Wi-Fi the 802.11 Standard and Security - PowerPoint PPT Presentation

1 / 26
About This Presentation
Title:

Wi-Fi the 802.11 Standard and Security

Description:

Wi-Fi the 802.11 Standard and Security Real 802.11 Security by Jon Edney and William Arbaugh What is Wi-Fi? Short for wireless fidelity. It is a wireless technology ... – PowerPoint PPT presentation

Number of Views:71
Avg rating:3.0/5.0
Slides: 27
Provided by: Will261
Category:

less

Transcript and Presenter's Notes

Title: Wi-Fi the 802.11 Standard and Security


1
Wi-Fithe802.11 StandardandSecurity
2
  • Real 802.11 Security by Jon Edney and William
    Arbaugh

3
What is Wi-Fi?
  • Short for wireless fidelity.
  • It is a wireless technology that uses radio
    frequency to transmit data through the air.
  • Wi-Fi is based on the 802.11 standard
  • 802.11a
  • 802.11b
  • 802.11g
  • 802.11n
  • 802.11ab (development) speed up to 1 Gbps

4
(No Transcript)
5
Wi-Fi Alliance
  • Non-profit standards organization.
  • Global organization that created the Wi-Fi brand
    name.
  • Formerly the Wireless Ethernet Compatibility
    Alliance.

6
Wi-Fi Certification
  • The Wi-Fi CERTIFIED logo from the Wi-Fi Alliance.
  • Rigorous interoperability testing requirements.
  • Certifies the interoperability of 802.11 products
    from the many different vendors.

7
Brief History
  • IEEE (Institute of Electrical and Electronics
    Engineers) established the 802.11 Group in 1990.
    Specifications for standard ratified in 1997.
  • Initial speeds were 1 and 2 Mbps.
  • IEEE modified the standard in 1999 to include
  • 802.11b
  • 802.11a
  • 802.11g was added in 2003.
  • IEEE Created standard, but Wi-Fi Alliance
    certifies products

8
802.11 Standard
  • 802.11 is primarily concerned with the lower
    layers of the OSI model.
  • Data Link Layer
  • Logical Link Control (LLC).
  • Medium Access Control (MAC).
  • Physical Layer
  • Physical Layer Convergence Procedure (PLCP).
  • Physical Medium Dependent (PMD).

9
WIFI CHANNEL2.400 MHz sampai 2.483,50 MHz dengan
Jarak 5 MHz
  • Channel 1 - 2,412 MHz
  • Channel 2 - 2,417 MHz
  • Channel 3 - 2,422 MHz
  • Channel 4 - 2,427 MHz
  • Channel 5 - 2,432 MHz
  • Channel 6 - 2,437 MHz
  • Channel 7 - 2,442 MHz
  • Channel 8 - 2,447 MHz
  • Channel 9 - 2,452 MHz
  • Channel 10 - 2,457 MHz
  • Channel 11 - 2,462 MHz

10
802.11b Standard
  • Well-supported, stable, and cost effective, but
    runs in the 2.4 GHz range that makes it prone to
    interference from other devices (microwave ovens,
    cordless phones, etc) and also has security
    disadvantages.
  • Limits the number of access points in range of
    each other to three.
  • Has 11 channels, with 3 non-overlapping, and
    supports rates from 1 to 11 Mbps, but
    realistically about 4-5 Mbps max.
  • Uses direct-sequence spread-spectrum technology.

11
802.11g Standard
  • Extension of 802.11b, with the same disadvantages
    (security and interference).
  • Has a shorter range than 802.11b.
  • Is backwards compatible with 802.11b so it allows
    or a smooth transition from 11b to 11g.
  • Flexible because multiple channels can be
    combined for faster throughput, but limited to
    one access point.
  • Runs at 54 Mbps, but realistically about 20-25
    Mbps and about 14 Mbps when b associated
  • Uses frequency division multiplexing

12
802.11a Standard
  • Completely different from 11b and 11g.
  • Flexible because multiple channels can be
    combined for faster throughput and more access
    points can be co-located.
  • Shorter range than 11b and 11g.
  • Runs in the 5 GHz range, so less interference
    from other devices.
  • Has 12 channels, 8 non-overlapping, and supports
    rates from 6 to 54 Mbps, but realistically about
    27 Mbps max
  • Uses frequency division multiplexing

13
IEEE 802.11 Wireless LAN
  • 802.11b
  • 2.4-2.485 GHz unlicensed radio spectrum
  • up to 11 Mbps
  • direct sequence spread spectrum (DSSS) in
    physical layer all hosts use same chipping code
  • 802.11a
  • 5-6 GHz range
  • up to 54 Mbps
  • Physical layer orthogonal frequency division
    multiplexing (OFDM)
  • 802.11g
  • 2.4-2.485 GHz range
  • up to 54 Mbps
  • OFDM
  • All use CSMA/CA for multiple access
  • All have base-station and ad-hoc versions
  • All allow for reducing bit rate for longer range

14
802.11 LAN architecture
  • wireless host communicates with base station
  • base station access point (AP)
  • Basic Service Set (BSS) (aka cell) in
    infrastructure mode contains
  • wireless hosts
  • access point (AP) base station
  • ad hoc mode hosts only

hub, switch or router
BSS 1
BSS 2
15
(No Transcript)
16
Advantages
  • Freedom You can work from any location that you
    can get a signal.
  • Setup Cost No cabling required.
  • Flexibility Quick and easy to setup in temp or
    permanent space.
  • Scaleable Can be expanded with growth.
  • Mobile Access Can access the network on the
    move.

17
Disadvantages
  • Speed Slower than cable.
  • Range Affected by various medium.
  • Travels best through open space.
  • Reduced by walls, glass, water, etc
  • Security Greater exposure to risks.
  • Unauthorized access.
  • Compromising data.
  • Denial of service.

18
Basic Security Strategies
  • Block your Service Set Identifier (SSID) from
    being broadcast.
  • Wireless beacon so PCs can easily find the access
    point.
  • Change the default network name in the access
    point.
  • Change the default access point password.
  • Center the access point in the middle of the
    building/house.

19
Media Access Control (MAC) Filtering
  • Every network device has a unique MAC address
  • Allocated by the manufacturer.
  • MAC Filtering only allows certain addresses
    access.
  • Mostly for home use.
  • Tedious to implement on a large scale

20
Wired Equivalency Protocol (WEP)
  • Basic encryption technology.
  • Uses an RC4 stream cipher.
  • Pseudo-random bytes.
  • Two versions 64-bit and 128-bit versions.
  • Built into Wi-Fi certified equipment.
  • Implemented at the MAC level.
  • Protects radio signal between device and access
    point.
  • Does not protect data beyond the access point.
  • Uses static encryption keys.
  • Easy to crack.
  • Still better then nothing.

21
Wi-Fi Protected Access (WPA)
  • Designed to replace WEP.
  • Firmware update.
  • 128-bit Temporal Key Integrity Protocol (TKIP)
    encryption.
  • Uses a master key that is regularly changed.
  • User authentication.
  • Data Integrity.
  • Protects radio signal between device and access
    point.
  • Built into Wi-Fi certified equipment.
  • Implemented at the MAC level.
  • Available in two versions
  • WPA2 Personal.
  • WPA2 Enterprise.

22
Wi-Fi Protected Access 2 (WPA2)
  • Designed to replace WEP.
  • 128-bit Advanced Encryption Standard (AES).
  • Based on the IEEE 802.11i standard.
  • Provides government level security.
  • Also available in two versions
  • WPA2 Personal.
  • WPA2 Enterprise.

23
Extended EAP
  • EAP - Extensible Authentication Protocol.
  • Addition to the Wi-Fi Protected Access.
  • Used in internal network.
  • Extra security for enterprise and government
    Wi-Fi LANs.
  • Several versions available.

24
Virtual Private Network (VPN)
  • Creates a secure virtual tunnel from remote
    device to VPN server.
  • Creates an encryption scheme.
  • Requires authentication.
  • Works across the internet.
  • Many types and levels of VPN technology.
  • May include hardware and software components.
  • Some very expensive.
  • Windows provides a basic implementation in its
    server software.

25
Firewall
  • Can make the network or computer invisible to the
    internet.
  • Block unauthorized users.
  • Monitor and control flow of data to/from a
    network or computer.
  • Many types and levels of firewall technology.
  • Hardware and software combinations
  • Software only versions.
  • ZoneAlarm
  • Many devices provide basic firewall capability.
  • Gateways and access points.
  • Network address translation.
  • Windows XP operating system.

26
(No Transcript)
Write a Comment
User Comments (0)
About PowerShow.com