CWNA

CWNA Summary Notes: Legacy 802.11 Security | MAC Filters

Posted on Updated on


MAC Filtering

MAC Filtering referes to the use of MAC addresses to client devices that can authenticate to a WLAN. MAC Filtering is not defined by 802.11 Standard and any implementation of it is Vendor specific. Read the rest of this entry »

Advertisements

CWNA Summary Notes: Legacy 802.11 Security | Static WEP Encryption

Posted on Updated on


Static WEP Encryption

This is a layer 2 encryption method using RC4 streaming cipher.

Main goals of WEP Encryption were:

  • Confidentiality (Data privacy through encryption)
  • Access Control ( Authorization if static WEP keys match)
  • Data Integrity ( Data Integrity Check-sum is computed before encryption to ensure that the data has not been tampered with)

Can be entered as a hex (0 – 9) or ASCII (A – F) characters.

Static WEP Encryption was on 2 forms: Read the rest of this entry »

CWNA Summary Notes: Legacy 802.11 Security | Legacy Authentication

Posted on Updated on


Legacy Authentication

Legacy authentication methods were more of an authentication of capability (verification between two devices that they were valid 802.11 devices) and not so much an authentication of user identity.

They are of two types: Read the rest of this entry »

CWNA Summary Notes: 802.11 Network Security Architecture

Posted on Updated on


Components of a Secure Network

Required components when securing a network are:

Data Privacy and Integrity

Access to Wireless medium is unrestricted hence the use of cipher encryption technologies is needed for proper data privacy.

A cipher is an algorithm that is used to perform encryption:

  • RC4 algorithm ( Ron’s Code / Rivest Cipher)
    • It encrypts data in a continuous stream (streaming cipher)
    • Used in technologies used to protect Internet traffic eg SSL (Secure Socket Layer)
    • Incorporated into 2 legacy encryption methods: WEP and TKIP
  • Advanced Encryption Standard Algorithm (AES) / Rijndael Algorithm
    • Encrypts data in fixed blocks
    • Much stronger than RC4
    • Uses Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) encryption method
    • Encryption key strength options are 128, 192 or 256 bits.

Read the rest of this entry »

CWNA Summary Notes: Coverage Analysis Methods

Posted on Updated on


Manual Site Survey

Passive manual survey – The radio card collects RF measurements but the client adapter is not associated to the access point during the survey, and all information is received from radio signals that exist at layer 1.

Active manual survey – the radio card is associated to the access point and has layer 2 connectively, allowing for low-level frame transmissions. If layer 3 connectivity is also established, ping traffic is sent in 802.11 data frame transmissions. RF measurements, packet loss and re-transmission percentage recorded.

Moth types of survey are recommended. Read the rest of this entry »

CWNA Summary Notes: Site Survey Tools

Posted on Updated on


Indoor Site Surveys Tools

  1. Spectrum analyzer for RF spectrum analysis
  2. Blueprints or floor plans of the facility
  3. Received signal strength measurement tool
  4. 802.11 client card – prefer the vendor that will be deployed
  5. AP – preferably 2.
  6. Battery pack for AP and for the laptop
  7. Binoculars to view distant objects ( eg high ceiling and in the ceiling)
  8. Walkie-talkies or cellular phones for communication with site survey partners etc
  9. Antennas, both omni-directional and indoor semi-directional
  10. Temporary mounting gear – Bungee cords, plastic ties, duct tape, tripod
  11. Digital camera to record the exact placement of the APs and site specific information
  12. Measuring wheel (best p[tion) or laser measuring meter to measure cable distances
  13. Colored electrical tape to mark where AP was mounted. Advisable to use different colours for different channels.
  14. Ladder or forklift to mount the APs

Read the rest of this entry »

CWNA Summary Notes: Spectrum and Coverage Analysis

Posted on


Spectrum Analysis

A noisy environment can cause the data in 802.11 transmissions to become corrupted -> the cyclic redundancy check (CRC) will fail -> the receiving 802.11 radio will not send an ACK frame to the transmitting 802.11 radio -> the unicast frame is not acknowledged
and will have to be re-transmitted. Wi-Fi data networks can handle a retransmission rate of up to 10 percent, but a Voice over Wi-Fi (VoWiFi) network needs to limit packet loss to a rate of 2 percent or less. Read the rest of this entry »

CWNA Summary Notes: Vertical Market Considerations

Posted on Updated on


A vertical market is a particular industry or group of businesses in which similar products or services are developed and marketed.

Outdoor Surveys

  • Weather proof APs (eg ruggedized) may need to be deployed.
  • Site Survey kits with Mesh APs may be needed.
  • Consider the weather conditions. Most appliances will need to be protected from weather elements by using NEMA rated enslosure units (NEMA – National Electrical Manufacturers Association)
  • Safety – hire professional installers.
  • Consider RF considerations set by the local government.

Read the rest of this entry »

CWNA Summary Notes: Capacity and Coverage Requirements

Posted on Updated on


Capacity and Coverage Requirements

Factors that should be considered when planning for Capacity:

  • Data applications.
    • For 802.11b/g network, 12 to 15 data users per AP
    • ForVoWiFi
      • SpectraLink recommends max of 12 calls per 11 Mbps cell (with 1 call needing 4.5 % of AP bandwidth), 7 calls per 2 Mbps (with 1 call needing 12% of AP bandwidth). This can be predicted using the Erlang Formula. Erlang – one hour of telephone traffic in one hour of time.
  • User density. A high concentration of human bodies can attenuate the RF signal due to absorbtion.Consider:
    • How many users currently need wireless access
    • How many users many need connectivity in the future
    • Where are the users
  • Peak on/off use
  • Existing transmitters
    • Previously installed 802.11 network
    • Interfering devices
      • microwaves
      • cordless headsets
      • cordless phones
      • wireless machinery
  • Mobile vs Mobility
    • When one is mobile – disconnect may be ok (moving with the laptop from one desk to another). roaming may not be a requirement.
    • For mobility – user must be connected 100% of the time when travelling through the facility eg
      • VoWiFi
      • Warehouse scanning applications
  • 802.11g protection mechanism. This will always affect throughput due to backward compatibility with 802.11b HR-DSSS clients that support a max data raet e of 11 Mbps as compared to 54 Mbps for the 11g clients.

Read the rest of this entry »

CWNA Summary Notes: Procedures for Performing a Site Survey

Posted on Updated on


Gather background data for the site survey

Examine business requirements

  • Why do they need a WLAN
  • is mobility required
  • What devices will be connecting
  • What apps will be used
  • What is the amount of bandwidth required by the user

Read the rest of this entry »

CWNA Summary Notes: Specialized Site Survey Tools

Posted on Updated on


These tools include:

  • dedicated site survey applications
  • spectrum analyzers
  • protocol analyzers
  • documentation tools
  • Voice over WiFi (VoWiFi) Tools and Surveys

Read the rest of this entry »

CWNA Summary Notes: What is a Site Survey

Posted on Updated on


A Site Survey is an in-depth examination and analysis of a WLAN site.

Purpose of a Site Survey

  • Achieve the best possible performance from the WLAN
  • Certify that the installation will operate as promised
  • Determine the best location for APs
  • Develop networks optimized for a variety of applications
  • Ensure that the coverage will fulfill the organization’s requirements
  • Locate any unauthorized APs on the network
  • Map any nearby wireless networks to determine existing radio interference
  • Reduce radio interference as much as possible
  • Make the wireless network secure

Read the rest of this entry »