"Freedom always comes at a price" | ||
| --Samir Datt | ||
Today, people desire to be free from the restraining and restricting wires. Always connected and always online, the growth of this desire has fueled the proliferation of wireless networks. Who doesn't have Wi-Fi at home or at their place of work? Our phones are connected using Wi-Fi, our tablets are connected over Wi-Fi and with the advent of the Internet of Things (IoT), even our household devices are connected over Wi-Fi or will be in the future!
However, the freedom of a wireless existence comes at a price. Wireless networks broadcast a signal that is open to the air. With no physical limitations except those of range, this signal is open to interception and interpretation by the bad guys.
In the previous chapters, we saw how information travels in packets over the network physical layer. In wireless LAN networks, the data packets are broadcast wirelessly over the air. The receiving device reads the packet header, identifies the packets that are meant for it, and collects just those while discarding the rest. This means that any network device that is on the wireless network can receive the data packets meant for somebody else if it is set up and configured to do so.
To enhance your understanding of the wireless world and upgrade the ability to investigate it, we will cover the following topics in this chapter:
- Laying the foundation – IEEE 802.11
- Understanding wireless protection and security
- Discussing common attacks on Wi-Fi networks
- Capturing and analyzing wireless traffic
At the Institute of Electrical and Electronics Engineers (IEEE), a working group was set up to create specifications for wireless local area networks (WLANs). This slowly evolved into a family of specifications known as the IEEE 802.11 specifications for wireless LANs.
The Ethernet protocol forms the foundation of all the 802.11 specifications.
As investigators who are getting ready to explore the forensics of wireless networks, it is important to develop an understanding of the underlying technology. The 802.11 specifications allow us to gain an insight into data speeds, spectrums, encoding, and so on.
These standards are downloadable and available free of charge from the IEEE website at http://standards.ieee.org/about/get/802/802.11.html.
In a nutshell, the 802.11 specifications are a set of media access control (MAC) and physical layer (PHY) specifications that govern communications in wireless LANs in the 2.4, 3.6. 6, and 60 GHz frequency bands.
The 802.11 specifications were first released in 1997. These consisted of a series of half-duplex, over-the-air modulation techniques that use the same basic protocol. Since then, they have undergone considerable changes and a number of specifications have been released. Amendments have also been added to the specifications in order to address further evolution. In fact, all wireless network products adhere to one or the other 802.11 specifications and amendments.
There are several specifications in the 802.11 family, as shown in the following:
- 802.11: The 802.11 specification was the first wireless LAN specification released in 1997 and it allowed transmissions in the 1 or 2 Mbps (Megabits per second) range. This happened in the 2.4 GHz band using either Frequency Hopping Spread Spectrum (FHSS) or Direct Sequence Spread Spectrum (DSSS).
- 802.11a: The 802.11a specification was designed as an extension to the 802.11 specifications. This applied to wireless LANs in the 5 GHz range and provided speeds up to 54 Mbps. This did not use the FHSS or DSSS; however, it used an Orthogonal frequency-division multiplexing (OFDM) scheme. This offers at least 23 non-overlapping channels for communications.
- 802.11b: The 802.11b specification was the most popular of the early specifications. This was released in 1999 and allowed wireless functionality that was comparable to Ethernet. This was also referred to as the 802.11 High Rate or 802.11 Wi-Fi. This used the 2.4 GHz frequency band and allowed 11 Mbps transmission with a fallback to 5.5, 2, and 1 Mbps speed. This specification only uses DSSS. Due to this choice of the 2.4 GHz frequency band, 802.11b equipment can occasionally suffer interference from microwaves, cordless telephones, and Bluetooth devices, which also share the same frequency band under the US Federal Communications Commission (FCC) rules.
- 802.11e: The 802.11e specification is a draft standard that is an enhancement of the 802.11a and 802.11b specifications. It adds Quality of Service (QoS) features and multimedia support for wireless LANs as per the previous standards. It maintains full backward compatibility.
- 802.11g: Another popular specification that was widely adopted by WLAN device manufacturers and users is the 802.11g. It is used for transmissions over short distances at speeds up to 54 Mbps in 2.4 GHz bands. Just like the 802.11b, this can also suffer interference from microwave ovens, cordless phones, Bluetooth devices, and so on.
- 802.11n: The 802.11n specification enhances the previous 802.11 standards by adding multiple input, multiple output (MIMO). In this case, additional transmitter and receiver antennas allow increased data throughput and range. Real speed is up to four or five times faster than 100 Mbits and can reach up to 250 Mbits at the PHY level.
- 802.11ac: This builds upon the previous standards to deliver data speeds of 433 Mbps per spatial stream or 1.3 Gbps in a three-antenna design. This works in the 5 Ghz range and supports higher bandwidth for higher wireless speeds.
- 802.11ac Wave 2: This specification is the same as the previous specification, except that this uses MIMO technology and other enhancements to theoretically increase throughput to nearly 7 Gbps (6.93 Gbps, actually).
- 802.11ad: This specification is under development and will operate in the 60 GHz band. The expected theoretical data transfer rate is expected to be up to 7 Gigabits per second.
- 802.11r: This specification supports VoIP roaming and handoff over multiple access points on a Wi-Fi network with the 802.1X authentication.
- 802.1X: This is different from the 802.11x family of specifications. The IEEE 802.1X standard is designed for port-based Network Access Control (NAC) to restrict the use and enable secure communications between authenticated/authorized devices.
All the major 802.11 specifications can be represented in an easy-to-understand table, as shown in the following:
|
802.11 Standard |
Year of Release |
Frequency Band GHz |
Modulation |
Data Transmission Rate (Mbits/sec) |
|---|---|---|---|---|
|
802.11 |
1997 |
2.4 GHz |
DSSS/FHSS |
2 Mbit/s |
|
802.11a |
1999 |
5 GHz |
OFDM |
54 Mbit/s |
|
802.11 ac |
2013 |
5 GHz |
OFDM |
6.93 Gbit/s |
|
802.11ad |
2012 |
60 GHz |
SC-OFDM |
6.76 Gbit/s |
|
802.11b |
1999 |
2.4 GHz |
DSSS |
11 Mbit/s |
|
802.11g |
2003 |
2.4 GHz |
DSSS/OFDM |
54 Mbit/s |
|
802.11n |
2009 |
2.4/5 GHz |
OFDM |
600 Mbit/s |
Full form of abbreviations used in the table are as follows:
Now that we have developed an understanding of what is going on at the MAC and physical layers, let's move on to understanding a bit about wireless protection and security.