Bitmindframes Cisco Study Guides
Why Use Wireless?
Networks evolve to support people in motion
Many different infrastructures (wired LAN, provider) allow mobility.
Productivity is no longer limited to a fixed workplace or for a fixed period of time.
WLAN reduces costs.
Comparison between WLAN and LAN
The dominant IEEE 802 groups are 802.3 and 802.11
However, there are significant differences between the two frequencies
. receive radio frequency signals. The radio frequency is not protected from external signals.
The radio frequency has some unique challenges, the farther away from the source the winner of the transmission.
Radio frequency bands are regulated in different countries. In wireless topology, a wireless AP can be used instead of a switch.
WLAN hosts address access to radio frequency media.
802.11 uses collision detection instead of collision avoidance.
WLANS uses a different frame format than ethernet lans.
WLANS requires additional information in L2.
WLANS raises privacy issues because RF can get outside the facility.
INTRO TO WIRELESS LANS
802.11 The LANS expands the 802.3 infrastructure to provide additional connectivity
Requires additional components and protocols
802.3 is the client AP
802.11 802.11 Clients Wireless Adapter for Wireless Router or AP
When Wireless Clients are Connected to Sources as if they were Wired
802.11 Unauthorized Industrial, Scientific, Medical (ISM) frequencies are used by the physical and cat sublayers.
802.11 Early 2MB 2.4GHz
Standards Enhanced by Standards 11a, 11b, 11g, 11n
802.11a & g = 54MBs
802.11b = 11MBs
] 802.11n speed greater than 100Mbs
OFDM is faster and more expensive than DSSS
OFDM 5GHz, less PR and interference, smaller antennas
Bad range and performance sensitive to obstructions
802.11b & g Both 2.4 GHz
802.11g OFDM and DSSS
2.4 GHz range is better and not so easy to shut down, but still always bother
Improves data without new RF band
Uses Multi-Input Multi-Output (IMMO) Technology
Expected by September 08
by ITU-R allocated RF bands
Wi-Fi Certification wolf
Three key organizations affecting WLAN standards
ITU-R: RF bands
IEEE: way of RF modulation
WiFi Alliance: interportability between vendors
] The WiFi Federation certifies all 3 IEEE 802.11 standards as well as IEEE drafts and WPA WPA2 standards based on 802.11i.
The coding of the configuration modulation to the RF signal is streamed by the tech
The early wireless NICS cards were PCMCIA, but are now incorporated into laptops
PCI and USB Nics are also available
Wireless Access Points
Customers usually do not communicate directly with each other
AN AP connects clients to wired LAN and converts TCp-ip packets from 802.11 to 802.3.
To obtain net services, customers need to connect to AP. AP is a L2 device that works like an Ethernet hub. Radio Frequency is a common medium, like early Ethernet buses. Devices wishing to use the media must fight. Wireless NIC cannot detect conflicts, so you should avoid them.
CSMA / CA
AP manages the distributed co-ordination function (DCF) under the name of CSMA / CA
Devices on the WLAN must detect energy and wait for the medium to be free before sending.
If an AP receives data from a client, it sends an ACK. This ACK keeps the customer from the assumption that a collision has occurred and promises to resend. Damping causes problems in a WLAN where the stations are for the media. RTS / CTS allows negotiations between the client and the AP.
RTS: Request for Transmission
CTS: Cancel Send
When AP is enabled, the mediator distributes the medium to the requesting station. When data transfer is complete, other stations may request the channel.
To set up a connection, you need to configure parameters for both the AP and the client.
Since 11g is compatible with AP 11b, it supports both standards.
SSID is a unique identifier that is used by client devices to distinguish wifi networks.
The SSID can be alphanumeric, lower case and 2-32 characters long.
Several APs can share the SSID. The 2.4 GHz band has 11 channels in North America and 13 in Europe
These channels actually overlap, so the best APs do not overlap channels.
Planning a Wireless LAN
Implementing a Good WLAN requires Careful Planning
Number of WLAN Users Not Simple Calculation
Layout, Required Data Rates, Non-Overlapping Channels and Data Transmission
When designing the location of APs, it may not be enough that the cover covers are sufficient.
If the AP needs existing wires or there are places where the AP cannot be placed, consider these places on the map
Position of the AP above the obstacles
Position AP & # Vertically
Position of AP where users are expected
If these points are addresses, estimate the expected coverage
Place the AP so that the coverage circles overlap
The coverage area is usually square, but the BSA radiates diagonally from the center of the space
Dangers of wireless security
Business relationships to protect information. Security problems are reinforced by a wireless network. WLAN is open to everyone in the domain whose credentials need to be assigned.
There are three main categories of threats:
Hackers / Crackers
War Leadership to Use Mobile Phone Numbers, but Now Uses Unsafe Networks.
Hackers were originally benign explorers, but now hacker / cracker is often a malicious intruder.
Unfortunately, workers are often inevitably the source of the biggest security issues, often by installing a rogue AP.
Most wireless devices have default settings and are not available at all, but are never recommended. These settings can easily be compromised by using wire sniffers. This allows administrators to record data packets for debugging and exploit them. Malicious AP is any unauthorized AP that can be used to record data.
MAN In MIDDLE ATTACKS
In a wired network, an attacker must have physical access, but wireless signals can provide access from outside.
Because AP works like nodes, each nic hears all traffic.
Attackers can modify the nicet to accept all traffic. Hackers can track clients that are connected to an AP and record the user / server name and IP. If all legitimate users knew it, you can track the villains.
Denial of Service
The 2.4GHz ISM band is used by most consumer products. Attackers can actually create noise through these commonly available devices. An attacker can use a PC as an AP and flood BSS with CTS messages that overcome CSMA / CA. The AP then floods the BSS, causing a collision current. Another attack sends separate commands to disable all stations.
Two types of authentication originally: OPEN & SHARED WEP
The open auth does not exist, and the WEP keys have proven to be faulty. To compensate for WEPs, SSID and MAC address filtering were attempted. The WEP algorithm can be cracked, and since the keys are typically written, they are sensitive to entry errors. During the 802.11i development, manufacturers took temporary security measures. TKIP encryption is connected to WiFi Alliance WPA.
Today, 802.11i is the security standard (similar to WPA2)
WPA2 includes a connection to a RADIUS database.
Authentication for WLAN
In Enterprise networks, the association is not enough on its own: usually additional authentication is required.
This is managed by Extensible Authentication Protocol.
EAP is an 802.1x auth frame that is a port-based authentication protocol.
The configured AP blocks all data except 802.1x traffic. The 802.1x frames deliver EAP packets to the server containing the authentication data.
This is an AAA server running RADIUS protocol.
If successful, the AAA server advises AP to allow customers to pass through the virtual port. Before opening the port, L2 encryption is established between the client and the AP to ensure integrity.
MAC address filtering is easily tricked by counterfeiting, but still needs to be used in parallel with WPA2
Even without SSID broadcasts, the SSID is still publicized.
Best security for port-based access control, such as WPA2
802.11i WPA and WPA2-defined mechanism
Temperature Key Integrity Protocol
Advanced Encryption Standard
TKIP WPA supports legacy devices and WEP
TKIP encrypts L2 load and assigns a message difference check to encrypted packet
TKIP is good but applies to AES 802.11i
Without Configuring Routers without WPA / WPA2, you can see the pre-shared key
PSK or PSK2 TKIP = WPA
for PSK or PSK2 AES = WPA2
PSK2 without encryption = WPA2
A WLAN Controlling access to
WPA2 is like a security system. You can always give depth to safety.
MAC ADDRESS filtering.
Configure AP near external walls to send less energy.
Security Mode – Select Mode 7
Mode Parameters – PSK, PSK2, and RADIUS ONLY
Processing TC / iP Stack L1 to L7
Step 1 eliminates pc; s the source of the problem.
Try to determine the severity of the problem.
Verify that the device can connect to a wired network.
Check security and encryption …. MATCH?
Check for interference (other devices).
On-site surveys may include an on-site assessment followed by a more in-depth assessment.
The on-site assessment includes a control area for potential problems: multiple WLANS, building structures and usage (day / night).
Surveys supported by this utility use tools such as airmagnet.
Set the AP to the stand and set them to the planned locations, then walk through the meter using the meter in the client utility on your computer.
Source by sbobet