Saturday, 5 September 2015

Wireless Networking Basics

Most wireless networks are based on the IEEE® 802.11 standards. A basic wireless network consists of multiple stations communicating with radios that broadcast in either the 2.4GHz or 5GHz band, though this varies according to the locale and is also changing to enable communication in the 2.3GHz and 4.9GHz ranges.
802.11 networks are organized in two ways. In infrastructure mode, one station acts as a master with all the other stations associating to it, the network is known as a BSS, and the master station is termed an access point (AP). In a BSS, all communication passes through the AP; even when one station wants to communicate with another wireless station, messages must go through the AP. In the second form of network, there is no master and stations communicate directly. This form of network is termed an IBSS and is commonly known as an ad-hoc network.
802.11 networks were first deployed in the 2.4GHz band using protocols defined by the IEEE® 802.11 and 802.11b standard. These specifications include the operating frequencies and the MAC layer characteristics, including framing and transmission rates, as communication can occur at various rates. Later, the 802.11a standard defined operation in the 5GHz band, including different signaling mechanisms and higher transmission rates. Still later, the 802.11g standard defined the use of 802.11a signaling and transmission mechanisms in the 2.4GHz band in such a way as to be backwards compatible with 802.11b networks.
Separate from the underlying transmission techniques, 802.11 networks have a variety of security mechanisms. The original 802.11 specifications defined a simple security protocol called WEP. This protocol uses a fixed pre-shared key and the RC4 cryptographic cipher to encode data transmitted on a network. Stations must all agree on the fixed key in order to communicate. This scheme was shown to be easily broken and is now rarely used except to discourage transient users from joining networks. Current security practice is given by the IEEE® 802.11i specification that defines new cryptographic ciphers and an additional protocol to authenticate stations to an access point and exchange keys for data communication. Cryptographic keys are periodically refreshed and there are mechanisms for detecting and countering intrusion attempts. Another security protocol specification commonly used in wireless networks is termed WPA, which was a precursor to 802.11i. WPA specifies a subset of the requirements found in 802.11i and is designed for implementation on legacy hardware. Specifically, WPA requires only the TKIP cipher that is derived from the original WEP cipher. 802.11i permits use of TKIP but also requires support for a stronger cipher, AES-CCM, for encrypting data. The AES cipher was not required in WPA because it was deemed too computationally costly to be implemented on legacy hardware.
The other standard to be aware of is 802.11e. It defines protocols for deploying multimedia applications, such as streaming video and voice over IP (VoIP), in an 802.11 network. Like 802.11i, 802.11e also has a precursor specification termed WME (later renamed WMM) that has been defined by an industry group as a subset of 802.11e that can be deployed now to enable multimedia applications while waiting for the final ratification of 802.11e. The most important thing to know about 802.11e and WME/WMM is that it enables prioritized traffic over a wireless network through Quality of Service (QoS) protocols and enhanced media access protocols. Proper implementation of these protocols enables high speed bursting of data and prioritized traffic flow.
FreeBSD supports networks that operate using 802.11a, 802.11b, and 802.11g. The WPA and 802.11i security protocols are likewise supported (in conjunction with any of 11a, 11b, and 11g) and QoS and traffic prioritization required by the WME/WMM protocols are supported for a limited set of wireless devices.

WIRELESS SECURITY—INFORMATION FOR CIOS— TECHNICAL APPENDIX

WIRELESS SECURITY—INFORMATION FOR CIOS—
TECHNICAL APPENDIX

Introduction
This appendix provides Chief Information Officers (CIOs), Chief Technology Officers (CTOs) and IT managers with technical detail to support the primary reports on the topic of Wireless Security. The appendix concentrates on the WiFi and WiMAX technologies, detailing the threats and risks in these technologies and ways to manage them. The paper includes additional information regarding management, operational and technical countermeasures to the standard CIO paper, to help organise related decisions.

This technical appendix and the associated reports have been developed by the IT Security Expert Advisory Group (ITSEAG) which is part of the Trusted Information Sharing Network (TISN) 1 for critical infrastructure protection.

Wireless networks are exposed to many of the same risks as wired networks, but they are also vulnerable to additional risks. Wireless networks transmit data through radio frequencies (RF) so there is an increased chance that communications may be tapped into by intruders unless properly protected. Intruders have exploited the openness of wireless systems to access systems, destroy or steal data, launch attacks that tie up network bandwidth and deny service to authorised users, and to eavesdrop on conversations2. For example, attackers have compromised wireless systems to gain access to sensitive payment card data.

This paper should not be taken as an exhaustive technical coverage of vulnerabilities or risks associated with wireless technologies. It primarily deals with the IEEE 802.11 group of standards for Wireless Local Area Networks (WLANs) and the IEEE 802.16 group of standards for Wireless Metropolitan Area Networks (WMANs).



1 TISN enables the owners and operators of critical infrastructure to share information on important issues. It is made up of nine sector-specific Infrastructure Assurance Advisory Groups (IAAG), several Expert Advisory Groups (EAG), and the Critical Infrastructure Advisory Council (CIAC - which is the peak body of TISN and oversees the IAAGs and the EAGs). More information on TISN can be sought from www.tisn.gov.au or by contacting cip@ag.gov.au. The ITSEAG is one of the expert advisory groups within the TISN framework. The ITSEAG provides advice to the CIAC and the sector-based IAAGs on IT security issues as they relate to critical infrastructure protection. It is made up of academic specialists, vendors, consultants and some industry association representatives who are leaders in the information technology/e-security field. The ITSEAG Secretariat can be contacted on (02) 6271 7018.

2 Page 1 Security for Wireless Networks and Devices, Shirley Raddock, National Institute of Standards


DISCLAIMER: To the extent permitted by law, this document is provided without any liability
or warranty. Accordingly, it is to be used only for the purposes specified and the reliability of
any assessment or evaluation arising from it are matters for the independent judgement of users.
The document is intended as a general guide only and users should seek professional advice as to
their specific risks and needs. This information is not legal advice and should not be relied upon

as legal advice.