Wireless Network and Security
1.Wireless Network Introduction:-
Wireless network gives freedom to user to move around at will while staying connected to network. User can bring different wireless devices and connect to network easily and smoothly. Wireless data must travel through free space, in free space environment, many variables can affect the data and its delivery.
802.11 is a legacy standard of IEEE for wireless connections. Wireless device should adhere to 802.11 standard to minimize effect of variable on the data and its delivery.
Wireless spectrum must be exist where user want to connect wireless device.
The basis of wireless systems are radio frequency waves. Advantage of Wireless networks are easy setup, cost effective, convenient and gives mobility.
2.Wireless networks can be segregated in following types :-
- Wireless Personal Area network (WPAN):
We all know about ‘Bluetooth’ wireless standard. It is developed by Special Interest
Group (SIG), the initial members of these group are companies like Ericsson, Intel, IBM, Nokia and Toshiba. Two devices like mobile phone to mobile phone, mobile phone to laptop, laptop to wireless headphone with Bluetooth are used for data transfer, It supports distance 10 to 15 meters.
- Wireless Local Area network (WLAN):
In Wireless Local Area network, an Access Point is used as a central device which generates spectrum of wireless network. Generally indoor AP generates spectrum up to 35 meters and outdoor AP generates spectrum up to 70 meters. Access points has Ethernet port and one port which is for Internet connection. AP can be used as a Ethernet switch. Wireless network is effected by hurdles like thick wall, thick glass partitions and cupboards in premise.
Today’s laptop are Wi-Fi enabled means wireless interface card is inbuilt in laptop, but generally desktops does not have inbuilt Wireless LAN card. We have to purchase wireless LAN card and install in desktop. These wireless NIC cards detect the spectrum of AP and we can connect to wireless network.
Wireless Frequency Unit –
A Hertz (Hz) is the most commonly used frequency unit and it is nothing other than one cycle per second.
|Hertz||Hz||Cycle per second|
The frequency range from 3 kHz to 300 GHz is commonly called as radio frequency (RF), It includes many different types of radio communication, including low frequency radio, AM radio, shortwave radio, television, FM radio, Microwave and Radar. The microwave category also contains two main frequency ranges that are used for wireless LAN communication: 2.4 GHz and 5.00 GHz.
Wireless LAN IEEE 803.11 standards and amendments.
|Amendments||2.4 GHz||5.0 GHz||Max Data Rate||Note|
|802.11||Yes||No||2 Mbps||The original standard ratified in1997|
|802.11b||Yes||No||11 Mbps||Introduced in 1999|
|802.11g||Yes||No||54 Mbps||Introduced in 2003|
|802.11a||No||Yes||54 Mbps||Introduced in 1999|
|802.11n||Yes||Yes||600 Mbps||HT(High Throughput),Introduced in 2009|
|802.11ac||No||Yes||6.93 Gbps||VHT (Very High Throughput),Introduced in 2013.|
|802.11ax||Yes||Yes||4x 803.11ac||High Efficiency Wireless,Wi-Fi6|
Note: IEEE 803.11 WLANs are always Half-Duplex because transmission between two devices
Use the same frequency or channel.
To create wireless LAN we need to set the IP address on all the desktop and laptops in the similar range of Access Point IP address. On AP we need to set SSID and BSSID also network security key and Encryptions protocols. Let us discuss on how to secure wireless network in next topic.
I)Wireless Network Security.
Any device that has wireless network adapter can detect wireless network and connect to it, wireless network should have a way to make sure that every device which is using wireless channel should support common set of parameters. Basic Service Set Identifier (BSSID) is a solution for that.
Access point advertise wireless network by Service Set Identifier (SSID) which is text string containing a logical name. BSSID is a machine-readable tag that uniquely identified BSS ambassador (AP) and SSID is no unique which identifies human-readable name of wireless service.
Wireless frames are in air, any device within same area and using same channel can overhear transmission, if frames are not encrypted then anyone can inspect the contents. Only BSSID indicates intended sender or receiver is Access Point.
Wi-Fi security modes –
1) Open (Risky): Open wi-fi networks have no passphrase. You shouldn’t set up an open Wi-Fi network.
2) Wired Equivalent Privacy (WEP) 64: The old WEP encryption standard is vulnerable and shouldn’t be used.
3) Wired Equivalent Privacy (WEP) 128 : Larger encryption size but not secure.
WEP user RC4 algorithm to make data hidden and private. WEP uses a common string to secure the network connections, commonly called as WEP key. As WEP is vulnerable TKIP (Temporal Key Integrity protocol) was developed.
TKIP uses following components –
- MIC commonly called as Michael which adds hash value to every frame as a security check to avoid tempering.
- Time stamp: To prevent reply attach time stamp is used.
- Sender’s mac address.
- TKIP sequence number to prevent reply attacks.
- Key mixing algorithm.
- Longer initialization vector.
Wi-Fi Protected Access (WAP) –
- WPA-PSK(TKIP): This is basically the WPA, or WPA1 , encryption. It’s been supersedes and isn’t secure.
- WPA-PSK(AES): This uses older WPA wireless protocol with the ore modern AES encryption. Devices that support AES will almost always support WPA2,While devices that require WPA1 will almost never support AES encryption.
- WPA2-PSK (TKIP):
This uses the modern WPA2 standard with older TKIP encryption. This isn’t secure and is only good idea if you have older devices that can’t connect to a WPA2-PSK (AES) network.
This is the most security option. It uses WPA2, the lates Wi-Fi encryption standard, and he latest AES encryption protocol. You should be using this option. On devices with less confusing interfaces, the option marked “WPA2” or “WPA-PSK” will probably just use AES, as that’s a common-sense choice.
This enables both WPA and WPA2 with both TKIP and AES. It is also called as mixed mode and recommended.
- In 2018 Wi-Fi alliance introduced WPA3 a future replacement of WPA2.WPA3 leverages stronger encryption with AES and Galois/Counter Mode Protcol(GCMP)
IISecuring Wireless Network –
- Use of encryption: Most wireless Access Points have built in encryption feature. Generally it is turned off , turn it ON
- Computers which are connected to wireless network must use anti-virus and anti-spyware and regularly update it.
- Turn off Identifier broadcasting. The user who are using network they know that the Wireless Access Point or route is already there. Hacker may try to attack.
- Remove rogue Access Points.
- Change the default SSID of Wireless Access Point or router.
- Also change pre-se password for administration. By default Access Points of Wireless routers have default SSID and Password and its information is available on internet including default IP address used by well know wireless Access Point and router manufacturers.
- Allow only specific computers to access your wireless network by binding their mac address.
- Turn off your wireless network when you know you won’t use it.
- Do not turn on your mobile Wi-Fi on public places, tolerate to use public place Wi-Fi.
3) Wireless WAN: VSAT technology and Wimax standard is for long distance wireless Network.
Did You Know: An Austrian and American actress had invented basic Wi-Fi (Frequency Hopping. Her name is Hedy Lamarr. Her invention was approved in 1942.
| SevenMentor Pvt Ltd.
© Copyright 2021 | Sevenmentor Pvt Ltd.