CSNT180 CH7
Independent Basic Service Set (IBSS)
Service Set Identifier (SSID) Radio Frequency Channel Security Configuration Advantages and Disadvantages of IBSS
Wireless LAN Modes of Operation
Two Common modes *Ad-Hoc *Infrastructure
Data Frames
Used to carry data payload between devices Special data type frame - null function frame Helps implement power save features QoS frame
Control Frames
Used to control access to the wireless medium and acknowledge data Used with protection mechanisms to allow device coexistence Examples include RTS - Request to send CTS - Clear to send ACK - Acknowledge
Active Scanning
What is active scanning and what frame is used Device desiring to connect sends out a probe request APs listening then send out what and this looks like what? Probe response and beacon frame info Unless the network is? Closed
What is the default internal for beacon frame transmission?
10 times a second
Distribution System
A network segment that consists of one of more connected Basic Service Sets (BSS) If more than one BSS is a(n) ____? Extended Service Set Can potentially use a wireless distribution system vs wired backbone. Typically uses 2.4GHz for devices and 5.0 GHz for the control / coordination signals
Extended Service Set (ESS)
A set of one or more interconnected basic service sets (BSSs) that appears as a single BSS to the logical link control (LLC) layer at any station (STA) associated with one of those BSSs
Power Saving Operation
Active Mode (AM) WLAN devices are always in an "awake" state Desktop vs laptop / mobile Power Save (PS) Mode WLAN devices will doze or enter a low power state for very short periods of times Listens for beacon frame letting device know messages are buffered AP provides device with association ID (similar to MAC address for switch) Device sends PS-Poll (Power Save Polling) msg Considered legacy based on new WiFi QoS Saves battery power at the 'expense' or additional AP / Device overhead tradeoff
Other names for IBSS
Ad Hoc Peer-to-Peer
Advantages and disadvantages of an IBSS
Advantages Often used in homes or SOHO Easy to configure No investment in access point hardware Disadvantages Limited radio frequency range No centralized administration capability Not scalable Difficult to secure
Advantages and disadvantages of a BSS
Advantages Uses intelligent devices - consistent, reliable, and secure comms Very scalable - add additional APs Centralized administration and control Security Disadvantages Incurs additional hardware costs compared to IBSS May require a site survey to determine coverage Must be connected to wired network infrastructure (typically router/gateway for SOHO) Additional knowledge required for configuration and deployment
Basic Service Set (BSS)
Advantages and Disadvantages of BSS
What is the act of verifying and confirming an identity?
Authentication
Power Saving Operation
Automatic Power Save Delivery (APSD) More current, robust version of PS Mode Works with devices that are Quality of Service (QoS) aware Works with time-bound applications that are subject to latency, such as voice and video
What are many times associated with open systems?
Captive Portals
Infrastructure Modes
Independent Basic Set Service (IBSS) Basic Set Service (BSS) Extended Set Service (ESS)
What is the primary frame used for passive scanning?
Beacon Frame
Review
Components and technology that play a role with IEEE 802.11 wireless networks Distribution system Wireless distribution system Both a wired and wireless distribution system use radio and access points to provide connectivity for wireless infrastructure
Review
Data rates and throughput Dynamic rate switching Various power modes Protection mechanisms and the importance of these methods in order to provide backward compatibility and coexistence to older technology devices
Independent Basic Service Set
Does not use access points and consists of only wireless LAN devices or client computers Not typically used for enterprise wireless LAN deployments Certain parameters must be set on the devices that wish to participate in an IBSS Must have SSID, RFChannel, and SecurityConfiguration to network
Protection Mechanisms
Extended Rate Physical (ERP) Protection Mechanism 802.11b Only Mode Disables all ERP-OFDM data rates: 6, 9, 12, 18, 24, 36, 48, and 54 Mbps Only allows DSSS 1,2 Mbps and HR/DSSS 5.5 and 11 Mbps Not typically used, limits AP 802.11g Only Mode Opposite of 802.11b Only Enables all ERP-OFDM Disables DSSS and HR/DSSS No backward capability required
Protection Mechanisms
Extended Rate Physical (ERP) Protection Mechanism 802.11b/g Mixed Mode Allows both 802.11b / g at same time Throughput will decrease when 802.11b and 802.11g intermixed Mixed mode uses either of two types of control frames to reserve RF medium Request To Send/Clear To Send (RTS/CTS) CTS to Self - Single frame and is a common implementation due to less overhead compared to RTS/CTS.
Shared key encryption is flawed or unflawed and is based on what encryption protocol?
Flawed, WEP
Shared key authentication is ____ step process?
Four
Protection Mechanisms
High Throughput (HT) Protection Mechanism Used for 802.11n devices Mode 0 - Greenfield Mode Does not allow backwards compatibility with 802.11a/b/g devices Transmission from these devices will cause collisions Mode 1 - HT Non-member protection Mode All devices must be HT capable Invokes protection mode when 802.11a/b/g devices are in hearing range Mode 2 - HT 20 MHz protection mode All devices must be HT capable Allows both 20 and 40Mhz wide channels vs 40Mhz only
Protection Mechanisms
High Throughput (HT) Protection Mechanism Used for 802.11n devices Mode 3 - HT Mixed Mode allows both HT and backwards compatibility to 802.11a/b/g devices Additional HT Protection Modes Dual CTS - New Layer 2 protection mechanism used for backward compatibility between HT and 802.11a/b/g devices Phased Coexistence Operation (PCO) is an optional BSS mode with alternating 20MHz and 40Mhz phases controlled by a PCO capable AP
What are common examples of when open system is used?
Hotspots
WLAN Roaming
In wireless LAN technology, roaming is the term for what happens when a device moves from one basic service set to another. Not part of original 802.11 spec (2003) The decision to roam when receiving signals from 2 APs is proprietary and based on specific manufacturer criteria including Signal Strength Signal to noise ratio Error rate Number of currently associated devices
Connecting to a Wireless Network - Frame Types
Management Frames - Used to manage the network Beacon Probe Request Probe Response Authentication Association Request Association Response
IBSS Security
No centralized control and no security management features Security is left up to the individual user or device Can be a concern for many enterprise installations The use of an IBSS may be against corporate security policy
Deauthentication and Disassociation
Occurs when an existing AuthN is no longer valid WLAN device logging off Roaming to different BSS Both are notifications and not requests
What are the two type of WLAN Authentication
Open system authentication Shared Key authentication
Protection Mechanisms
Provides the ability for newer standards such at 802.11g and n to be backwards compatible to 802.11b for example Two broad categories Extended Rate Physical (ERP) Protection Mechanism High Throughput (HT) Protection Mechanism
What is the most important quality about ESS with respect to enterprise deployment
ROAMING
Connection requirements for BSS
SSID Channel
What information is typically included in a beacon frame
SSID RF Channel Available data rates
Radio Frequency Channel
The IBSS configuration requires a user to set the specific RF channel that will be used by all devices that are part of the same IBSS network All devices in any common IBSS must be communicating on the same channel
Throughput
The amount of information actually being transmitted or received. Many variables effect the actual throughput of information being sent Spread spectrum or technology type in use RF interference Number of users connected to an access point For example 802.11b would be ~<11Mbps / 2 for half duplex Additional users would crowd medium and drive down throughput
Passive Scanning
The discovery phase of wireless networking WLAN device listens for information about networks What is your evidence that this is working on your device? SSIDs pop up in device to select. If known signal and device is not picking up, could be a device issue
Distribution System
The distribution system is the common infrastructure to which access points are connected and can be wired or wireless
Basic Service Set (BSS)
The foundation of the wireless network Consists of an access point connected to a network infrastructure and associated devices coverage is known as the basic service area (BSA)
Service Set Identifier (SSID)
The name or segmentation of WLAN devices Every device that wishes to be part of the same wireless LAN will use the same SSID The SSID is case sensitive and has a maximum limit of 32 characters or, as specified in the IEEE 802.11 standard, 32 octets
Data Rates
The speed in which wireless devices are designed to exchange information is known as the data rate
WLAN Roaming
When a device chooses to reassociate to new AP, the original AP will hand off the association to the new AP as requested from the new AP This is accomplished over a wired network or WDS Uses Reassociation frames. Device sends Reassociation frame to AP, AP shifts to new AP. Once completed old AP sends Reassociation response
Dynamic Rate Switching (DRS)
When a wireless device moves through the Basic Service Area (BSA) or the distance from the access point increases, the data rate will decrease
Review
Wireless LANs can operate in two modes, one being ad hoc mode and the other being infrastructure mode Three configurations for wireless LANs IBSS: Uses no access points BSS: Uses one access point ESS: Uses one or more BSSs Process devices use to connect to and become part of a wireless LAN Passive scanning: listening for beacons Active scanning: joining a wireless LAN Authentication Association
WEP
is mandatory with shared key authentication
Shared key authentication
is used for both device authentication and data encryption
Association
takes place after a device has been successfully authenticated either by open system or by shared key authentication Once authenticated, is considered part of the Basic Service Set