Wlan Incompatibilities

[mauricio]

WLAN is most common now where you try to get rid of all those wired network. WLAN provides you a much more flexibility and it is cost effective also. But on the same hand you must also understand about the compatibility, security and other standards of a WLAN network. This is quiet important if you have one working in your office or home.

Wireless-LAN (Wireless Local Area Network) is a term for all wireless data networks on the market. Wireless LAN is working on the physical layer of the OSI model, therefore, can nearly all wireless cards without big problems include in each operating system. You are not limited to specific protocols. Wireless LAN is completely transparent to protocol, like any other IEEE-802 network also. The wireless LAN devices correspond to three standards 802.11a, 802.11b or 802.11g.

Wireless networks are becoming faster and more affordable. More recently, a simple user could only dream of WLAN, as the value of such equipment was simply majestic. And the quality left much to be desired: the normal speed attained only at a short distance and line of sight. The security of wireless LANs for enterprises is just one important factor, as is often sensitive data such as customer data will be transferred and are subject to this Privacy Policy. It is important to make a wireless network as secure as possible. In their own interest and above all in the interest of customers. In a wireless transmission occurs primarily via radio frequency (RF) in the ISM band (Industrial Scientific Medical) around 2.45 GHz using spread spectrum techniques to achieve greater robustness against interfering signals, or via infrared (IR).

In wireless transmission are indeed used various techniques including the main ones are: infrared, laser, radio transmission via radio single-band transmission that uses all the available bandwidth. This standard allowed a data rate of 1 or 2 Mbps using technology based on radio waves in the 2.4 GHz band or infrared. The limited speed and he led an unsuccessful deployment. The evolution of this technology several years later, 1997, led to its evolution IEEE 802.11b (also known as Wi-Fi, or Wireless Fidelity) allowing transmission from 5.5 to 11 Mbit / s well as maintain compatibility with the previous standard.

WLANs fall within the standards developed by the IEEE (Institute of Electrical and Electronics Engineers) for wireless local networks. Other technologies such as HyperLAN supported by ETSI, and the new HomeRF standard for home, they also seek to get closer to a world without cables and in some cases, are able to operate in conjunction and not interfere with each other. Another aspect is the integration of WLAN environments 3G mobile networks (UMTS) to cover areas of high concentration of users (so-called hot spots), as a solution for public access to the network of mobile communications.

As all 802 standards for local networks of the IEEE, in the case of WLANs, also focus on the two lower levels of the OSI model, physical and link, so you may run across every protocol ( TCP / IP or otherwise) or application, supporting the systems, network operating standard, which is a great advantage for users who can continue to use their common applications, with independence of the means employed, the network either by cable or radio. WLANs have their specific field of application, like Bluetooth, and both technologies can coexist in the same environment without interfering thanks to the methods of employing frequency hopping, its applications are increasing and, as their price is getting less, shall more and more users who use them, by the undeniable advantages of its rapid deployment and freedom of movement they allow.

What is a AD-Hoc Network

In ad-hoc mode, there are no access points between the computers. The connection is established directly between computers. All users can access files, or network printer access, or using a modem or DSL connection to a computer to access the Internet. The number of clients in an ad hoc network is limited to 8.

• Infrastructure = computer > router > computer

In Infrastructure mode, they all access via access point or router to the Internet. The data is sent directly between the connected computers via the switch, so the access point.

• Point-to-Point = Access Point > Access Point

The point-to-point mode is used for coupling (bridging) of several access point. The data is processed with each other through the Access Point. For this reason, in large offices, very often uses multiple access points to improve the range.

WLan Standards Used Widely

IEEE 802.11a - 54 Mbit per second - 5 GHz band - WLAN standard in 1999 which located in the 5 GHz range, and by the frequency (frequencies of 5.725 GHz to 5.850 GHz) is relatively trouble free. Unfortunately, there are also networks in the frequency range of the military and air traffic control. In Europe, the devices are therefore approved only for use within buildings and with a throttled transmission power. The range is very small and is located 15-25 meters with a maximum transmission rate of 54 Mbit per second.

[mauricio]

IEEE 802.11b - 11 Mbit per second - 2.4 GHz band - Also a wireless LAN standard is located at 1999 which in the 2.4 GHz range. Despite the comparatively low transmission rate of IEEE 802.11a 11 Mbit per second wireless standard is this more common and is found again in many universities and at public wireless hot spots. The benefits include the increased range of up to 300m, which can be achieved with an external antenna for outdoor use, and the compatibility with the IEEE 802.11g standard. A major disadvantage of IEEE 802.11b is the frequency band. As at 2.4 GHz and other devices work including Bluetooth there is, it can cause interference.

IEEE 802.11c - Wireless Bridging - IEEE 802.11c is a standard for wireless coupling of different network topologies. IEEE 802.11c was created to connect multiple networks via wireless LAN can be. As this basis, the MAC address of the remote identification.

IEEE 802.11d - World Fashion - The IEEE 802.11d standard is often referred to as "World Mode" and sets out the technical differences in different countries and regions. This might include inter alia the number and selection of channels that are released in one country for the use of WLAN. It also governs the selection of the basic technology, i.e., whether IEEE 802.11 a, b, b or g may be used. They must specify IEEE 802.11d only its current location on a country or region selection, the unit will then work with the relevant approved standards.

IEEE 802.11e - QoS, and streaming plugin for a / g / h - The IEEE 802.11e standard provides new features for IEEE 802.11 a prior, h and g, extending this to include QOS (Quality Of Service). With the amendments to the WLAN standards are better adapted to the use of multimedia and Voice over IP (VOIP) and to be able to guarantee a certain rate and minimal fluctuations in the packet duration. QOS allows, for example, the data packets for Internet telephony to a Friend preferred and thus lower delays to have.

IEEE 802.11f - IAPP Roaming after for a / g / h - The IEEE 802.11f standard provides for procedures for the roaming of clients between different access points for the IAPP (Inter Access Point Protocol before). Using IEEE 802.11f is it possible to change within a large wireless network of its location on the reach of a single Accespoints out. Roaming means that the network connection is transferred without the demolition of an access point to another.

IEEE 802.11g - 54 Mbit per second - 2.4 GHz band - WLAN standard by 2002/2003 which perfectly with the older 802.11b IEEE standard and is also working on frequencies from 2.4 GHz to 2.4835 GHz in the 2.4 GHz frequency band. The speed is limited to IEEE 802.11a at 54 Mbit per second maximum, the transmission power and thus the range is comparable to that of the IEEE 802.11b standard. Thanks to the compatibility allows IEEE 802.11g routers and access points easily integrated into an existing IEEE 802.11b network.

IEEE 802.11h - 54 Mbits per second - 5 GHz band - The IEEE 802.11h WLAN standard IEEE 802.11a standard to complement the DFS (Dynamic Frequency Selection) and TPC (Transmit Power Control), thus allowing the regulatory authority to use regulation for maximum power frequencies of up to 200 mW. Since IEEE 802.11h still uses the same frequency band as IEEE 802.11a IEEE 802.11h is only allowed to continue the indoor operation.

IEEE 802.11i - Authentication and encryption for a / b / g / h - Using IEEE 802.11i, the security of wireless networks trying to increase. IEEE 802.11i provides for the authentication after IEEE 802.1x (Extensive Authentication Protocol) before and after AES encryption (Advanced Encryption Standard).

802.1x, includes several key protocols:

• EAP (Extensible Authentication Protocol) - Protocol extended user authentication and remote devices
• TLS (Transport Layer Security) - Transport Layer Security protocol, which ensures the integrity of data transfer between client and server, as well as their mutual authentication
• RADIUS (Remote Authentication Dial-In User Server) - authentication server to remote clients.

The same standard does not always guarantee the compatibility of equipment. Therefore, in 1999, was formed non-profit international organization - the Alliance Wi-Fi , which deals with certification of the compatibility of products for wireless local area networks based on the specifications of IEEE 802.11. After passing the certification of the device is added to the logo Wi-Fi CERTIFIED, indicating that the device meets the stringent requirements of compatibility and that products from different vendors will be with him to work without problems.

Wi-Fi Alliance also operates in the field of new and more stringent safety standards, such as secure access Wi-Fi (WPA). It is essential that whatever device you must use must meet this WLAN Standards and the same is if not compatible with this standards then you might face issue with the compatibility of a wireless network.

WLAN Security :

If your computer is connected to the Internet, the attacker through an open wireless network will be able to get access to the global network, slowing your work. Through your computer hacker can send SPAM to conduct attacks on other protected systems than severely complicate your life. So, it's time to configure wireless security. To install wireless networking equipment, we used the German manufacturer, the company Level One . This equipment is characterized in that it comes complete with a handy utility that allows users to easily configure all the parameters WLAN.

A wireless network is never as secure as a wired network because it is not as easy to tap. But you can several changes to the configuration of your wireless LANs do in order to provide safer. First you have is the network name (SSID is the name of a wireless network change), so given its own name for the wireless LAN. The name is always assigned by default an access point or router. That is, everyone is staying the in the range and can see what Wi-Fi network is in its vicinity. If you turn off the broadcast to only the person who knows the name dial into the network. Not for someone who knows the SSID, the network is not visible.

A large security it brings, if you turn off the DHCP. In order to impede an unauthorized wireless client to dial into the network. This means that he does not get IP address from an access point or router automatically assigned. The IP address must be entered manually, for all practical to get a wireless connection.

[mauricio]

WLAN encryption - The most effective way to protect against unauthorized access is to use encryption. In the area of wireless networks here, the standards WEP and WPA are popular. Unfortunately, between the latter is no absolute protection and are not sufficient for companies. Wi-Fi Protected Access (WPA) is an encryption method for a wireless LAN. To increase the security of the wireless data exchange, have made any access point or router, WPA encryption. Older wireless devices can be via a software update or get a firmware upgrade often to the latest safety standards.

WPA (Wifi Access Protection) protocol uses the TKIP (Temporal Key Integrity Protocol). All radio stations are using a WPA encryption method transfer, (only once) at the start of transfer the individual start-key. Thereafter, each individual packet transmitted a key for encryption.
Orientation of antennas - A further safety aspect, because the orientation of the used antennas. Especially on a campus can be solved with microwave radio links often and thus radiates from a smaller area. A smaller area also means less area for potential attackers and thus increases the security. Omni directional antennas cover much larger areas from un WLAN visible over long distances.

VPN server (Virtual Private Network) – PPTP - Since WEP and WPA offer inadequate protection for companies often recommend the use of VPN servers. VPN stands for virtual private network and has long been used for secure connections over the Internet. In combination with a safety certificate and, together with the standard encryption can therefore achieve maximum security in a WLAN.

Mac address filtering - Another way to increase security in a WLAN is included with many access points and routers MAC address filtering. Each network card and therefore WLAN each is assigned a number. This so-called MAC address is used to identify the routing and the network. The Mac address filtering is able to allow only a list of registered MAC addresses for wireless connections. Unfortunately there is for many cards the opportunity to change the MAC address on an application. The filter only provide additional protection, but is not sufficient.

Timed Access - Many access points and routers have a scheduled access control. In a corporate network is one stop for example in a position outside of business hours the entire Wi-Fi transfer and to discourage hackers a burglary. Often, the configuration for individual units or IPs to be determined. A server can be in this time slot as a backup for a data grant or something similar.

DoS vulnerabilities and various - The weakness of WEP (Wired Equivalent Privacy) is primarily concerned: the sharing system static keys has been criticism from security experts, which has done much harm to the market for wireless networks. Indeed, authentication and access control are problems inherent in creating an efficient WLAN. However, the most serious problem is the denial of service (DoS Denial of Service), a type attack indeed very recurrent on these networks.

Generally, a wireless network, by its very nature is very vulnerable: its first layer (physical layer) must apply as much or more attention than the layers located above. One possible solution is to implement WLAN outside the firewall. The major drawback is that users can not gain access to sensitive information, which is often the one we need to have.

Checklist For Creating a WLAN Network

Access change : Change the access (username and password) of the web interface for configuration and management of their wireless router. Use, if possible, not the requirements of the manufacturer, as these are often searched via the Internet. Avoid if possible admin or user accounts

Use strong passwords - Many passwords can be guessed from the social environment of the user. Short and simple passwords can be found by brute-force and dictionary attacks compare to just pop out.

Current firmware use - As many manufacturers change their equipment occasionally the new security standards, you should check the firmware of your access points regularly. On the support side of the producers and the relevant forums and through a search engine you can search for latest firmware updates.

Encoding - Use if any the more powerful WPA or WPA2 encryption. If you can only use WEP, then set the encryption to 128 a bit. Note that the WEP encryption can be cracked by experienced attackers within minutes by eavesdropping the traffic! Make sure to use a strong password.

Disable 802.1x function - This function, often called automatic key distribution, supplies the computer connected to a network with a WEP key. This function represents a potential opportunity to attack and is not necessary for small and home networks.

Change SSID and SSID broadcast off - Change the default SSID. The SSID (Service Set Identifier) is the name of a wireless network based on IEEE 802.11 and can be up to 32 characters long. The SSID is all unencrypted data packets preceded. The name of the wireless network should not on location or operator of the devices still contain references to the device of the access point enables the drawing of conclusions.

Enabling Hide SSID Points is the name of the transmitter (access) is no longer active broadcast. If you disable this setting, you have to the wireless clients that want to connect to the Access Point, enter the name of the wireless network manually. Look at the manual entry on the exact spelling of the name (uppercase and lowercase is significant).

MAC Filter Switch - The MAC address (Media Access Control) are specified by the manufacturer, usually unalterable identification number of network cards. By entering the MAC addresses of your network cards or wireless cards you restrict access to an AP on this circle. The MAC, however, can filter out data packets from attackers intercepted and abused for their own purposes (spoofing).

Stop the Remote Access - Many APs are factory approved for remote access. Together with a default password, this is almost an invitation to all hackers. Disable if you do not need it for a special care of your APs on the Internet, remote access (remote management based on or management from internet) and the Remote Update feature.

Backup your settings - Make a backup of your changes. Save this file on your hard drive, but on an external disk. This makes them safe from spying Trojan programs. Write down the changes and access permissions, or print them out, they will need to configure the client.
Range limit: When you first start your wireless network, you should reach and be sure to check the location of your router. To do so quietly with your notebook from the house, you find out what distance you can - you have access or just foreigners - on the network. Limit the range of your network as far as possible. You may set the router at the home center.

Enable encryption - Make sure that is enabled on your wireless encryption. Currently, the algorithm WPA2. The old encryption standard for wireless is WEP and is now a cracked and unsafe. The password encryption should be at least eight characters long to consist of numbers and letters, and hard to guess.

Important protective measures -

• Go regularly to the encryption keys used.
• Streamline the installation location, antenna orientation and, if the transmission power of access points to prevent radiation in unwanted directions.
• Disable the access point when not in use.
• Use additional protection of the AP and set it as a firewall.
• Check the log files regularly to unknown MAC addresses to detect any intrusion attempts.
• Replace your Access Point against a newer model with encryption for the WPA or IEEE 802.11i (WPA2 off).

I had myself in my apartment the problem is that despite short distance between the router and client PC is only a very weak connection was that at times even repeatedly demolition. Problem was this by simple resetting of the channel in the router fix me. Probably had a another device (e.g. refrigerator, heating, etc.), a similar frequency emitted, and thus greatly disrupted the wireless signal. Typically, many WLAN-products can be upgraded for the support of WPA. To do this, users need to download from the web site the new firmware for the access point and a new driver for the adapter card.