Wireless LANs
Portable communications have become an expectation in many countries around the world. You can see portability and mobility in everything from cordless keyboards and headsets, to satellite phones and global positioning systems (GPS). The mix of wireless technologies in different types of networks allows workers to be mobile.
Comparing a WLAN to a LAN
Wireless LANs share a similar origin with Ethernet LANs. The IEEE has adopted the 802 LAN/MAN portfolio of computer network architecture standards. The two dominant 802 working groups are 802.3 Ethernet and 802.11 wireless LAN. However, there are important differences between the two.
Wireless LAN Standards
802.11 wireless LAN is an IEEE standard that defines how radio frequency (RF) in the unlicensed industrial, scientific, and medical (ISM) frequency bands is used for the Physical layer and the MAC sub-layer of wireless links.
Typically, the choice of which WLAN standard to use is based on data rates. For instance, 802.11a and g can support up to 54 Mb/s, while 802.11b supports up to a maximum of 11 Mb/s, making 802.11b the “slow” standard, and 802.11 a and g the preferred ones. A fourth WLAN draft, 802.11n, exceeds the currently available data rates. The IEEE 802.11n should be ratified by September 2008. The figure compares the ratified IEEE 802.11a, b, and g standards.
802.11b and 802.11g
There are advantages to using the 2.4 GHz band. Devices in the 2.4 GHz band will have better range than those in the 5GHz band. Also, transmissions in this band are not as easily obstructed as 802.11a.
There is one important disadvantage to using the 2.4 GHz band. Many consumer devices also use the 2.4 GHz band and cause 802.11b and g devices to be prone to interference.
802.11n
The IEEE 802.11n draft standard is intended to improve WLAN data rates and range without requiring additional power or RF band allocation. 802.11n uses multiple radios and antennae at endpoints, each broadcasting on the same frequency to establish multiple streams
Important: RF bands are allocated by the International Telecommunications Union-Radio communication sector (ITU-R). The ITU-R designates the 900 MHz, 2.4 GHz, and 5 GHz frequency bands as unlicensed for ISM communities. Although the ISM bands are globally unlicensed, they are still subject to local regulations.
Standards ensure interoperability between devices made by different manufacturers. Internationally, the three key organizations influencing WLAN standards are:
ITU-R
IEEE
Wi-Fi Alliance
The ITU-R regulates the allocation of the RF spectrum and satellite orbits. These are described as finite natural resources that are in demand from such consumers as fixed wireless networks, mobile wireless networks, and global positioning systems.
Wireless NICs
the wireless NIC, using the modulation technique it is configured to use, encodes a data stream onto an RF signal.
Wireless Access Points
An access point connects wireless clients (or stations) to the wired LAN. Client devices do not typically communicate directly with each other; they communicate with the AP. In essence, an access point converts the TCP/IP data packets from their 802.11 frame encapsulation format in the air to the 802.3 Ethernet frame format on the wired Ethernet network.
An access point is a Layer 2 device that functions like an 802.3 Ethernet hub. RF is a shared medium and access points hear all radio traffic.
CSMA/CA
Access points oversee a distributed coordination function (DCF) called Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA). This simply means that devices on a WLAN must sense the medium for energy (RF stimulation above a certain threshold) and wait until the medium is free before sending.
Wireless Routers
Wireless routers perform the role of access point, Ethernet switch, and router. For example, the Linksys WRT300N used is really three devices in one box. First, there is the wireless access point, which performs the typical functions of an access point. A built-in four-port, full-duplex, 10/100 switch provides connectivity to wired devices. Finally, the router function provides a gateway for connecting to other network infrastructures.
Configurable Parameters for Wireless Endpoints
You have to configure parameters on the access point-and subsequently on your client device-to enable the negotiation of these processes.
A shared service set identifier (SSID)
A shared service set identifier (SSID) is a unique identifier that client devices use to distinguish between multiple wireless networks in the same vicinity. Several access points on a network can share an SSID.
Ad hoc Networks
Wireless networks can operate without access points; this is called an ad hoc topology.
A key part of the 802.11 process is discovering a WLAN and subsequently connecting to it. The primary components of this process are as follows:
• Beacons – Frames used by the WLAN network to advertise its presence.
• Probes – Frames used by WLAN clients to find their networks.
• Authentication – A process which is an artifact from the original 802.11 standard, but still required by the standard.
• Association – The process for establishing the data link between an access point and a WLAN client.
The primary purpose of the beacon is to allow WLAN clients to learn which networks and access points are available in a given area, thereby allowing them to choose which network and access point to use. Access points may broadcast beacons periodically.
802.11 authentication
802.11 was originally developed with two authentication mechanisms. The first one, called open authentication, is fundamentally a NULL authentication where the client says “authenticate me,” and the access point responds with “yes.” This is the mechanism used in almost all 802.11 deployments.
Rogue Access Points
A rogue access point is an access point placed on a WLAN that is used to interfere with normal network operation. If a rogue access point is configured with the correct security settings, client data could be captured.
Man-in-the-Middle Attacks
One of the more sophisticated attacks an unauthorized user can make is called a man-in-the-middle (MITM) attack. Attackers select a host as a target and position themselves logically between the target and the router or gateway of the target. In a wired LAN environment, the attacker needs to be able to physically access the LAN to insert a device logically into the topology. With a WLAN, the radio waves emitted by access points can provide the connection.
Denial of Service
802.11b and g WLANs use the unlicensed 2.4 GHz ISM band. This is the same band used by most wireless consumer products, including baby monitors, cordless phones, and microwave ovens. With these devices crowding the RF band, attackers can create noise on all the channels in the band with commonly available devices.
Encryption
Two enterprise-level encryption mechanisms specified by 802.11i are certified as WPA and WPA2 by the Wi-Fi Alliance: Temporal Key Integrity Protocol (TKIP) and Advanced Encryption Standard (AES).
TKIP is the encryption method certified as WPA. It provides support for legacy WLAN equipment by addressing the original flaws associated with the 802.11 WEP encryption method. It makes use of the original encryption algorithm used by WEP.
TKIP has two primary functions:
• It encrypts the Layer 2 payload
• It carries out a message integrity check (MIC) in the encrypted packet. This helps ensure against a message being tampered with.
a view of the GUI for each configuration.
• Network Mode – If you have Wireless-N, Wireless-G, and 802.11b devices in your network, keep Mixed, the default setting. If you have Wireless-G and 802.11b devices, select BG-Mixed. If you have only Wireless-N devices, select Wireless-N Only. If you have only Wireless-G devices, select Wireless-G Only. If you have only Wireless-B devices, select Wireless-B Only. If you want to disable wireless networking, select Disable.
• Network Name (SSID) – The SSID is the network name shared among all points in a wireless network. The SSID must be identical for all devices in the wireless network. It is case-sensitive and must not exceed 32 characters (use any of the characters on the keyboard). For added security, you should change the default SSID (linksys) to a unique name.
• SSID Broadcast – When wireless clients survey the local area for wireless networks to associate with, they detect the SSID broadcast by the access point. To broadcast the SSID, keep Enabled, the default setting. If you do not want to broadcast the SSID, select Disabled. When you have finished making changes to this screen, click the Save Settings button, or click the Cancel Changes button to undo your changes. For more information, click Help.
• Radio Band – For best performance in a network using Wireless-N, Wireless-G, and Wireless-B devices, keep the default Auto. For Wireless-N devices only, select Wide – 40MHz Channel. For Wireless-G and Wireless-B networking only, select Standard – 20MHz Channel.
• Wide Channel – If you selected Wide – 40MHz Channel for the Radio Band setting, this setting is available for your primary Wireless-N channel. Select any channel from the drop-down menu.
• Standard Channel – Select the channel for Wireless-N, Wireless-G, and Wireless-B networking. If you selected Wide – 40MHz Channel for the Radio Band setting, the standard channel is a secondary channel for Wireless-N.
