Essentials First: Wireless LANs

This chapter discusses the use of wireless LANs (WLAN), which are roaring into use almost every time you turn around—from airports, restaurants, and coffee shops, to people’s homes. The growth of personal computers in the 1980s led to the creation of LANs and the Internet in the 1990s; this allowed for connections, regardless of geographic location. WLANs are proving to be the next technology growth area for the 2000s. Businesses are, of course, recognizing the benefits of WLANs and deploying them in ever-increasing numbers. Just as businesses were forced to provide security to PCs and the Internet, so too must businesses understand that, despite the productivity and mobility gains they provide, WLANs have associated security risks that must be addressed.

A WLAN offers a quick and effective extension of a wired LAN. By simply installing access points to the wired network, personal computers and laptops equipped with wireless LAN cards can connect with the wired network at broadband speeds (or greater) from up to 300 yards away from the wireless access point. This means that computers are no longer tied to the infrastructure of wires—rather liberating, isn’t it?

The majority of WLAN deployments have used a wireless transmission standard known as 802.11b. The IEEE 802.11b standard operates at the radio frequency of 2.4 GHz—a frequency unregulated by governments. The 802.11b standard offers connectivity speeds of up to 11 Mbps, which provides enough speed to handle large email attachments and run bandwidth-intensive applications such as videoconferencing. The 802.11g standard with speeds of up to 54 Mbps now dominates the wireless LAN market; other variations of the 802.11 standard are constantly being developed to handle an ever-increasing need for speed. 802.11n is the latest standard variation, which offers wireless speeds of more than 100 Mbps.

The various wireless standards are targeted to different industry segments, as outlined in Tables 10-1 and 10-2.

Table 10-1 802.11a—54 Mbp WLAN Standard Characteristics

Table 10-2 802.11g—54 Mbps/Wi-Fi Standard Characteristics

802.11a never took off; however, the recently ratified 802.11g holds some interesting options to include increased speed and security, as Table 10-2 documents.

When 802.11b clients are granted access to an 802.11g wireless access point, security inevitably must be set (lowered) to allow 802.11b clients access; because of WEP and its problems, the entire wireless network encryption level is reduced to a lowest common denominator. Table 10-3 looks at the specifications for the 802.11n standard.

Table 10-3 802.11n—100+ Mbps/Wi-Fi Standard Characteristics

What Is Wi-Fi?

The term Wi-Fi (Wireless Fidelity) is often used in discussions of 802.11 networks. Wi-Fi is most certainly the popular marketing word used today when talking about wireless (that is, Wi-Fi hot spots). The term Wi-Fi has become the common way to describe 802.11 wireless networks; it certainly is much quicker and easier to say, so marketing takes the credit for making it the mainstream label.

Wi-Fi also refers to certification by the Wi-Fi Alliance, an international nonprofit association of 802.11 product vendors. 802.11 products that receive Wi-Fi certification have been tested and found to be interoperable with other certified products. This means you can use your Wi-Fi certified product with 802.11 Wi-Fi certified networks, whether they are Apple computers or Windows-based networks. Although 802.11 products that do not have Wi-Fi certification might work fine with certified devices, the Wi-Fi Certified logo is your assurance of interoperability. You can learn more about the Wi-Fi alliance online at www.wi-fi.org/.

Benefits of Wireless LANs

I had not flown much on airplanes recently, but an important family event—my honeymoon—allowed me the opportunity to fly. Not living near a major airport meant that I had to take a connecting flight to reach my destination. In my travels I experienced several different airports, each of which offered wireless connectivity to travelers, making layovers in airports a more productive time. Businesses of all types (coffee shops, hotels, malls, airports, and so on) all across the world are using this wireless access as a benefit to their customers, and wireless can easily be enabled for a relatively small financial investment. The benefits of deploying wireless LANs can be summarized as the following:

• Attractive price: Deploying a wireless LAN can be cheaper than a wired LAN because you do not have the need for wires; simply hook up an access point, and it can provide service to multiple computers.

• Mobility: Boost user productivity with the convenience of allowing users to wirelessly connect to the network from any point within range of an access point.

• Rapid and flexible deployment: Quickly extend a wired network with the ease of attaching an access point to a high-speed network connection.

• Application agnostic: As an extension of the wired network, WLANs work with all existing applications. As discussed previously, the standard protocol is TCP/IP, which is supported over all forms of wireless.

• Performance: WLANs offer a high-speed connection that, although equal to Ethernet, is quickly passing it in speed.

The benefits of WLANs are being recognized by individuals and businesses alike; the Gartner Group predicted that by 2010, the majority of Fortune 2000 companies would depend on wireless technology to meet their business and networking needs. I think Gartner got it right, but this event occurred well before 2010, demonstrating the fast-changing and fast-advancing world of wireless and mobility.

Wireless Equals Radio Frequency

The first technical concept you need to grasp when discussing what constitutes a threat to a wireless network is that 802.11 networks use radio frequencies to transmit the data back and forth between endpoints, just like the cordless phones or radios you have at home. The key difference is the frequency at which the signals are transmitted.

Radio waves can travel long distances, depending on the frequency being used. Some frequencies can transmit 300 feet to 400 feet, requiring little power to do so. Most older technology cordless phones and wireless NICs use the 900 MHz frequency as a carrier wave, which can travel quite a bit farther than most people realize. It is not uncommon for a 900 MHz cordless phone to give a user at least one or two city blocks of use before the handset loses its connection to the base unit. One or two city blocks translates roughly to 400 feet to 500 feet.

If your telephone handset can transmit as far as 500 feet, it means that your wireless connection is capable of similar distances. If you have a wireless access point (WAP) installed in your office or home, you can bet that people walking by outside are well within its operational envelope. The same holds true if you have a WAP installed in your small office, home office (SOHO) network. If an average WAP is installed in your living room and you live in an apartment complex, you might already be providing Internet service to most of the complex and not even realize it. You can see this concept in action by scanning for any wireless networks rather easily. One of the most creative and innovative ways of doing this is through the use Meraki Wi-Fi Stumbler, a wireless network detector in a web browser, as shown in Figure 10-1, (http://tools.meraki.com/stumbler) or the compilation of Linux tools under Backtrack 5 from www.offensive-security.com/.

Figure 10-1 Web Based Wi-Fi Network Detector