Jaringan Komputer Lanjut

advertisement
Jaringan Komputer Lanjut
Jaringan Nirkabel (Wireless LAN)
-Aurelio Rahmadian-
Why have Wireless LANs Become
so Popular?
Business networks today are evolving to support
people who are on the move. Employees and
employers, students and faculty, government
agents and those they serve, sports fans and
shoppers, all are mobile and many of them are
"connected." Perhaps you have a mobile phone
that you route instant messages to when you are
away from your computer.
 This is the vision of mobility-an environment
where people can take their connection to
the network along with them on the road.
Any time, any place.

Why Use Wireless?
Productivity is no longer restricted to a
fixed work location or a defined time
period.
 People now expect to be connected at
any time and place.
 Employees can check e-mail, voice mail,
and the status of products on personal
digital assistants (PDAs) while at many
temporary locations.

Advantages
Flexibility
 Reduced cost; on average, the IT cost of
moving an employee to a new location
within a site is $375 (US dollars).

People Change The Way They Live
The method of accessing the Internet has
quickly moved from temporary modem
dialup service to dedicated DSL or cable
service.
 Home users are seeking many of the
same flexible wireless solutions as office
workers.
 For the first time, in 2005, more Wi-Fienabled mobile laptops were purchased
than fixed-location desktops.

Wireless Technology
Comparing WLAN to LAN
Radio Frequency (RF)




RF does not have boundaries, such as the limits of a wire in a
sheath. The lack of such a boundary allows data frames traveling
over the RF media to be available to anyone that can receive the RF
signal.
RF is unprotected from outside signals, whereas cable is in an
insulating sheath. Radios operating independently in the same
geographic area but using the same or a similar RF can interfere
with each other.
RF transmission is subject to the same challenges inherent in any
wave-based technology, such as consumer radio. For example, as
you get further away from the source, you may hear stations playing
over each other or hear static in the transmission. Eventually you
may lose the signal all together. Wired LANs have cables that are of
an appropriate length to maintain signal strength.
RF bands are regulated differently in various countries. The use of
WLANs is subject to additional regulations and sets of standards
that are not applied to wired LANs.
Other Things About WLAN





WLANs connect clients to the network through a wireless
access point (AP) instead of an Ethernet switch.
WLANs connect mobile devices that are often battery
powered, as opposed to plugged-in LAN devices. Wireless
network interface cards (NICs) tend to reduce the battery
life of a mobile device.
WLANs support hosts that contend for access on the RF
media (frequency bands). 802.11 prescribes collisionavoidance instead of collision-detection for media access to
proactively avoid collisions within the media.
WLANs use a different frame format than wired Ethernet
LANs. WLANs require additional information in the Layer 2
header of the frame.
WLANs raise more privacy issues because radio frequencies
can reach outside the facility.
Wireless AP
History
When 802.11 was first released, it
prescribed 1 - 2 Mb/s data rates in the 2.4
GHz band. At that time, wired LANs were
operating at 10 Mb/s so the new wireless
technology was not enthusiastically
adopted.
 Since then, wireless LAN standards have
continuously improved with the release of
IEEE 802.11a, IEEE 802.11b, IEEE 802.11g,
and 802.11n.

Wireless LAN Standards
Wireless LAN Standards
Wireless LAN Standards

Internationally, the three key organizations influencing
WLAN standards are:
◦ ITU-R
Regulates the allocation of the RF spectrum and satellite
orbits.
◦ IEEE
Developed and maintains the standards for local and
metropolitan area networks with the IEEE 802 LAN/MAN
family of standards. Specified standards for RF modulation
devices.
◦ Wi-Fi Alliance
Association of vendors whose objective is to improve the
interoperability of products that are based on the 802.11
standard by certifying vendors for conformance to
industry norms and adherence to standards.
Wireless LAN Standards

The roles of these three organizations
can be summarized as follows:
◦ ITU-R regulates allocation of RF bands.
◦ IEEE specifies how RF is modulated to carry
information.
◦ Wi-Fi ensures that vendors make devices that
are interoperable.
Wireless NIC
Wireless AP
An access point is a Layer 2 device that functions like
an 802.3 Ethernet hub. RF is a shared medium and
access points hear all radio traffic. Just as with 802.3
Ethernet, the devices that want to use the medium
contend for it. Unlike Ethernet NICs, though, it is
expensive to make wireless NICs that can transmit
and receive at the same time, so radio devices do not
detect collisions. Instead, WLAN devices are designed
to avoid them.
 RF signals attenuate. That means that they lose their
energy as they move away from their point of origin.
Think about driving out of range of a radio station.
This signal attenuation can be a problem in a WLAN
where stations contend for the medium.

CSMA/CA

Access points oversee a distributed coordination
function (DCF) called Carrier Sense Multiple Access
with Collision Avoidance (CSMA/CA). This simply
means that devices on a WLAN must sense the
medium for energy (RF stimulation above a certain
threshold) and wait until the medium is free before
sending. Because all devices are required to do this,
the function of coordinating access to the medium is
distributed. If an access point receives data from a
client station, it sends an acknowledgement to the
client that the data has been received. This
acknowledgement keeps the client from assuming
that a collision occurred and prevents a data
retransmission by the client.
Wireless Router

Wireless routers perform the role of access point,
Ethernet switch, and router. For example, the Linksys
WRT300N used is really three devices in one box. First,
there is the wireless access point, which performs the
typical functions of an access point. A built-in four-port,
full-duplex switch provides connectivity to wired
devices. Finally, the router function provides a gateway
for connecting to other network infrastructures.
Wireless Operation
The wireless network mode refers to the WLAN protocols:
802.11a, b, g, or n.
 Because 802.11g is backward compatible with 802.11b,
access points support both standards. Remember that if all
the clients connect to an access point with 802.11g, they all
enjoy the better data rates provided. When 802.11b clients
associate with the access point all the faster clients
contending for the channel have to wait on 802.11b clients
to clear the channel before transmitting.
 When a Linksys access point is configured to allow both
802.11b and 802.11g clients, it is operating in mixed mode.
 For an access point to support 802.11a as well as 802.11b
and g, it must have a second radio to operate in the different
RF band.

Wireless Operation

SSID
◦ A shared service set identifier (SSID) is a unique identifier that
client devices use to distinguish between multiple wireless
networks in the same vicinity. Can be any alphanumeric, casesensitive entry from 2 to 32 characters long.

Channel
◦ The 2.4 GHz band is broken down into 11 channels for North
America and 13 channels for Europe.These channels have a
center frequency separation of only 5 MHz and an overall
channel bandwidth (or frequency occupation) of 22 MHz.The 22
MHz channel bandwidth combined with the 5 MHz separation
between center frequencies means there is an overlap between
successive channels.
◦ Best practices for WLANs that require multiple access points
are set to use non-overlapping channels. If there are three
adjacent access points, use channels 1, 6, and 11.
Wireless Operation
Wireless Operation
Topology
Topology
Topology
Topology
WLAN Terms
Beacons - Frames used by the WLAN
network to advertise its presence.
 Probes - Frames used by WLAN clients
to find their networks.
 Authentication - A process which is an
artifact from the original 802.11 standard,
but still required by the standard.
 Association - The process for establishing
the data link between an access point and
a WLAN client.

WLAN Terms
WLAN Terms
WLAN Terms
Planning
Planning
Threat to Wireless Security

Unauthorized Access
There are three major categories of
threat that lead to unauthorized access:
◦ War drivers
◦ Hackers (Crackers)
◦ Employees
Threat to Wireless Security

"War driving" originally referred to using
a scanning device to find cellular phone
numbers to exploit. War driving now also
means driving around a neighborhood
with a laptop and an 802.11b/g client card
looking for an unsecured 802.11b/g
system to exploit.
Threat to Wireless Security

The term hacker originally meant someone
who delved deeply into computer systems
to understand, and perhaps exploit for
creative reasons, the structure and
complexity of a system. Today, the terms
hacker and cracker have come to mean
malicious intruders who enter systems as
criminals and steal data or deliberately harm
systems.Hackers intent on doing harm are
able to exploit weak security measures.
Threat to Wireless Security
A rogue access point is an access point placed on a WLAN
that is used to interfere with normal network operation. If a
rogue access point is configured with the correct security
settings, client data could be captured. A rogue access point
also could be configured to provide unauthorized users with
information such as the MAC addresses of clients (both
wireless and wired), or to capture and disguise data packets
or, at worst, to gain access to servers and files.
 A simple and common version of a rogue access point is one
installed by employees without authorization. Employees
install access points intended for home use on the enterprise
network. These access points typically do not have the
necessary security configuration, so the network ends up
with a security hole.

Threat to Wireless Security

Man In The Middle Attack (MITM)
Threat to Wireless Security

Denial of Service
802.11b and g WLANs use the unlicensed
2.4 GHz ISM band. This is the same band
used by most wireless consumer
products, including baby monitors,
cordless phones, and microwave ovens.
With these devices crowding the RF band,
attackers can create noise on all the
channels in the band with commonly
available devices.
WLAN Security Protocol
Other Things to Secure WLAN
SSID Cloacking
 MAC Address Filtering

Download