You are on page 1of 35

PRIYANKA RAO

YASHESH MORKHIA
RUSHABH VORA
AKSHAY PATIL
KANCHAN INDALKAR
KIRAN YADAV

835
816
831
819
809
838

Introduction
Wi-Fi Technologies
Wi-Fi Architecture
Wi-Fi Network Elements
How a Wi-Fi Network Works
Wi-Fi Network Topologies
Wi-Fi Configurations
Applications of Wi-Fi
Wi-Fi Security
Advantages/ Disadvantages of Wi-Fi

Wireless Technology is an alternative to Wired

Technology, which is commonly


connecting devices in wireless mode.

used,

for

Wi-Fi (Wireless Fidelity) is a generic term that

refers to the IEEE 802.11


standard for Wireless Local
(WLANs).

communications
Area Networks

Wi-Fi Network connect computers to each other, to

the internet and to the wired network.

Wi-Fi Networks use Radio Technologies to


transmit & receive data at high speed:
IEEE 802.11b
IEEE 802.11a
IEEE 802.11g
IEEE 802.11n

Appear in late 1999


Operates at 2.4GHz radio spectrum
11 Mbps (theoretical speed) - within 30 m

Range
4-6 Mbps (actual speed)
100 -150 feet range
Most popular, Least Expensive
Interference from mobile phones and
Bluetooth devices which can reduce the
transmission speed.

Introduced in 2001
Operates at 5 GHz (less popular)
54 Mbps (theoretical speed)
15-20 Mbps (Actual speed)
50-75 feet range
More expensive
Not compatible with 802.11b

Introduced in 2003
Combine the feature of both standards

(a,b)
100-150 feet range
54 Mbps Speed
2.4 GHz radio frequencies
Compatible with b

Introduced in 2009
Improved network from 54 Mbit/s to 600

Mbit/s
175 Feet range
300 Mbps - 450 Mbps+ Speed
2.4/5 GHz radio frequencies
802.11n is faster than 802.11g.

Access Point (AP) - The AP is a wireless LAN

transceiver or base station that can connect one or many


wireless devices simultaneously to the Internet.

Wi-Fi cards They accept the wireless signal and relay

information. They can be internal and

(e.g PCMCIA Card for Laptop and PCI Card for Desktop PC)
Safeguards - Firewalls and anti-virus software protect

networks from uninvited users and keep information secure.

Basic concept is same as Walkie talkies.


A Wi-Fi hotspot is created by installing an access

point to an internet connection.


An access point acts as a base station.
When Wi-Fi enabled device encounters a hotspot the
device can then connect to that network wirelessly.
A single access point can support up to 30 users and
can function within a range of 100 150 feet indoors
and up to 300 feet outdoors.
Many access points can be connected to each other
via Ethernet cables to create a single large network.

AP-based topology (Infrastructure Mode)


Peer-to-peer topology (Ad-hoc Mode)
Point-to-multipoint bridge topology

The client communicate through Access Point.


BSA-RF coverage provided by an AP.
ESA-It consists of 2 or more BSA.
ESA cell includes 10-15% overlap to allow roaming.

AP is not required.
Client devices within a cell

directly with each other.

can communicate

It is useful for setting up of a wireless network

quickly and easily.

This is used to connect a LAN in one building to a


LANs in other buildings even if the buildings are
miles apart. These conditions receive a clear line
of sight between buildings. The line-of-sight range
varies based on the type of wireless bridge and
antenna used as well as the environmental
conditions.

Wireless technology doesnt remove any old security

issues, but introduces new ones


Eavesdropping
Man-in-the-middle attacks
Denial of Service

Easy to perform, almost impossible to detect


By default, everything is transmitted in clear

text

Usernames, passwords, content ...


No security offered by the transmission medium

Different tools available on the internet


Network sniffers, protocol analysers . . .
Password collectors
With the right equipment, its possible to

eavesdrop traffic from few kilometers away

1.

Attacker spoofes a
disassociate message
from the victim

2.

The victim starts to


look for a new access
point, and the attacker
advertises his own AP
on a different channel,
using the real APs
MAC address

3.

The attacker connects


to the real AP using
victims MAC address

Attack on transmission frequecy used


Frequency jamming
Not very technical, but works
Attack on MAC layer
Spoofed deauthentication / disassociation messages
can target one specific user
Attacks on higher layer protocol (TCP/IP

protocol)

SYN Flooding

The requirements for Wi-Fi network security can be


broken down into two primary components:
Authentication
User Authentication
Server Authentication

Privacy

Keeping unauthorized users off the network


User Authentication
Authentication Server is used
Username and password
Risk:
Data (username & password) send before secure

channel established
Prone to passive eavesdropping by attacker

Solution
Establishing a encrypted channel before sending
username and password

Server Authentication
Digital Certificate is used
Validation of digital certificate occurs automatically within

client software

802.1X Access Control


Wireless Protected Access (WPA)

Designed as a general purpose network access control mechanism


Authenticate each client connected to AP (for WLAN) or switch port

(for Ethernet)

Authentication is done with the RADIUS server, which tells the

access point whether access to controlled ports should be allowed


or not
AP forces the user into an unauthorized state
user send an EAP start message
AP return an EAP message requesting the users identity
Identity send by user is then forwared to the authentication server by AP
Authentication server authenticate user and return an accept or reject

message back to the AP


If accept message is return, the AP changes the clients state to
authorized and normal traffic flows

WPA is a specification of standard based, interoperable security


enhancements that strongly increase the level of data protection
and access control for existing and future wireless LAN system.
User Authentication
802.1x
EAP
TKIP (Temporal Key Integrity Protocol) encryption
dynamic encryption keys (session based)
New 128-bit key
per packet key mixing function

Uses Message Integrity check


Ensures data integrity

WPA comes in two flavors


WPA-PSK
use pre-shared key
For SOHO environments
Single master key used for all users

WPA Enterprise
For large organisation
Most secure method
Unique keys for each user
Separate username & password for each user

It replaced original WPA since 2006


It is based on IEEE 802.11i technology
Used on Home Networks
Depends on WPA-2 PSK (Pre Shared Key)

Home
Small Businesses or SOHO
Large Corporations & Campuses
Health Care
Wireless ISP (WISP)
Travellers

Mobility
Ease of Installation
Flexibility
Cost
Reliability
Use unlicensed part of the radio spectrum
Roaming
Speed

Interference
Degradation in performance
High power consumption
Limited range