Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks

Wireless & Mobile Technologies

advertisement 
WIRELESS NETWORK
SECURITY
Part 1
1
Objective





Understand basic wireless technology
Understand the components of wireless
network and implement a wireless network
Build a wireless LAN
Understand the security issues of wireless
network
Look at various protection methods and
explore how to apply some of these protections
to a school environment
Part 1
2
Contents

Brief introduction to networking


Fundamental Wireless Technologies



Wireless LAN, Bluetooth
Comparison of technologies and issues
Look at Wireless LAN component



WAN, MAN, LAN,
Wireless clients
AP
Build different types of wireless networks

Ad-hoc and infrastructure networks
Part 1
3
What is a Network?
…..is a group of two or more personal computers or
devices linked together with a media….
Part 1
4
Local Area Network (LAN)





Typically connects computer in a single
building or campus.
Medium : optical fibers, coaxial cables, twisted
pair, wireless (WiFi).
High speed networks (100 Mbps/10 Gbps
Ethernet)
Cheaper equipments, Ethernet, Token Ring
Setup Client and Server or Peer to Peer
Part 1
5
Wide Area Network (WAN)






Generally covers large distances (states,
countries, continents).
Typical Medium : Land and Ocean cables
Wireless Medium - satallites.
Problems with delays if using satellites.
Typical speed : 20 - 2000 Kbits/s. - expensive
New standards (ATM) are changing the
landscape.
LAN vs WAN
speed
Part 1
6
Metropolitan Area Network (MAN)




Generally covers towns and cities (50 kms)
Typical medium : optical fibres, cables
Message routing is fast.
Mobile technology – 2G, 3G and 4G
Part 1
7
What is Wireless Technology?

Refers to Hardware and Software that allow
information be transmitted between devices

Devices
 Equipment that can send and received

Network
 h/w & s/w used to link and transmit information over
a media

Applications
 S/w that operate the wireless device
Part 1
8
Why Wireless




Mobility (Roaming)
Easy of Installation
Scalability (WiFi)
Cost
Part 1
9
Why Wireless Now?




Information access when needed, anywhere
Emergence of powerful handheld devices
Improved network data exchange
Maturing device, network and data exchange
standards
Part 1
10
Some Wireless Technology?
To most people/organsiations wireless technology means:
WiMax
3G
Blue tooth
Wireless LAN
GPRS
Wireless technology refers to hardware and software that allows information to
be transmitted between devices without using physical wired connections.
Part 1
11
Wireless LAN Competing
Technologies
Home RF
BlueTooth
802.11
Max Trans. power
100mW
100mW
800mW
Data Rate
1-2 Mbps
1 Mbps
Upto 300Mbps
Max device
Up to 127
Up to 26
Up to 256
Security
Blowfish
0, 40, and 60 bits
40, 128 RC4
TKIP, WPA
Range
150ft
30ft
400ft indoor
1500 OD
Cost
Medium
cheapest
Most expensive
Roaming
No
No
Yes
802.11 competes with HiperLAN
Part 1
12
Personal Area Network (PAN)
 Operate in the gigahertz frequency spectrum but differ from
other wireless technologies in the range of service, network
capacity and data bit transfer rate.
 Designed to operate over a much smaller service area.
 Devices that participate in these types of peer based networks
are designed to automatically discover other devices and
services.
 Connects personal computers to mobile devices including
PDAs, phones, personal printers and other handheld devices.
Part 1
13
Bluetooth





Originated from an Ericsson internal project
To facilitate voice and data access
Operate at 2.4 – 2.483 MHz ISM band
Short range (10 meter) frequency-hopping
radio link between devices
Data can be delivered up to 724 kbps
Part 1
14
Bluetooth Standards (1)
1. Bluetooth 1.0 and 1.0B
2. Bluetooth 1.1
1. Fixed problems with V1 and support for non encrypted channels
3. Bluetooth 1.2
1. Better audio (Stereo sound, A2DP)
4. Bluetooth 2.0
1. EDR (3Mbps)
5. Bluetooth 2.1
1. Better power consumption
2. Better Pairing
Class
Maximum Permitted Power
(mW/dBm)
Range
(approximate)
Class 1
100 mW (20 dBm)
~100 meters
Class 2
2.5 mW (4 dBm)
~10 meters
Class 3
1 mW (0 dBm)
Part 1
~1 meter
15
Radio Spectrum
Gamma Ray
Emitted by nuclear reaction
1021 Hz
X-Ray
Penetrating live tissues
1018 Hz
Ultraviolet
Infrared
1015 Hz
Remote control, optical network
T-Ray
1012 Hz
Microwave
109 Hz
Used for heating, communication,
and radar
106 Hz
Radio
Used for
communication
Part 1
103 Hz
16
Mobile Phones Technology
The most used wireless technology is the mobile phone
Mobile phones became popular in the 1980s and 1990s. Now in Hong
Kong over 91% of the population owns a mobile phone. Various
operators offer different services but they can be grouped into two
types:
Mobile phones provide two major functions:
Voice – GSM, CDMA, TDMA
Data - GRPS, WAP
* SMS, EMS, MMS
* Internet Access
* Email
* Value Added features
Part 1
17
Transmission and Cells
Cell using directional transceiver
Cell using omnidirectional transceiver
Idealised hexagonal network
Overlapping circular cells
Microcell within network
Part 1
18
Mobile Phone Development
Since the development of mobile phones have seen a number of generations

1st Generation
This the analog phones dominated by two main standards, Analog
Mobile Phone System (AMPS) and Total Access Communication
System (TACS)
 2nd Generation
 Digital phones with better sound quality
 CDMA, TDMA, GSM and PCS became common terms
 Basic data transmission, modem, fax at 9.6kbps



2.5 Generation

Faster data transmission with GPRS, for SMS, MMS at 14.4k – 115kbps

Enhanced Data for GSM Evolution (EDGE) allowed 384Kbps
3rd Generation


WCDMA, CDMA2000 - Video streaming, high-speed Internet
Development even faster data access at 2Mbps for Internet
applications
Part 1
19
WIRELESS LAN
TECHNOLOGIES
Part 1
20
Wireless LAN Technology
The most popular WLAN technology today is based on the Institute of Electrical
and Electronics Engineers (IEEE) 802.11x standard.
IEEE 802.11
Frequency Range
Throughput
Data Rate
Indoor dist.
802.11a
5 GHz
27 Mbps
6-54 Mbps
~ 35m
802.11b
2.4 GHz
5 Mbps
1-11 Mbps
~ 38m
802.11g
2.4 GHz
22 Mbps
6-54 Mbps
~ 100m
802.11n
5 and/or 2.4 Ghz
Unknown
600 Mbps
~ 300m
Draft 2
(expect to rectify late 2009)
plus error correction code
Part 1
21
Original 802.11




Proposed by IEEE 802.11 working group
Started in May 1991 and completed in 1997
Transmission rate 1Mbps and 2Mbps
3 data transmission adopted



Frequency Hop Spread Spectrum (FHSS- 1Mbps)
Direct Sequence Spread Spectrum (DSSS- 2Mbps)
Infrared (IrDA – Infrared Data Association)
Part 1
22
802.11b






Added in Dec. 1999
Operating at 2.4GHz range
Support speed 11, 5.5, 2 & 1Mbps
Using Higher Rate - Direct-Sequence Spread
Spectrum (HR-DSSS)
Employs the Complementary Code Keying (CCK)
modulation technique
Newly added 22Mbps (802.11b+) Not official
Part 1
23
802.11a




Added in Dec. 1999
Operating at 5 GHz range
Support speed 6, 9, 12, 18, 24, 36, 48 & 54Mbps
Using Orthogonal Frequency Division
Multiplexing (OFDM)
Part 1
24
802.11g
•
•
•
•
•
Added 2003 (Ratified in June)
Operating at 2.4 GHz range
Support speed between 24 and 54Mbps
Using Orthogonal Frequency Division
Multiplexing (OFDM) - Mandatory
Also support Complimentary Code Keying
(CCK) – Optional (backward compatibles with
802.11b)
Part 1
25
IEEE 802.11 Specification
Part 1
26
Radio Frequency for Wireless
LAN
Hong Kong Allocation
USA Allocation
BAND
Frequency Range
Allocated For
Frequency Range
UHF ISM
902 – 928 MHz
Mobile Phone
800 – 900 MHz
S-Band
2 – 4 GHz
DECT
1.8 – 1.9 GHz
S-Band ISM
2.4 – 2.5 GHz
2.4 – 2.5 GHz
C-Band
4 – 8 GHz
ISM
C-Band Satellite downlink
3.7 – 4.2 GHz
ISM (feasible)
5.725 -5.875 GHz
C-Band Radar (Whether)
5.25 – 5.925 GHz
Fix Links (considering)
17, 18, 19 GHz
C-Band ISM
5.725 -5.875 GHz
24.1 GHz
C-Band Satellite uplink
5.925 – 6.425 GHz
European Wireless LAN
(Await standards)
X-Band
8 – 12 GHz
X-band Radar (police)
8.25 – 10.55 GHz
Ku-Band
12 – 18 GHz
Ku-Band Radar (Police)
13.4 – 14 GHz
15.7 - 17.7 GHz
ISM = Industrial, Scientific and Medical
Part 1
27
Hong Kong Allocation for
802.11b
Part 1
28
Hong Kong Allocation for
802.11a
Part 1
29
802.11b Channels
Wireless 802.11b networks operate in UHF band, specifically between 2.4GHz and 2.5GHz. These frequency
is divided into 14 channels.
US & Canada channel 1- 11 is available, Europe use 1 – 13, France uses 10-13 and Japan 1-14.
Channel
Frequency
Channel
Frequency
1
2.412Ghz
8
2.447Ghz
2
2.417Ghz
9
2.452Ghz
3
2.422Ghz
10
2.457Ghz
4
2.427Ghz
11
2.462Ghz
5
2.432Ghz
12
2.467Ghz
6
2.437Ghz
13
2.472Ghz
7
2.442Ghz
14
2.484Ghz
Part 1
30
Channel used for sending data
Data is not transmitted in a single frequency, it is spread over multiple frequencies
CH1
CH2
CH3
CH4
CH5
CH1
CH2
CH3
CH4
CH5
CH6
CH1
CH2
CH3
CH4
CH5
CH6
CH7
CH1
CH2
CH3
CH4
CH5
CH6
CH7
CH8
CH1
CH2
CH3
CH4
CH5
CH6
CH7
CH8
CH9
CH2
CH3
CH4
CH5
CH6
CH7
CH8
CH9
CH10
CH3
CH4
CH5
CH6
CH7
CH8
CH9
CH10
CH11
CH4
CH5
CH6
CH7
CH8
CH9
CH10
CH11
CH5
CH6
CH7
CH8
CH9
CH10
CH11
CH6
CH7
CH8
CH9
CH10
CH11
CH7
CH8
CH9
CH10
CH11
From the rule set only channel 1 , 6 and 11 do not overlap.
But channel 5, 6 , and 7 affects all rule sets (Ideal for Jammers)
Part 1
31
Channel Allocations for 802.11b
Each DS (Direct Sequence) Channel is transmitted over 22 Mhz
Channel Centers are separated by 5 Mhz
Part 1
32
Channel Allocations for 802.11a
20 Mhz
5150
20 Mhz
5180
5200
5220
5240
5260
5280
5300
5320
5350
Each channel is 20Mhz
Part 1
33
Wireless LAN setup Demo
Wire LAN
1. Connect to AP
2. Configure to AP
3. Test connection to Internet
Part 1
34
Speed vs Distance (2.4 Ghz)
Speed
Out Doors
In Doors
11Mbps
150m (500ft)
30m (100ft)
5.5Mbps
270m (880ft)
50m (160ft)
2Mbps
400m (1300ft)
70m (220ft)
1Mbps
460m (1500ft)
90m (280ft)
Part 1
35
Speed vs Distance (5 Ghz)
802.11a+ ?
Speed
Out Doors
In Doors
72 Mbps
40m (133ft)
20m (66ft)
54 Mbps
80m (262ft)
25m (82ft)
48 Mbps
230m (755ft)
35m (115ft)
36 Mbps
300m (984ft)
40m (131ft)
24 Mbps
340m (1115ft)
45m (148ft)
18 Mbps
370m (1214ft)
50m (164ft)
12 Mbps
400m (1312ft)
55m (180ft)
9 Mbps
465m (1526ft)
57ft (187ft)
6 Mbps
500m (1650ft)
60m (197ft)
Part 1
36
What affects Range of
Transmission
RF Barrier
Air
Relative Degree of Attenuation
Example:
Minimal
Wood
Low
Office partitions
Plaster
Low
Inner walls
Synthetic
material
Low
Office partitions
Asbestos
Low
Ceiling
Glass
Low
Windows
Water
Medium
Damp wood, aquariums
Brick
Medium
Inner and outer wall
Marble
Medium
Inner wall
Paper
High
Paper rolls, cardboard boxes
Concrete
High
Floor and outer walls
Bullet-proff glass
High
Security booth
Metal
Very High
Part 1
Desks, office partitions,
elevator shafts, reinforced
walls
37
802.11n


Newest Wireless LAN standard
Final retification expected to be at late 2009
Release Date Op. Frequency
Mid 2008
5 GHz and/or 2.4
GHz
Data Rate (Typ)
Data Rate
(Max)
Range
(Indoor)
150 Mbit/s
300Mbit/s (2
~70 meters
stream)
• Currently is Draft version 2
• Backward compatible to 802.11a/b/g
Part 1
38
802.11n New Feature

MIMO (Multiple Input - Multiple Output)



Channel Bonding



defines many "M x N" antenna configurations, ranging from "1
x 1" to "4 x 4". This refers to the number of transmit (M) and
receive (N) antennas – for example, an AP with two transmit
and three receive antennas is a "2 x 3" MIMO device.
Better dealing with multipath signal reflections and attenuation
bonding to combine two adjacent 20 MHz channels into a
single 40 MHz channel (most effective at 5GHz)
increases that throughput to 150 Mbps per channel
Aggregating of Frame

Transmit more than one application in single frame with fix
header
Part 1
39
Wireless LAN
Components
Part 1
40
Wireless LAN Components

Wireless client
a computing device that is equipped with a wireless LAN network adapter.
Wireless clients can communicate directly with each other or through a wireless
access point.

Wireless Access Point
a networking device equipped with a wireless LAN network adapter that acts as a
bridge between wireless client and a traditional wired network
Part 1
41
Various Wireless Adapters for
client
PCMCIA
USB
Internal
PCMCIA
Adapter
Internal Wireless
Interface
Part 1
42
Basic Service Set
The basic building block of an 802.11 network is the Basic Service set (BSS), which is
simply a group of stations that communicate with each other
Ad-hoc BSS
Infrastructure BSS
Part 1
43
Extended Service Set
Extended Service Set is for large networks
Extended BSS
AP (Bridge mode setting)
Internet
Part 1
44
Workshop – Build simple wireless
LAN (Ad-Hoc)
Wire LAN
1. Ist client create a SSID(making it visible) and create a share
folder with a file for other clients to download
2. Other Clients join this network
3. Test connection by download a file from 1st client
Part 1
45
Building A Simple wireless
network



Need wireless network adapter
Define an SSID (Service Set IDentification) for
“Adhoc” network
All client connects to this SSID
Install driver of Wireless Network Adapter
Client 1 – set up a wireless group with SSID ADHOCxx – xx = 01 – 10
Client 2 – Connect to the ad-hoc network
Part 1
46
What is an Access Point?
Access Point is a mean connecting wireless world and the wired world
Some feature provided by AP

At least 2 interface






Wireless Interface (802.11x)
Wired Interface (Ethernet or WAN port)
Bridge table
Dynamic Host Configuration Protocol (DHCP)
Network Address Translation (NAT)
Security filtering and Monitoring
Part 1
47
2 types of APs
1 - Residential Gateways/Routers



Target at price-conscious users
Simple connectivity
Limited functions
2 – Enterprise Gateways (AP)
• More expensive
• Large network connectivity and multi APs
• More sophisticated functions
– Device management
– Greater Security functions
Part 1
48
Residential Gateways / Routers




Suitable for home or small office use
Deploy with one routable IP address, so NAT
is implemented
Aim for connecting to a WAN via modem
May support VPN pass-through


IPSec
PPTP
Example:
Linksys WRT610N
SMC WGBR14S-N
Dlink DIR655
Part 1
49
Home / small office setup
ADSL/Cable Modem
Internet
Perform NAT
Internal  Real IP address
Wireless Router
Internal Addresses
Wireless NIC
Part 1
50
Enterprise Gateways








Various different names but often just call AP
Provide a bridging function between wireless devices
and wired network
Provide Inter-Access Point Protocol (IAPP - 802.11F)
Roaming
Upgrade path, from 802.11b, to 802.11a to 802.11g and
to 802.11n
Provide SNMP management tools included
Provide external antenna facilities
VPN, VLAN functions
Example:
Orinoco AP2000
Cisco Aironet 1220
3COM AirConnect
Part 1
51
Enterprise AP
Router
Internet
Switch
Bridge the wireless to Wired
Network address same
as wired segment
Sales Dept.
HR. Dept
Wired Network
Part 1
Wireless PCMCIA
52
Selecting Access Point








Should be Wi-Fi (Wireless Fidelity)
Number of ports (including printer?)
Device Management facility - Web based?
More than one AP?
Roaming required?
Security functions
Price
Transmission power
Part 1
53
Workshop – Build Enterprise
wireless LAN (Router Mode)
1. Access the AP with browser or vendor supplied software, either wireless
or directly connected. Use factory URL (192.168.1.1)
2. Login with factory user ID and password (1234)
3. Use Web configurator to set up SSID for Open Access (no security)
4. Create a share folder with some files for sharing
Part 1
54
Workshop – Build Enterprise
wireless LAN (client setup)






Disable all wired Network adapters
Insert USB wireless Client (install driver)
Use Windows XP’s Zero Configuration Utility
and scan for available wireless network
Locate your group’s SSID and Connect to your
group’s network
Use the command IPCONFIG at cmd prompt
to identify what IP address was assigned to
your system
Use IE to access an external site. Were u
successful?
Part 1
55
Workshop – Build Enterprise
wireless LAN (AP Mode)
1. Access the AP with browser or vendor supplied software, either wireless
or directly connected. Use factory URL (192.168.1.1)
2. Login with factory user ID and password (1234)
3. Configure the Access Point to run as AP mode (bridge mode)
Part 1
56
Workshop – Build Enterprise
wireless LAN (client setup)




Use Windows XP’s Zero Configuration Utility
and scan for available wireless network
Locate your group’s SSID and Connect to your
group’s network
Use the command IPCONFIG at Command
prompt to identify what IP address was
assigned to your system. Any different to the
previous exercise?
Use IE to access an external site. Were you
successful?
Part 1
57
ANTENNAS
Part 1
58
Antenna Properties
An antenna gives the wireless system two fundamental properties
GAIN
Gain is a measure of increase in power.
Direction
Direction is the shape of the transmission pattern.
An antenna rating is typically to the gain of an isotropic or dipole antenna.
An isotropic antenna is a theoretical antenna with a uniform three-dimensional
radiation pattern (similar to a light bulb with no reflector). dBi is used to compare the
power level of a given antenna to the theoretical isotropic antenna.
An isotropic antenna is said to have a power rating of 0 dB; for example, zero gain/loss
when compared to itself.
Some antennas are rated in comparison to dipole antennas. This is denoted by the suffix
dBd. Dipole have a stronger gain of 2.14 db when compare with isotropic antenna.
Hence, dipole antennas have a gain of 0 dBd (= 2.14 dBi).
Part 1
59
Directional Antennas
Omni-Directional
Directional
 360 degree Radiation pattern
Normally no increase of power
 The Standard increased power of 2.4dbiRedirect s the energy
 (“Rubber Duck”)
Angle of radiation is decreased
Greater distance is covered
Part 1
60
Antenna Examples
Part 1
61
Antenna Power factor
When replacing antenna, this can be used for reference
increase
Factor
Decrease
Factor
0 dB
1x
0 dB
1x
1 dB
1.25 x
-1 dB
0.8x
3 dB
2x
-3 dB
0.5x
6 dB
4x
-6 dB
0.25x
10 dB
10x
-10 dB
0.1x
12 dB
16x
-12 dB
0.06x
20 dB
100x
-20 dB
0.01x
30 dB
1000x
-30 dB
0.001x
40 dB
10,000x
-40 dB
0.0001x
dB = 10 log10 (Power A/Power B)
Part 1
62
Why Select Correct Antenna?




Good reception
Gain maximum speed and distance
Reduce interference
Security
Part 1
63
Assignment

Review the wireless needs of your school


Prepare a network diagram , if needed (simple
PowerPoint)
Consider any security issues that may exist or
may have
For discussion at next session
Part 1
64
APPENDIX
Part 1
65
Workshop AP introduction
Reset switch at back of device
Encryption ON/OFF
Power LED
Switch LED WAN LED
Green – 100Mbps
Orange – 1000Mbps
Blink – data Tx/Rx
Part 1
Wireless LED
Blink – data Tx/Rx
66
Workshop AP introduction
Changing Router mode to AP mode
Part 1
67
Roaming Requirements





All AP (not in router mode) must be on same subnet
and configured with same ESSID
Adjacent AP must use a different channel when
coverage area overlapped
All APs must use same port number to relay roaming
information
APs must be connected to the wired network and uses
DHCP server to assign dynamic IP address
If 802.1x is used for user authentication, it is
recommended to use server. If authentication is
performed locally at the AP, then all APs must have
user’s profile
Part 1
68
Related documents
WAEA
WAEA
ZigBee Based Intelligent Helmet for Coal Miners
ZigBee Based Intelligent Helmet for Coal Miners
Dr. Luk R. Arnaut
Dr. Luk R. Arnaut
Wireless structural health monitoring system(Literature review
Wireless structural health monitoring system(Literature review
wireless - Home and Learn
wireless - Home and Learn
Chapter 10
Chapter 10
DENIAL OF SERVICE IN WIRELESS NETWORKS
DENIAL OF SERVICE IN WIRELESS NETWORKS
Daftar Singkatan
Daftar Singkatan
Download
advertisement