Securing Wireless Part 1 of 2 Table of Contents Securing 802.11x Networking ......................................................................................................... 2 802.11 Version Comparisons .......................................................................................................... 3 Service Sets ................................................................................................................................... 10 Wireless Security Evolution -1 ...................................................................................................... 12 Wireless Security Evolution -2 ...................................................................................................... 15 Wireless Security Evolution -1 ...................................................................................................... 16 Wireless Security Evolution -2 ...................................................................................................... 17 Wireless Security Evolution -3 ...................................................................................................... 18 Wireless Security Evolution -4 ...................................................................................................... 19 Notices .......................................................................................................................................... 20 Page 1 of 20 Securing 802.11x Networking Securing 802.11x Networking 802.11x Comparison 802.11x Service Sets 802.11x Wireless Security Evolution WEP, 802.1X, WPA, WPA2 Best Practices for Securing 802.11x 31 **031 Joe Mayes: Alright so now let's look at securing 802.11 networking. And 802.11 is, what do we more commonly call it? Student: Wi-Fi. Joe Mayes: Wi-Fi, right? Alright so securing Wi-Fi. We're going to compare different 802.11 types. We're going to talk about service set types, wireless security evolutions, and best practices. Page 2 of 20 802.11 Version Comparisons 802.11 Version Comparisons 802.11b 802.11g 802.11a 802.11n 2.4 GHz – DSSS 2.4 GHz – OFDM 5 GHz – OFDM 2.4GHz / 5 GHz 11, 5.5, 2, 1 Mbps Up to 54 Mbps Up to 54 Mbps Up to 600Mbps throughput throughput throughput Range: 200 Ft. Range: 200 ft. Range: 80 ft. Range: depends on indoors; 1000 ft. indoors; 1000 ft. indoors; 500 ft. frequency (matches outdoors outdoors outdoors 802.11a and g) High Interference High Interference Low Interference Depends on potential potential potential frequency (matches 802.11a and g) Most Widely Backwards Not Compatible Compatible with all deployed, but Compatible with b with b or g other protocols becoming obsolete 32 **032 This doesn't have all the 802.11 types. It has all the popular ones in use right now. If you were to make one more column up here, we'll see in the future that 802.11ac will become more popular in the future. It's just barely been released and very few devices use it at this point; 802.11ac is not on the list. However the ones we are mainly concerned about are the ones that most people are going to be using so we'll talk about these. 802.11 was actually if you were to go all the way to the left-hand side, there is actually an 802.11 that was before 802.11b. The 802.11 was the original, original, original version of 802.11 and it only Page 3 of 20 went with one and two megabits and it got replaced by 802.11b fairly early on. So we don't find many devices that are actually 802.11 anymore. The trick is 802.11b, 802.11g, 802.11a, and 802.11n are all backward compatible to guess what? All the way back to the original 802.11. So some things we talk about will be for backward compatibility. For instance on the 802.11b, it operates a 2.4 gigahertz; 2.4 gigahertz happens to be in the ISM band. Anybody know what the ISM band is? Student: Communications? Student: Scientific network? No. Joe Mayes: Yeah, instrumentation, scientific, and medical. It's basically an unlicensed spectrum band and that way we don't all have to have licenses just to run our wireless access points in our homes, right, is the idea behind it. It operates 2.4 gigahertz. It operates in direct sequence spread spectrum which basically means if it took this much bandwidth to send the signal, it uses this much instead. And the reason it does that is right here. Has anybody ever heard the term "You should buy land because they're not making any more of it."? Anybody heard that one? You can always buy land because they're not making any more of it. Well the same problem with radio frequencies, right? There's only so many radio Page 4 of 20 frequencies we have to use and there is a lot of juggling around and very bitter battles over who is going to get what spectrum. And in the U.S. we made a lot of changes in that. What was the last huge change we made in spectrum allocation? Student: Analog to digital TV. Joe Mayes: Analog to digital in TV didn't just convert it from analog to digital. It also did what? Student: Eliminated analog? Student: Freed up a boatload of-- Joe Mayes: Yeah they actually moved the spectrum, they actually moved to a different set of frequencies for digital television and freed up the 400 and 600 megahertz bandwidths for they were formerly owned by low band and high band VHF, channels 2 to 13. So in this model, if I've got a spectrum here that's roughly 2.4 gigahertz, okay? If I have a narrowband transmitter, what's a narrowband transmitter going to look like on a spectrum analyzer? It's going to be this type of looking thing, right? If I have a broadband like I'm sorry direct sequence spread spectrum, a spread spectrum, I don't know why I have trouble with that, a spread spectrum signal in the same frequency range, it will look like this. And because of that those two can operate together. The narrow band receiver will see the spread spectrum Page 5 of 20 signal as noise, right? Because it doesn't have enough signal strength to get out of the noise realm. Because the narrowband receiver is going to be just listening up here to the top. The spread spectrum receiver however, listens across the entire beam width from here to here, and therefore it sees the narrowband transmitter as interference. But it can transmit through the interference because it's clear on all the sides and it can still see that broad spectrum signal rays. Is there a third type of signal that can be in here? Somebody say "yes". Student: Yes. Joe Mayes: Okay, cool. What's the third type? Joe Mayes: So if this is, I want to label these. If this is narrowband and if this one down here is spread spectrum, what's the third type? Student: Direct sequence spread spectrum. Joe Mayes: Well that's what this one is, right? How about... What did I just try to draw? Student: Channels. Student: RAM? Student: Frequency hopping? Joe Mayes: Right frequency hopping spread spectrum. Now, anybody know a frequency hopping spread spectrum 2.4 gigahertz technology? Page 6 of 20 Student: Bluetooth. Joe Mayes: Bluetooth. And what happens is all three of these can operate in the same band at the same time and not interfere with each other because each is listening for a different type of signal. Does that make sense? Questions? So frequency hopping spread spectrum, direct sequence spread spectrum, and narrow band transmission. So all of these operate on direct sequence spread spectrum; 802.11 operated on three types. They could be frequency hopping, direct sequence, or infrared if you can believe that. But they abandoned all that when they went to 802.11b and said let's just go with DSSS. So it operated at 11, 5, 2 and 1 megabits and the 2 and 1 were the original speeds of 802.11. That's why it's backwards compatible. You can see the ranges it has a high interference potential because it covers such a broad spectrum and it's very widely deployed but becoming obsolete. And 802.11g also operates at 2.4 gigahertz, but it uses orthogonal frequency division multiplexing. Everybody say that three times fast, right? Orthogonal frequency division multiplexing. What's going on when you look across the top at any of these technologies is they keep changing the encoding. What's the difference between encoding and encryption? Student: Keys. Page 7 of 20 Joe Mayes: Encoding and encryption. Student: Encoding is just the way it's sent. Joe Mayes: Right. Student: Encryption is trying to hide it. Joe Mayes: Right in encryption we're trying to take plain text and hide it, turn it into ciphertext, right? In encoding, we're just trying to find a way to place ones and zeroes digital ones and zeroes on an analog carrier. What's going to be a one on a radio wave, right? And they keep changing the definition of what constitutes a one and zero. And the reason they keep changing the definition is the smarter they make the definition, the more ones and zeroes they can put in the same space. The more ones and zeroes they put in the same space, what happens? Student: The faster it is. Joe Mayes: Faster your data rate is. So when they went to DSSS to OFDM over DSSS the data rate went from 11 megabits a second to 54 megabits a second. They found a way encode more ones and zeroes. Because encoding isn't about hiding them. Encoding is about how to carry more of them. So 802.11b and g are both on 2.4 gigahertz; 802.11a operates in the 5 gigahertz band. And what that means is if you have trouble-- what Page 8 of 20 are the other things that operates a 2.4 gigahertz? Student: Microwave. Joe Mayes: Microwave ovens. Telephones and other things are all pretty well behaved. Baby cameras are not well behaved, microwave ovens are not well behaved. So because of those problems, there was a move to move everybody up, everybody possible up to 5 gigahertz to get away from that. The problem is the 5 gigahertz range they chose has its own issues which is that 5 gigahertz range operates in the same range as European weather radar.