Advanced Wireless Network Security

Wireless LAN

Dr. Zafar Iqbal

Assistant Professor
Department of Cyber Security, FCAI.
Air University, Islamabad.

2
Wireless LANs – Wi-Fi (802.11)

2
Infrastructure Wireless LAN

3
Ad-Hoc LAN
Wireless LANs – Wi-Fi (802.11)

• Wireless LANs have even deeper access threats.

• No need to enter the building.

• As in the case of Ethernet LANs, an intruder can connect by radio to an

unprotected wireless access point.

• This again gets the attacker into the network, bypassing the border firewall.

5
 Access Point

• “AP”, is probably the most common wireless LAN device.

• Provides clients with a point of access into a network.

• Equivalent to that of a sophisticated Ethernet switch.

• Used as the connection point between wireless and wired networks

6
Access Point Usage

Root Bridge Repeater

Mode Mode Mode

7
 Root Mode

• Access point is connected to a wired backbone through its wired (usually Ethernet)
interface.

• When in root mode, access points that are connected to the same wired distribution
system can talk to each other over the wired segment.

8
 Bridge Mode

• A wireless bridge provides connectivity between two wired LAN segments, and is
used in point-to-point or point-to-multipoint configurations.

9
 Repeater Mode

• The access point in repeater mode connects to clients as an access point and
connects to the upstream root access point as a client itself.

• Access points have the ability to provide a wireless upstream link into the wired
network rather than the normal wired link or vice versa.

10
 Repeater Mode

• Additionally, the repeater access point is communicating with the clients as well as
the upstream access point over the wireless link.

• Reducing throughput on the wireless segment. Users attached to the repeater access
point will likely experience low throughput and high latencies in this scenario.

11
 Common Options

• Fixed or Detachable Antennas

• Advanced Filtering Capabilities

• Removable (Modular) Radio Cards

• Variable Output Power

• Varied Types of Wired Connectivity

12
 Common Options

Fixed or Detachable Antennas

• An access point with detachable antennas gives you the ability to attach a different
antenna to the access point using whatever length of cable you require.

• You could attach a cable and an outdoor antenna directly to the access point and
mount only the antenna outside.

13
 Common Options

Advanced Filtering Capabilities

• MAC or protocol filtering functionality may be included on an access point. Filtering is

typically used to screen out intruders on your wireless LAN.

• Protocol filtering allows the administrator to decide and control which protocols should be
used across the wireless link.

• For example,

• if an administrator only wishes to provide http access across the wireless link so that users can
browse the web and check their webbased email,

• Then setting an http protocol filter would prevent all other types of protocol access to that
segment of the network.

14
 Common Options

Variable Output Power

• Variable output power allows the administrator to control the power (in milliwatts)
that the access point uses to send its data.

• Controlling the power output may become necessary in some situations where distant
nodes cannot locate the access point.

15
 Removable Radio Cards

• Some manufacturers allow you to add and remove radios to and from built-in the
access point.

• Some access points may have two slots for special functionality.

• Having two radio slots in an access point allows one radio card to act as an access
point while the other radio card is acting as a bridge (in most cases a wireless
backbone).

• Another somewhat dissimilar use is to use each radio card as an independent

access point

16
 Removable Radio Cards

• Having each card act as an independent access point allows an administrator to

accommodate twice as many users in the same physical space without the purchase
of a second access point, further reducing costs.

• When the access point is configured in this manner,

• each radio card should be configured on a non-overlapping channel

• ideally channels 1 and 11, respectively

17
 Features

• Features found in access points vary. However, one thing is constant:

• the more features the access point has,

• the more the access point will cost.

• For example, some SOHO access points will have WEP, MAC filters, and even a built-in
web server.

• If features such as viewing the association table, 802.1x/EAP support, VPN support,
routing functionality, Inter-access point protocol, and RADIUS support are required,
expect to pay several times as much for an enterprise-level access point.

18
 Power over Ethernet (PoE)

• Power over Ethernet (PoE) is a method of delivering DC voltage to an access point,

wireless bridge, or wireless workgroup bridge over the Cat5 Ethernet cable for the
purpose of powering the unit.

• PoE is used when AC power receptacles are not available where wireless LAN
infrastructure devices are to be installed.

• The Ethernet cable is used to carry both the power and the data to the units.

• Ethernet cables can only carry data reliably for 100 meters and, for a distance more
than 100 meters, PoE is not a viable solution.

19
 Lightning Arrestor

• It generally shunt (redirect) surges of up to 5000 Amperes at up to 50 Volts. Lightning

arrestors function as follows:
• 1. Lightning strikes a nearby object

• 2. Transient currents are inducing into the antenna or the RF transmission line

• 3. The lightning arrestor senses these currents and immediately ionizes the gases held internally to
cause a short (a path of almost no resistance) directly to earth ground

20
 Access Point

Attenuator will decrease the RF signal

Amplifier will increase the RF signal

21
WiFi Spectrum
 WiFi Spectrum

• Industrial, Scientific, and Medical (ISM) bands

• The ISM bands are located starting at 902 MHz, 2.4 GHz, and 5.8 GHz

2.4 GHz/
100MHz

902 MHz /
100Mhz 5.8 GHz/
150MHz
 Frequency Bands – ISM and UNII Bands

• Unlicensed National Information Infrastructure (UNII) bands.

• Each one of these UNII bands is in the 5 GHz range and is 100 MHz wide

2.4 GHz/
100MHz
5 GHz/
100MHz

5.8 GHz/
150MHz
Frequency Bands – ISM and UNII Bands
Wireless Standards
Wireless Networks
 CSMA/ CD for Wireless ???

• Collision detection does not work due to different strengths at receiver and sender

• For example, CSMA/CD, relies on the sending being able to detect collisions at the receiver

• Does not work for wireless system since signal strengths are very different at the receiver
than at the sender

• Sender really only hears itself

 CSMA/ CD for Wireless ???

• Collision detection does not work due to different strengths at receiver and sender

• For example, CSMA/CD, relies on the sending being able to detect collisions at the receiver

• Does not work for wireless system since signal strengths are very different at the receiver
than at the sender

• Sender really only hears itself

 30

Thank you !