthernet cablescables toto createcreate aa singlesingle largelarge networknetwork..
-
8/8/2019 Final WiFi Technology
11/27
WiWi--Fi Network TopologiesFi Network Topologies
APAP--basedbased topologytopology (Infrastructure(Infrastructure Mode)Mode)
PeerPeer--toto--peerpeer topologytopology (Ad(Ad--hochoc Mode)Mode)
PointPoint--toto--multipointmultipoint bridgebridge topologytopology
-
8/8/2019 Final WiFi Technology
12/27
APAP--based topologybased topology
TheThe clientclient communicatecommunicate throughthrough AccessAccess PointPoint..
BSABSA--RFRF coveragecoverage providedprovided byby anan APAP..
ESAESA--ItIt consistsconsists ofof 22 oror moremore BSABSA..
ESAESA cellcell includesincludes 1010--1515%% overlapoverlap toto allowallow
roamingroaming..
-
8/8/2019 Final WiFi Technology
13/27
PeerPeer--toto--peer topologypeer topology
A
P is not required.A
P is not required. ClientClient devicesdevices withinwithin
aa cellcell cancan
communicatecommunicate directlydirectly
withwith eacheach otherother..
ItIt isis usefuluseful forfor settingsetting
upup of of aa wirelesswireless
networknetwork quicklyquickly andandeasilyeasily..
-
8/8/2019 Final WiFi Technology
14/27
PointPoint--toto--multipoint bridge topologymultipoint bridge topology
ThisThis isis usedused toto connectconnect aa LANLAN inin oneone buildingbuilding toto aa LANsLANsinin other other buildingsbuildings eveneven if if thethe buildingsbuildings areare milesmiles
apartapart..TheseThese conditionsconditions receivereceive aa clear clear lineline of of sightsight
betweenbetween buildingsbuildings.. TheThe lineline--ofof--sightsight rangerange variesvaries basedbased
onon thethe typetype ofof wirelesswireless bridgebridge andand antennaantenna usedused asas wellwell
asas thethe environmentalenvironmental conditionsconditions..
-
8/8/2019 Final WiFi Technology
15/27
WiWi--Fi ConfigurationsFi Configurations
-
8/8/2019 Final WiFi Technology
16/27
WiWi--Fi ConfigurationsFi Configurations
-
8/8/2019 Final WiFi Technology
17/27
WiWi--Fi ConfigurationsFi Configurations
-
8/8/2019 Final WiFi Technology
18/27
WiWi--Fi ApplicationsFi Applications
HomeHome
Small BusinessesSmall Businesses
Large Corporations & CampusesLarge Corporations & Campuses Health CareHealth Care
Wireless ISP (WISP)Wireless ISP (WISP)
TravellersTravellers
-
8/8/2019 Final WiFi Technology
19/27
WiWi--Fi Security ThreatsFi Security Threats
WirelessWireless technologytechnology doesntdoesnt removeremove anyany
oldold securitysecurity issues,issues, butbut introducesintroduces newnew
onesones
EavesdroppingEavesdropping
ManMan--inin--thethe--middle attacksmiddle attacks
Denial of ServiceDenial of Service
-
8/8/2019 Final WiFi Technology
20/27
EavesdroppingEavesdropping
Easy to perform, almost impossible to detectEasy to perform, almost impossible to detect
By default, everything is transmitted in clear textBy default, everything is transmitted in clear text
Usernames, passwords, content ...Usernames, passwords, content ...
No security offered by the transmission mediumNo security offered by the transmission medium
Different tools available on the internetDifferent tools available on the internet
Network sniffers, protocol analysers . . .Network sniffers, protocol analysers . . .
Password collectorsPassword collectors With the right equipment, its possible toWith the right equipment, its possible to
eavesdrop traffic from few kilometers awayeavesdrop traffic from few kilometers away
-
8/8/2019 Final WiFi Technology
21/27
MITM AttackMITM Attack
1.1. Attacker spoofes aAttacker spoofes adisassociate messagedisassociate messagefrom the victimfrom the victim
2.2. The victim starts toThe victim starts to
look for a new accesslook for a new accesspoint, and the attackerpoint, and the attackeradvertises his own APadvertises his own APon a different channel,on a different channel,using the real APsusing the real APs
MAC addressMAC address3.3. The attacker connectsThe attacker connects
to the real AP usingto the real AP usingvictims MAC addressvictims MAC address
-
8/8/2019 Final WiFi Technology
22/27
Denial of ServiceDenial of Service
Attack on transmission frequecy usedAttack on transmission frequecy used
Frequency jammingFrequency jamming
Not very technical, but worksNot very technical, but works
A
ttack on MA
C layerA
ttack on MA
C layer Spoofed deauthentication / disassociation messagesSpoofed deauthentication / disassociation messages
can target one specific usercan target one specific user
Attacks on higher layer protocol (TCP/IP protocol)Attacks on higher layer protocol (TCP/IP protocol)
SYN FloodingSYN Flooding
-
8/8/2019 Final WiFi Technology
23/27
WiWi--Fi SecurityFi Security
TheThe requirementsrequirements forfor WiWi--FiFi networknetwork
securitysecurity cancan bebe brokenbroken downdown intointo twotwo
primaryprimary componentscomponents::
AuthenticationAuthentication
UserUserAuthenticationAuthentication
ServerServerAuthenticationAuthentication
PrivacyPrivacy
-
8/8/2019 Final WiFi Technology
24/27
AuthenticationAuthentication
Keeping unauthorized users off the networkKeeping unauthorized users off the network
UserAuthenticationUserAuthentication
Authentication Server is usedAuthentication Server is used
Username and passwordUsername and password
Risk:Risk:
Data (username & password) send before secure channelData (username & password) send before secure channel
establishedestablished
Prone to passive eavesdropping by attackerProne to passive eavesdropping by attacker
SolutionSolution
Establishing a encrypted channel before sending usernameEstablishing a encrypted channel before sending username
and passwordand password
-
8/8/2019 Final WiFi Technology
25/27
Authentication (cont..)Authentication (cont..)
ServerAuthenticationServerAuthentication
Digital Certificate is usedDigital Certificate is used
Validation of digital certificate occursValidation of digital certificate occursautomatically within client softwareautomatically within client software
-
8/8/2019 Final WiFi Technology
26/27
AdvantagesAdvantages
MobilityMobility
Ease of InstallationEase of Installation
FlexibilityFlexibility
CostCost
ReliabilityReliability
SecuritySecurity
Use unlicensed part of the radio spectrumUse unlicensed part of the radio spectrum RoamingRoaming
SpeedSpeed
-
8/8/2019 Final WiFi Technology
27/27
LimitationsLimitations
InterferenceInterference
Degradation in performanceDegradation in performance
High power consumptionHigh power consumption Limited rangeLimited range