This was posted by me last week.
It can be found on Page 2, under
Introduction to WLANs
Try searching the board. There's more than the first page!!
==========================
BACKGROUND
Wireless LANs (or WLANS) are based upon the 802.11 series of standards ratified by the IEEE. There are currently 3 common standards for WLAN networking and 1 standard for PAN (Personal Area Networking)
WLANs can be setup in
infrastructure mode, or
Ad Hoc mode.
In Infrastructure mode, you use an Access Point (think of it like a radio station) and several clients (ie, PCs or laptops with WLAN network cards). The Access Point transmits radio signals and the clients (the PCs or laptops) receive and transmit to the Access Point. It is exactly like a cell-phone network. Your computers are the phones and the Access Point is the cellular network base station.
In Ad Hoc mode, you simply have two or more PCs or laptops talking to each other directly, without an Access Point. Using the same phone analogy, it's like having two walkie-talkies, transmitting to each other, instead of a cellphone that uses a centralized base station to talk to another cellphone. Ad hoc mode is cheaper (because you don't need an Access Point), but slower and only useful for direct PC to PC connectivity.
All WLANs are 'contention based'. This basically means they are like "wireless hubs". When one station is transmitting, no one eles can. They are NOT switched! This means that the actual real-life throughput of WLANS is less than the advertised bandwidth. The most common 802.11b network standard offers 11Mb/s
bandwidth, but in reality you will only get around 6Mbs
throughput. For the record, this is just like wired Ethernet. You
never get the full bandwidth in any advertised network standard.
Finally, all current WLANs also opperate in
unlicensed spectrum. This means that no license is required, so anyone can setup a transmitter or receiver. This is exactly what you are doing when you buy an Access Point and a wireless network card! The advantage of this is obvious. No licence, no paper work, no hassle. The disadvantage is that anyone can do it, so someone next door might setup a WLAN too, and there may be some intereference.
WLAN STANDARDS
802.11b (aka WiFi)
Max speed: 11Mb/s
Spectrum: 2.4Ghz
This is by far the most common standard. Most of the WLAN kit you can buy today uses 802.11b. It is cheap and well understood. It opperates in the 2.4Ghz spectrum. Note that this is the same frequency used by older analogue cordless phones and by microwave ovens! Your WLAN will not fry you though, as maximum power is usually around 100mW. Microwave ovens zap things at around 800Watts. It should be noted however, that microwave ovens and older cordless phones can cause interference when they are "on".
802.11b offers 11Mb/s through-put. However, in reality users can expect 6Mb/s maximum bandwidth due to collisions, contention etc.
Within the 2.4Ghz spectrum range used by 802.11i, there are 11 (eleven) channels that can be used. Think of these as "slots" in the 2.4Ghz range. Channel 1 is actually 2.412 GHz, all the way up to Channel 11 which is 2.462 GHz. Note how each channel has a small, but significant change in the actual frequency used (though they are still all in the 2.4Ghz range). Multiple channels are only used when you have multiple Access Points all in or near the same location! They allow you to deploy adjacent cells without causing interference. Most WLANs are setup using channels 1, 6, 11.
Consider four cells side by side. If they used the
exact same frequency, you would have lots of interference. But by using seperate, non-overlapping channels, you can place the cells beside each other with no interference. See the following diagram of four radio cells, sitting side by side.
Code:
----- ----- ------ -----
{ Ch1 } { Ch6 } { Ch11 } { Ch1 } {etc...}
----- ----- ------ -----
Each cell is adjacent (or even overlapping a bit), but is using different channels. This means they do not interefere with each other.
802.11a (aka WiFi-5)
Max speed: 54Mb/s
Spectrum: 5Ghz
This is a newer standard and it offers much higher bandwidth. The equipment is expensive and it is unlikely you shall see it in "retail" or "home network" devices. It has many advantages for enterprise companies who have lots of money. For example, you can use up to 8 non-overlapping channels. This is great if you are a company trying to install lots of APs (Access Points), as you can pack the cells in tighter, but is of little interest to home networkers.
802.11g
Max speed: 54Mb/s
Spectrum: 2.4Ghz
This new standard has just been ratified by the IEEE. It uses the
same frequency as 802.11b but offers speeds of up to 54Mb/s. This is achieved by using different multiplexing (which I won't go into here). One of the major benefits of 802.11g is that it is
backwards compatible with 802.11b. What does this mean? Basically, an 802.11g network can support both 802.11b clients
and 802.11g clients. Remember, they both use the same frequency of 2.4Ghz. The only disadvantage with this is that the 802.11g Access Point will "drop down" to the slower speed for the entire cell. This means even
one 802.11b (11Mbs) client will bring down the speed of the entire 802.11g (54Mbs) cell. Pretty obvious when you think about it.
802.11g cards and Access Points are readily available, and are slightly more expensive than 802.11b ones. It should be noted that only the very newest ones will be compliant with the standard, as it was only ratified in June 2003. The "pre ratification" versions out there already can probably be upgraded via firmware/PROM flashing.
802.15 (aka BlueTooth)
Max speed: 10Mb/s
Spectrum: 2.4Ghz
BlueTooth is known as a PAN or Personal Area Networking. It is not really a WLAN standard and I only include it here for completeness. BlueTooth operates in the same frequency as 802.11b and 802.11g (2.4Ghz) and can cause
service degradation. It won't "knock out" your WLAN, but if two transmitting devices are close together (say a WLAN card and a BlueTooth dongle on your PC), you will see a significant impact upon your WLAN performance. Keep BlueTooth devices at least 25cm from 802.11b or 802.11g cards if possible.
SECURITY
Security in 802.11 wireless networks is based upon the WEP encryption protocol. WEP stands for
Wired Equivalency Protocol, but don't be fooled. Native WEP on it's own is not as secure as a wired LAN.
Originally WEP was based upon 48bit keys, but almost everyone now uses the much stronger 128bit keys (some manufacturers even offer 256bit versions). This is still hackable, if the hacker captures between 1,000,000 and 4,000,000 packets. It should be noted that, for a normal home network, this would mean HOURS of someone surreptitiously hiding nearby, their laptop in hand and actively "listening" to your network traffic. Afterwards, they then need to run their capture through a cryptographic tool to get your key. A lot of work to hack into someone's home network, but possible none-the-less.
WEP is certainly not sufficient for enterprise networks, and a lot of work has been put into improving WLAN security over the past year. But it is fine for home networks. Don't let anyone else convince you otherwise.
This is especially the case when you consider the new enhancements introduced with WPA.
WPA - WiFi Protected Access
This new standard is a set of security hardenings that greatly increase the security of WLANs. Without going into too much technical detail, WPA introduces two major enhancements.
TKIP Temporal Key Integrity Protocol
This basically rehashes the WEP encryption key every packet.
MIC Message Integrity Protocol
This is conceptually like a CRC value.
It protects against "man in the middle" attacks; ie, someone intercepting and changing a packets contents.
WPA effectively mitigates (ie, reduces) all known security weaknesses in WEP based WLAN standards.
WPA2 - WiFi Protected Access 2
WPA2 has not been ratified yet. It is just the marketing term for the 802.11i security standards. WPA2 will really copperfasten wireless security.
802.11i
802.11i are the newest and strongest security standards that are being developed by the IEEE to really harden WLANs. The main enhancement is the replacement of WEP with AES (Advanced Encryption Standard). This is the encryption standard that the Pentagon uses. Suffice it to say that when AES is introduced, you won't be vunerable to WLAN hacking.
EAP
EAP, or Extensible Authentication Protocol is a framework for introducing improved higher level authentication mechanisms to WLANs. It is based upon 802.1x, an ethernet port authentication protocol. EAP does not work alone, but relies upon 3rd parties (ie, Microsoft, Cisco etc) developing "plug ins" (for want of a better term) that provides the specific authentication mechanisms. The most common are LEAP (developed by Cisco), EAP-TLS (primarily Microsoft), PEAP (Cisco, Microsoft) and EAP-TTLS (Funk etc)
EAP is used to manage
authentication. This is different from
encryption. Authentication is a big issue for large companies that want to ensure only the right people can log onto their networks. This is a seperate problem from worrying about encrypting the actual data that is being transmitted wirelessly. Home users do NOT have to worry about authentication. I include reference to EAP and 802.1x here for completeness only.
802.1x
802.1x is an Ethernet authentication protocol. In very basic terms, it "blocks" access on an ethernet port until the device (PC, printer, IP phone etc) successfully proves its identity. This is an excellent tool for improving network security in enterprise environments but is of no real interest to home users.
OTHER STANDARDS
You may hear reference to the following standards.
802.11a - 54Mbs 5Ghz WLAN standard
802.11b - 11Mbs 2.4Ghz WLAN standard
802.11d - Worldmode (ensures worldwide compatibility with cards and Access Points)
802.11e - Qos (Quality of Service; this is needed to improve network reliability for voice applications etc)
802.11f - Inter Access Point Protocol (IAPP); this handles "roaming" from one radio cell to another
802.11h - Transmission Power Control (TPC) and Dynamic Frequency Selection (DSF); this is required for use of 5Ghz in Europe
802.11i - Enhanced security based upon US Federal FIPS standards (ie, extremely secure)
802.11j - Japan enhancements (don't ask...)
802.11n - Super-fast new standard under consideration (no where near ratified yet). Speeds upto 320Mb/s!
SECURING YOUR WLAN
There are three simple steps to ensuring you secure your WLAN that
EVERYONE should follow.
1) Enable WEP
2) Change your SSID
3) Disable SSID Broadcast
Enable WEP
As we saw above, WEP is a method whereby you effectively encrypt (ie "Scramble") your radio traffic, so someone listening in will not be able to simply open your packets. You do this by entering what is called a
shared secret on your Access Point and on your computer. This is usually a long 26 digit hexadecimal string that someone is very unlikely to guess. Take
37ea7f91c25721d0c4ef37df3f as an example. Who's going to guess that?! You enter it on your Access Point when you first set it up (usually by a web-browser, but you can use a serial cable to "console" in on some models). Then, when you install the wireless NIC on your PC, you do the same.
Be careful with entering your WEP key!. If it's not
EXACTLY the same on both ends, you won't be able to access the network. That's the whole idea after all.
If you don't want to use the software that came with your wireless network card, or didn't get any, you can setup your WEP on Windows XP. This can be done by selecting the WLAN connection under
Network Connections, choosing its
Properties and ticking the
Data Encryption (WEP enabled) box. You then enter the 26 digit key in the field shown.
Personally I prefer using the software with the card.
Change your SSID
All WLANs have a "name" called the
SSID (Service Set Identifier). This is used to differentiate between multiple WLANs. For example, you may use a WLAN at work but also have a personal WLAN setup at home. Many hotels and even cafes are now setting up WLANs for business visitors etc. As each WLAN can have different settings, you must have some way to tell them apart. The SSID can therefore be considered the WLAN's "name".
When you buy a wireless Access Point it will come with a default value. For example, Cisco Aironet gear comes with the SSID "tsunami". LinkSys uses (rather imaginatively) "LinkSys".
Make sure you change this!
Every script-kiddie in the world knows the most common SSIDs and they can setup their PC to "associate" to your WLAN if they configure their laptop with the right SSID.
Use something unique, but don't think of this as any sort of security. It's just a name. Use your nick-name, your first name, your petname or make up some nonesense. As long as it's not the default. Then, when you are setting up your own PC or laptop, you enter the SSID on the wireless NIC software (or XP). Remember, like WEP, you have to put this on
both your PC and your Access Point.
Disable SSID Broadcast
By default most Access Points "broadcast" their SSID. This allows visiting clients (ie laptop users, but also hackers!) to listen and pick up your SSID from the broadcast packets. This is fine if you're running a public hotspot, but is not really a good idea if you just want a personal WLAN at home.
Disable this broadcast feature on the Access Point.
It means you won't be able to associate with the WLAN unless you know the SSID, but that's the whole idea. You don't
want strangers associating with your WLAN. And, as you are the one setting up the Access Point and your own PCs, you already know the SSID, so you don't need to broadcast it.
Other tips
If you're buying new WLAN equipment, make sure it is
WPA compliant (see above). This is a new-ish standard that greatly improves security.
If you don't have equipment that supports WPA, make sure you change your WEP manually every few weeks or months. It might be a pain, but it should only take 2 or 3 minutes.
Turn down your transmit power to the minimum necessary. If you only want to get coverage in your apartment or house, you don't need to trasmit your wireless network across the street or into your neighbours house, do you? It's just common sense.
This is called "radio cell architecture". You ensure the cell size (and shape) covers only where you want and no where else.
USEFUL LINKS
http://www.80211-planet.com/ (excellent allround site; good tutorials; good news)
http://www.weca.net/OpenSection/index.asp (Home of the WiFi Alliance)
http://standards.ieee.org/wireless/ (home of the IEEE wireless standards)
http://www.drizzle.com/~aboba/IEEE/ (quite a good site for technical information on wireless security & hacking etc)
COMMENTS
OK, that's about all I can think of right now.
I hope this goes some way to answer some common questions and misconceptions about WLANs. Feel free to ping me for more info, or post a reply if you have any suggestions for improvements.
Mr Mephisto