Please enable JavaScript.
Coggle requires JavaScript to display documents.
Wirless Network Comunication, image, image, image, image - Coggle Diagram
Wirless Network Comunication
Wirless Comunications
Wireless versus Wired LANs
Wireless versus Wired LANs
Wlans used radio frequencies isntead of cables at a physical layer and MAC sublayer of data link layer
Wireless Devices -AP, LWAP, and WLC
A common wireless data implementation is enabling devices to connect wirelessly via a LAN. In general, a wireless LAN requires wireless access points and clients that have wireless NICs. Home and small business wireless routers integrate the functions of a router, switch, and access point into one device
802.11 Frame Structure
Recall that all Layer 2 frames consist of a header, payload, and Frame Check Sequence (FCS) section. The 802.11 frame format is similar to the Ethernet frame format, except that it contains more fields, as shown in the figure.
Wirless Frames
Frame Control - This identifies the type of wireless frame and contains subfields for protocol version, frame type, address type, power management, and security settings.
Duration - This is typically used to indicate the remaining duration needed to receive the next frame transmission.
Address1 - This usually contains the MAC address of the receiving wireless device or AP.
Address2 - This usually contains the MAC address of the transmitting wireless device or AP.
Address3 - This sometimes contains the MAC address of the destination, such as the router interface (default gateway) to which the AP is attached.
Sequence Control - This contains information to control sequencing and fragmented frames.
Address4 - This usually missing because it is used only in ad hoc mode.
Payload - This contains the data for transmission.
FCS - This is used for Layer 2 error control.
CSMA/CA
WLANs are half-duplex, shared media configurations. Half-duplex means that only one client can transmit or receive at any given moment. Shared media means that wireless clients can all transmit and receive on the same radio channel
Wireless Client and AP Association
For wireless devices to communicate over a network, they must first associate with an AP or wireless router. An important part of the 802.11 process is discovering a WLAN and subsequently connecting to it
Passive and Active Discover Mode
Wireless devices must discover and connect to an AP or wireless router. Wireless clients connect to the AP using a scanning (probing) process. This process can be passive or active.
WLAN Threats
Wireless Security Overview
A WLAN is open to anyone within range of an AP and the appropriate credentials to associate to it. With a wireless NIC and knowledge of cracking techniques, an attacker may not have to physically enter the workplace to gain access to a WLAN.
Attacks can be generated by outsiders, disgruntled employees, and even unintentionally by employees. Wireless networks are specifically susceptible to several threats, including
Interception of data - Wireless data should be encrypted to prevent it from being read by eavesdroppers.
Wireless intruders - Unauthorized users attempting to access network resources can be deterred through effective authentication techniques.
Denial of Service (DoS) Attacks - Access to WLAN services can be compromised either accidentally or maliciously. Various solutions exist depending on the source of the DoS attack.
Rogue APs - Unauthorized APs installed by a well-intentioned user or for malicious purposes can be detected using management software.
DoS Attacks
Types
Wireless DoS attacks can be the result of:
Improperly configured devices - Configuration errors can disable the WLAN. For instance, an administrator could accidently alter a configuration and disable the network, or an intruder with administrator privileges could intentionally disable a WLAN.
A malicious user intentionally interfering with the wireless communication - Their goal is to disable the wireless network completely or to the point where no legitimate device can access the medium.
Accidental interference - WLANs are prone to interference from other wireless devices including microwave ovens
Rogue Access Points
A rogue AP is an AP or wireless router that has been connected to a corporate network without explicit authorization and against corporate policy. Anyone with access to the premises can install (maliciously or non-maliciously)
Man-in-the-Middle Attack
In a man-in-the-middle (MITM) attack, the hacker is positioned in between two legitimate entities in order to read or modify the data that passes between the two parties. There are many ways in which to create a MITM attack.
SECURE WLAN
SSID Cloaking and MAC Address Filtering
Wireless signals can travel through solid matter, such as ceilings, floors, walls, outside of the home, or office space. Without stringent security measures in place, installing a WLAN can be the equivalent of putting Ethernet ports everywhere
802.11 Original Authentication Methods
Although these two features would deter most users, the reality is that neither SSID cloaking nor MAC address filtering would deter a crafty intruder
Authenticating a Home User
Home routers typically have two choices for authentication: WPA and WPA2. WPA2 is the stronger of the two. The figure shows the option to select one of two WPA2 authentication methods:
Personal - Intended for home or small office networks, users authenticate using a pre-shared key (PSK). Wireless clients authenticate with the wireless router using a pre-shared password. No special authentication server is required.
Enterprise - Intended for enterprise networks but requires a Remote Authentication Dial-In User Service (RADIUS) authentication server. Although more complicated to set up, it provides additional security. The device must be authenticated by the RADIUS server and then users must authenticate using 802.1X standard, which uses the Extensible Authentication Protocol (EAP) for authentication.
Encryption Methods
Encryption is used to protect data. If an intruder has captured encrypted data, they would not be able to decipher it in any reasonable amount of time.
Temporal Key Integrity Protocol (TKIP)
Temporal Key Integrity Protocol (TKIP)
Authentication in the Enterprise
In networks that have stricter security requirements, an additional authentication or login is required to grant wireless clients such access. The Enterprise security mode choice requires an Authentication, Authorization, and Accounting (AAA) RADIUS server.
RADIUS Server IP address - This is the reachable address of the RADIUS server.
UDP port numbers - Officially assigned UDP ports 1812 for RADIUS Authentication, and 1813 for RADIUS Accounting, but can also operate using UDP ports 1645 and 1646, as shown in the figure.
Shared key - Used to authenticate the AP with the RADIUS server.
WPA3
At the time of this writing, devices that support WPA3 authentication were not readily available. However, WPA2 is no longer considered secure. WPA3, if available, is the recommended 802.11 authentication method. WPA3 includes four features:
WPA3-Personal, WPA3-Enterprise, Open Network, Iot Onboarding
