Jaringan Komputer Lanjut Jaringan Nirkabel (Wireless LAN) -Aurelio Rahmadian- Why have Wireless LANs Become so Popular? Business networks today are evolving to support people who are on the move. Employees and employers, students and faculty, government agents and those they serve, sports fans and shoppers, all are mobile and many of them are "connected." Perhaps you have a mobile phone that you route instant messages to when you are away from your computer. This is the vision of mobility-an environment where people can take their connection to the network along with them on the road. Any time, any place. Why Use Wireless? Productivity is no longer restricted to a fixed work location or a defined time period. People now expect to be connected at any time and place. Employees can check e-mail, voice mail, and the status of products on personal digital assistants (PDAs) while at many temporary locations. Advantages Flexibility Reduced cost; on average, the IT cost of moving an employee to a new location within a site is $375 (US dollars). People Change The Way They Live The method of accessing the Internet has quickly moved from temporary modem dialup service to dedicated DSL or cable service. Home users are seeking many of the same flexible wireless solutions as office workers. For the first time, in 2005, more Wi-Fienabled mobile laptops were purchased than fixed-location desktops. Wireless Technology Comparing WLAN to LAN Radio Frequency (RF) RF does not have boundaries, such as the limits of a wire in a sheath. The lack of such a boundary allows data frames traveling over the RF media to be available to anyone that can receive the RF signal. RF is unprotected from outside signals, whereas cable is in an insulating sheath. Radios operating independently in the same geographic area but using the same or a similar RF can interfere with each other. RF transmission is subject to the same challenges inherent in any wave-based technology, such as consumer radio. For example, as you get further away from the source, you may hear stations playing over each other or hear static in the transmission. Eventually you may lose the signal all together. Wired LANs have cables that are of an appropriate length to maintain signal strength. RF bands are regulated differently in various countries. The use of WLANs is subject to additional regulations and sets of standards that are not applied to wired LANs. Other Things About WLAN WLANs connect clients to the network through a wireless access point (AP) instead of an Ethernet switch. WLANs connect mobile devices that are often battery powered, as opposed to plugged-in LAN devices. Wireless network interface cards (NICs) tend to reduce the battery life of a mobile device. WLANs support hosts that contend for access on the RF media (frequency bands). 802.11 prescribes collisionavoidance instead of collision-detection for media access to proactively avoid collisions within the media. WLANs use a different frame format than wired Ethernet LANs. WLANs require additional information in the Layer 2 header of the frame. WLANs raise more privacy issues because radio frequencies can reach outside the facility. Wireless AP History When 802.11 was first released, it prescribed 1 - 2 Mb/s data rates in the 2.4 GHz band. At that time, wired LANs were operating at 10 Mb/s so the new wireless technology was not enthusiastically adopted. Since then, wireless LAN standards have continuously improved with the release of IEEE 802.11a, IEEE 802.11b, IEEE 802.11g, and 802.11n. Wireless LAN Standards Wireless LAN Standards Wireless LAN Standards Internationally, the three key organizations influencing WLAN standards are: ◦ ITU-R Regulates the allocation of the RF spectrum and satellite orbits. ◦ IEEE Developed and maintains the standards for local and metropolitan area networks with the IEEE 802 LAN/MAN family of standards. Specified standards for RF modulation devices. ◦ Wi-Fi Alliance Association of vendors whose objective is to improve the interoperability of products that are based on the 802.11 standard by certifying vendors for conformance to industry norms and adherence to standards. Wireless LAN Standards The roles of these three organizations can be summarized as follows: ◦ ITU-R regulates allocation of RF bands. ◦ IEEE specifies how RF is modulated to carry information. ◦ Wi-Fi ensures that vendors make devices that are interoperable. Wireless NIC Wireless AP An access point is a Layer 2 device that functions like an 802.3 Ethernet hub. RF is a shared medium and access points hear all radio traffic. Just as with 802.3 Ethernet, the devices that want to use the medium contend for it. Unlike Ethernet NICs, though, it is expensive to make wireless NICs that can transmit and receive at the same time, so radio devices do not detect collisions. Instead, WLAN devices are designed to avoid them. RF signals attenuate. That means that they lose their energy as they move away from their point of origin. Think about driving out of range of a radio station. This signal attenuation can be a problem in a WLAN where stations contend for the medium. CSMA/CA Access points oversee a distributed coordination function (DCF) called Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA). This simply means that devices on a WLAN must sense the medium for energy (RF stimulation above a certain threshold) and wait until the medium is free before sending. Because all devices are required to do this, the function of coordinating access to the medium is distributed. If an access point receives data from a client station, it sends an acknowledgement to the client that the data has been received. This acknowledgement keeps the client from assuming that a collision occurred and prevents a data retransmission by the client. Wireless Router Wireless routers perform the role of access point, Ethernet switch, and router. For example, the Linksys WRT300N used is really three devices in one box. First, there is the wireless access point, which performs the typical functions of an access point. A built-in four-port, full-duplex switch provides connectivity to wired devices. Finally, the router function provides a gateway for connecting to other network infrastructures. Wireless Operation The wireless network mode refers to the WLAN protocols: 802.11a, b, g, or n. Because 802.11g is backward compatible with 802.11b, access points support both standards. Remember that if all the clients connect to an access point with 802.11g, they all enjoy the better data rates provided. When 802.11b clients associate with the access point all the faster clients contending for the channel have to wait on 802.11b clients to clear the channel before transmitting. When a Linksys access point is configured to allow both 802.11b and 802.11g clients, it is operating in mixed mode. For an access point to support 802.11a as well as 802.11b and g, it must have a second radio to operate in the different RF band. Wireless Operation SSID ◦ A shared service set identifier (SSID) is a unique identifier that client devices use to distinguish between multiple wireless networks in the same vicinity. Can be any alphanumeric, casesensitive entry from 2 to 32 characters long. Channel ◦ The 2.4 GHz band is broken down into 11 channels for North America and 13 channels for Europe.These channels have a center frequency separation of only 5 MHz and an overall channel bandwidth (or frequency occupation) of 22 MHz.The 22 MHz channel bandwidth combined with the 5 MHz separation between center frequencies means there is an overlap between successive channels. ◦ Best practices for WLANs that require multiple access points are set to use non-overlapping channels. If there are three adjacent access points, use channels 1, 6, and 11. Wireless Operation Wireless Operation Topology Topology Topology Topology WLAN Terms Beacons - Frames used by the WLAN network to advertise its presence. Probes - Frames used by WLAN clients to find their networks. Authentication - A process which is an artifact from the original 802.11 standard, but still required by the standard. Association - The process for establishing the data link between an access point and a WLAN client. WLAN Terms WLAN Terms WLAN Terms Planning Planning Threat to Wireless Security Unauthorized Access There are three major categories of threat that lead to unauthorized access: ◦ War drivers ◦ Hackers (Crackers) ◦ Employees Threat to Wireless Security "War driving" originally referred to using a scanning device to find cellular phone numbers to exploit. War driving now also means driving around a neighborhood with a laptop and an 802.11b/g client card looking for an unsecured 802.11b/g system to exploit. Threat to Wireless Security The term hacker originally meant someone who delved deeply into computer systems to understand, and perhaps exploit for creative reasons, the structure and complexity of a system. Today, the terms hacker and cracker have come to mean malicious intruders who enter systems as criminals and steal data or deliberately harm systems.Hackers intent on doing harm are able to exploit weak security measures. Threat to Wireless Security A rogue access point is an access point placed on a WLAN that is used to interfere with normal network operation. If a rogue access point is configured with the correct security settings, client data could be captured. A rogue access point also could be configured to provide unauthorized users with information such as the MAC addresses of clients (both wireless and wired), or to capture and disguise data packets or, at worst, to gain access to servers and files. A simple and common version of a rogue access point is one installed by employees without authorization. Employees install access points intended for home use on the enterprise network. These access points typically do not have the necessary security configuration, so the network ends up with a security hole. Threat to Wireless Security Man In The Middle Attack (MITM) Threat to Wireless Security Denial of Service 802.11b and g WLANs use the unlicensed 2.4 GHz ISM band. This is the same band used by most wireless consumer products, including baby monitors, cordless phones, and microwave ovens. With these devices crowding the RF band, attackers can create noise on all the channels in the band with commonly available devices. WLAN Security Protocol Other Things to Secure WLAN SSID Cloacking MAC Address Filtering