Category Archives: Wireless Networks

WiFi Scanner

A Wi-Fi scanner is a device designed to scan for wireless nodes such as access points and wireless clients in immediate areas around the unit. Detected Wi-Fi connections compile in an Excel file for future references. Graphing of the connection’s signal quality may also be graphed.

Issued under the General Public License (GPL), it works with CISCO (Mobile Access Router) and Prism (Wireless Local Area Network PCI) cards with HOSTAP (driver for wireless cards using the Intersil Prism chipset) or WLAN-NG, Prism54g, Atheros, Hermes/Orinoco, and Centrino drivers.

The Wi-Fi scanner application enables:

  • Checking of accessible hotspots
  • Data updates of 1-10 per second
  • Data log in XLS, text, or CSV format in use with other applications
  • Selection of database export items using the Item Option
  • Addition of current location text information to the database>/li>
  • Graphing of history from saved data

The Wi-Fi scanner requires:

  • A PocketPC device with ARM/XScale central processing unit (CPU)
  • Windows Media 2003 (or succeeding versions)
  • Wi-Fi

How the Wi-Fi Scanner Works:

With the Wi-Fi scanner display, the user can detect Wi-Fi signals and choose a channel for monitoring. When the window appears, click on ‘Start Scanning.’ Scanning is a cyclic process, wherein the utility ‘listens’ for signals on one channel, move to the next, and so on, until it comes to the last , after which a new cycle begins.

The process stops when ‘Stop Scanning’ starts. Click on ‘Reset’ to clear collected data. Click on ‘Save’ to store the scanning report under the HTML format.

When finished with scanning, choose a band from the ‘Band’ drop-down menu. Select the appropriate channel through the ‘Channel’ drop-down menu and then click on ‘Capture’.

WiFi

Wi-Fi is the name of the standard wireless technology that employs radio waves, providing high-speed wireless Internet or network connections. Mobile phones, home networks, video games, and various other devices use it. Most personal computer operating systems (OSs) and many gaming consoles, printers, and peripherals sustain Wi-Fi today.

Wi-Fi offers convenience and lessens complexity in the process of wireless access to data, applications, media, and streams. Wi-Fi’s primary aims are to:

  • Provide easier information access
  • Ensure device compatibility
  • Reduce wiring and cables
  • Eliminate adapters, connectors, pins, plugs, and switches

A Wi-Fi enabled gaming console, mobile phone, MP3 player, PDA, or personal computer can link up to the Internet if it is within a wireless network’s range.

The main purpose of an access point is to transmit a wireless signal detected and ‘traversed’ by computers. Computers and other devices must have wireless network adapters to be able to connect to access points. One or more of these connected access points is called a hotspot. A hotspot can cover an area as large as several square miles or space as tiny as a small room.

Many Wi-Fi software tools are currently within reach. These Wi-Fi tools perform functions like:

  • Discovery of wireless networks
  • Mapping of wireless networks
  • Traffic analysis within wireless networks
  • Monitoring of RF strength within wireless networks
  • Encryption cracking of wireless networks
  • Custom-frame generation for wireless networks
  • Dictionary or ‘brute force’ attacks against wireless networks
  • Denial of Service (Dos) attacks against wireless networks

Various platforms can avail of the following Wi-Fi software tools:

  • Multiple platforms
  • Windows
  • Unix
  • Mac OS

TKIP

TKIP stands for Temporal Key Integrity Protocol. It is part of the IEEE 802.11 encryption standard for wireless networks.

The IEEE 802.11i task group and the Wi-Fi Alliance created the TKIP as a replacement to the Wired Equivalency Protocol (WEP), which is used to secure 802.11 wireless networks. The necessity resulted from the break of WEP which had left Wi-Fi networks without any workable link-layer security.

TKIP Solutions to WEP

TKIP uses the same encryption engine and the RC4 stream cipher defined for WEP. However, TKIP uses 128 key bits for encryption and 64-bit keys for authentication. This feature solves the very short key length used in WEP.

TKIP also enhances WEP by changing the key used for each packet. Each key is a combination of a Pairwise Transient Key, the MAC address of the transmitting station, and the packet’s unique 48-bit serial number. This mixing function is designed to put minimum demand on the stations and access points, while retaining enough cryptographic strength to keep it from breaking easily.

Moreover, the unique 48-bit serial number assigned to each packet acts as the initialization vector and part of the key. Assigning a sequence number into the key diminishes the possibility of “collision attacks”, which occur when the same key is used for two different packets.

The serial number, functioning as the initialization vector, helps in the reduction of “replay attacks” as a 48-bit sequence number will take an incredibly long time to repeat itself. Packets from wireless connections are difficult to replicate as they will be detected as out of order because the sequence numbers is not correct.

Another vital feature that is mixed into the TKIP key, and therefore enhancing WEP, are the base keys. These base keys that are mixed into each packet are uniquely generated every time a wireless station associates with an access point. They are a combination of a special session secret with random numbers, which are generated by the access point, the station, and the MAC addresses of the access point and the station. Using a uniquely generated base key each time solves the dilemma of constantly using the same key in the wireless LAN.

HSCSD

High Speed Circuit Switched Data (HSCSD) is an evolution of Circuit Switched Data (CSD). It is the initial mechanism for data transmission in the Global System for Mobile communications (GSM) standard. HSCSD has data transmission rates as fast as 38.4 kbits/s.

The HSCSD enhancement uses multiple channels, thus enabling higher transmission rates. This allows users to benefit from faster e-mail, Internet, and file transfer service. HSCSD also offers access to non-voice services at approximately three times the speed of the earlier systems. Users can receive and send data using personal computers at speeds as fast as 28.8 Kbps. In certain networks, speeds can reach as fast as 43.2 Kbps.

Subscribers may use this system through HSCSD-compatible voice terminals or a portable computer card and a GSM mobile phone. This combination renders laptop computers and other portable devices into high-speed mobile offices. These offices give the user hands-free voice calls and convenient data transfer functions.

HSCSD is valuable to users who access their e-mail, the Internet, office intranet, or other access files. Even if a user is out of the office or travels to another country (where HSCSD roaming is accessible), connection to a home Internet Service Provider (ISP) or to an office is possible. Here, data transmission uses the cellular or mobile device as opposed to a fixed connection line, thus giving the user benefits in terms of major improvement in data transfer rate.

HSCSD is now accessible to approximately 90 million subscribers in 25 countries across the globe. This enhancement will soon be available in HSCSD-enabled GSM mobile handsets (as well as PC-compatible devices) through International Roaming arrangements among HSCSD service providers worldwide.

WEP

WEP stands for Wired Equivalent Privacy. It is an encryption algorithm, which was built in the 802.11 standard, that aims to provide security for wireless networks. The 802.11 standard is followed by Wi-Fi technologies and is a set of specifications for wireless Ethernet.

WEP makes use of specific technologies to perform its calculations for encryption. WEP uses the RC4 stream cipher, which encrypts text one bit at a time. This stream cipher enhances the confidentiality of data being transferred on the network. In relation to this, WEP uses an initialization vector for its computations. WEP also uses the CRC-32 (Cyclic Redundancy Check) to achieve data integrity.

A WEP Key is generated through a set of processes. WEP key generation begins when an ASCII passphrase is entered. The system does a set of steps for verification. Afterwards, the WEP key is generated and can be accessed by the user. Most Wi-Fi devices support the said procedure. However, certain Wi-Fi devices have problems in using ASCII passphrases. For these devices, individuals can use the hexadecimal version of the WEP key.

Although WEP is applied in many wireless networks, it poses certain issues with regard to security. Network administrators of certain wireless systems choose to disable WEP due to the large overhead of having a shared WEP key. The initialization vector that is used to provide the WEP algorithm is normally sent in the clear. This makes tracing problems difficult when they do take place. The CRC-32 checksum produced in WEP systems is oftentimes predictable, heightening the possibility of unauthorized access.

How Wireless Modems Work

Wireless modems are connectors of wireless networks that are used for Internet connection. When you are connected through a wireless modem, you are directly attached to your Internet Service Provider without going through the usual telephone system. This provides less hassle for Internet users.

History of Wireless Modems

In the past, analog cellular phones used a landline modem for dial-up connection. This connection was as slow as 2.5 kb/second, and sometimes even slower. The generation of digital cellular phones offered faster connections, which improved up to 4 times faster during the 2G (Second Generation) era. After that, HSCSD (High-Speed Circuit-Switched Data) was developed to provide multiple GSM (Global System for Mobile) channel support. Because of this improvement, speed began ranging from 40 kb/sec to 45 kb/sec. However, these technologies required dial-up ISP (Internet Service Provider), which was provided by mobile phone networks.

The Development of Wireless Modems

Shortly after the reign of 2G phones, 2.5G phones emerged. The latter had help options for packet data. It means that 2.5G networks split digital voice and other data into little amounts and they are mixed simultaneously in the network. This process of splitting and mixing is referred to as packet-switching. The technology permits the phone to have data and voice connection simultaneously.

This makes surfing the Internet using a mobile phone possible. A personal computer can even use that same mobile phone if it wishes to connect to the Internet. The PC just needs a special number, which it needs to “dial” before it gets admission with the packet data. The mobile phone, used as the wireless modem, now handles the data exchange in the network. Its speed can reach up to 50 kb/second.

Wireless Modems Today

The most common use of wireless modems are for an Internet connection arrangement you know as Wi-Fi. Contrary to popular belief, the term Wi-Fi does not mean “wireless fidelity”. Wi-Fi is simply a trademark name given by an alliance (Wi-Fi alliance) whose members are also part of the IEEE (Institute of Electrical and Electronics Engineers).

Wireless modems operate at very little frequencies, giving laptops, PDAs or personal computers access point towards a network. A lot of people prefer using wireless modems because the speeds by which they operate are exponentially greater than dial-up modems and even broadband Internet.

802.11i

802.11i (or IEEE 802.11i-2004) is a variation of the Institute of Electrical and Electronic Engineers’ wireless network standard. It identifies security measures and protocol used in wireless network data transmission documented in the IEEE 802.11-2007 publication.

802.11 is a group of IEEE standards governing wireless networking transmission procedures. Widespread use of the 802.11a, 802.11b, and 802.11 g protocols enable efficient wireless connectivity for home, office, and commercial computing.

802.11i is a recent amendment for WLANs (Wireless Local Area Networks). This evolution of the 802.11 presents enhanced encryption for 802.11a, 802.11g, and 802.11b connections (such as Wi-Fi). The 802.11i standard employs improved encryption key protocols like the Temporal Key Integrity Protocol (TKIP) and the Advanced Encryption Standard (AES) .

802.11i architecture includes these integral components:

  • 802.1x to authenticate (requiring the use of EAP plus an authentication server)
  • RSN (Robust Security Network) to keep track of connections
  • AES-based CCMP to provide security (in terms of data confidentiality, integrity, and origin authentication)

Another important part of the process of authentication is the ‘four-way handshake.’ This heightens data security, as the AP needs to verify itself with the client station first and derive traffic encryption keys before gaining access to the network. After this, the signal must also surrender the Global Temporal Key (GTK) before finally decoding the broadcast and multicast traffic.

The 802.11i amendment specifications meet the security standards of many government agencies and other entities. AES, however, needs a dedicated microchip, which could mean hardware upgrades to present Wi-Fi networks. 802.11i also enables key caching (which assists in quick server reconnection for users who have gone offline) as well as pre-authentication (which provides fast roaming – ideal for more sophisticated applications like VoIP or Voice over Internet Protocol) .

802.11b

802.11b (or 802.11b-1999) is an evolution of the IEEE (Institute of Electrical and Electronic Engineers) standard that raised transmission rates to 11 Mbit/s using the prior 2.4 GHz band. 802.11b is the system used in WLANs (Wireless Local Area Networks) marketed under the name ‘Wi-Fi’ and implemented around the globe. Wi-Fi is often expanded (albeit erroneously) to mean ‘Wireless Fidelity.’ 802.11b is compatible with its predecessor and root model 802.11.

802.11 is a group of IEEE standards used to govern methods for transmission in wireless networks. The most commonly used versions of the series today are 802.11a, the 802.11b, and the 802.11g. This group offers wireless connectivity for home, office, and commercial computer use.

802.11b employs the Ethernet protocol, as well as the CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance) method for purposes of file sharing, following 802.11 standards. PSK (phase-shift keying) is the method of modulation used by most of the 802.11 devices, while 802.11b uses CCK (complementary code keying). The latter standard allows faster and higher data transmission and less multipath propagation obstructions.

802.11b uses the standard media access methods. In early 2000, 802.11b products emerged in the market, acquiring a direct modulation adjustment used by 802.11. A radical increase in transmission rates and the significant price reduction of the 802.11b version (as compared to the original 802.11) led to its present popular reputation in the WLAN technology world.

IEEE 802.11b-compatible equipment may bring about interference when used near products operating within the 2.4 GHz frequency range. These devices include baby monitors, Bluetooth devices, cordless phones, and microwave ovens.

WPA

WPA stands for Wi-Fi Protected Access. The Wi-Fi Alliance, a global organization aiming to adopt a standard for high-speed wireless local area networking, created WPA as a standard. WPA is set to be rolled into IEEE 802.11i standard.

WPA has two major modes of operations: WPA Enterprise Mode and WPA PSK (Pre-Shared Key) Mode.

The enterprise mode needs an authentication server to carry out and complete its tasks. This mode also makes use of radius protocols for it to perform key distribution and authentication. The enterprise mode has a central system to manage information about user credentials. Since the enterprise mode uses a radius server, it benefits larger companies rather than homes and small businesses.

On the other hand, the PSK or Pre-Shared Key mode does not need an authentication server. To perform the process of authentication, the PSK mode uses shared secret. The PSK mode manages its user credentials through a device-oriented system. Since the PSK mode shares certain qualities with other shared password systems, it is susceptible to the same risks encountered by the said systems.

Moving on, WPA presents security enhancements to ensure the safety of information and the system itself. WPA requires re-keying through the use of an advanced protocol known as TKIP (Temporal Key Integrity Protocol). In addition, WPA increases its ICV (Integrity Check Value) through Message Integrity Check (MIC). This provides a higher level of protection for the system’s header and its payload. WPA also includes a frame counter to prevent replay attacks.

EV-DO

Evolution, Data Optimized or Evolution, Data Only (EV-DO, 1xEvDO, or 1xEV-DO) is a Third Generation (3G) wireless broadband data standard. “CDMA2000, High Rate Packet Data Air Interface” is its official name. Aside from it, there are also other, competing standards like W-CDMA (Wireless Code Division Multiple Access).

3G provides high-speed voice data transfer, all in a mobile environment. It utilizes the cellular method employed by mobile phone networks.

The operations of high-speed wireless networks are hindered because of the lack of bandwidth (range of accessible frequencies). Only a certain amount of data can be transmitted through the available bandwidth, so Qualcomm designed the CDMA technology to surpass this threshold. EV-DO is a variation of that technology.

Multiple wireless devices can simultaneously transmit on a single frequency under CDMA. A specific mathematical signature is assigned to each wireless device. CDMA then applies the signature to the initial signal and sends the modified signal. A receiver recovers the initial signal by applying the opposite mathematical operation to the modified signal.

EV-DO was developed in 1999 to reach an ideal target transmission speed of over 2MBps in stationary communications. Realistically, EV-DO mobile users are able to download at rates of 400-700 KBps when signal strength is high, interference is low and speeds are beyond 2 KBps. The download speed is influenced by the signal speed.

EV-DO works with the same approach used by the Internet. Internet Protocol (IP) breaks data down into smaller portions called packets. Each packet is transmitted independently to others. Upon access to an Internet website, no bandwidth is consumed until it starts up the Web page.

With EV-DO, no packets are sent when neither person in a phone call speaks. In that instance, the connection does not use up the bandwidth and the bandwidth use is saved for other devices.

EV-DO can enable pervasive computing, wherein various devices under a continuous high-speed Internet connection are in a seamless network. EV-DO optimizes Virtual Private Networks (VPNs), allowing a user to connect to media applications and services such as IPTV and VoIP.

TKIP

What is TKIP?

TKIP refers to Temporal Key Integrity Protocol. It is a security standard used by IEEE 802.11 wireless networks. It was designed by the IEEE 802.11i task group and the Wi-Fi Alliance. It is an improvement over the Wired Equivalent Privacy security.

TKIP Background

The primary aim of creating TKIP was to replace WEP without having to replace legacy hardware. The need for this arose when WEP was breached, and Wi-Fi networks were left without viable link-layer security.

TKIP was first endorsed by the Wi-Fi Alliance on October 31, 2002 under the name Wi-Fi Protected Access (WPA). On July 23, 2004, its final version was approved by the IEEE under the name IEEE 802.11i, along with other solutions such as the 802.1X and the CCMP. The Wi-Fi Alliance adopted its full specifications under the marketing name WPA2 soon after.

TKIP Technical Details

The following points outline TKIP’s technical details and its improvements from WEP:

1. TKIP uses the RC4 stream cipher and 128-bit keys for encryption. This adds to the short key length used by WEP.

2. As an enhancement to WEP, TKIP adds a key mixing function for each packet in order to disassociate the public initialization vectors from weak keys. This is possible because the mixing is designed to put minimum demand on the stations and access points while providing enough cryptographic strength to keep them from breaking easily.

3. Each of the Packets transmitted via TKIP is assigned a unique 48-bit serial number which increases each time a new packet is transmitted or used as an initialization vector. This feature avoids a WEP problem called “collision attacks”, which happens when the same key is used for two different packets. Using the serial number as the initialization vector also aids in avoiding another WEP problem dubbed as “replay attacks”, because it will take a long time before a 48-bit sequence number needs to be repeated.

4. TKIP generates a new base key each time a wireless station associates with an access point. Together with the IEEE 802.1X authentication, the session secret cannot be repeated and is transmitted securely to the station via the authentication server.

SSID

SSID (Service Set Identifier) is a certain order of case-sensitive alphanumeric characters that uniquely name a Wireless Local Area Network (WLAN). This name is the secret key set by the network administrator for individuals to connect to the preferred (Wi-Fi) network. It is used when various independent networks are active in the same physical area. An SSID can have a maximum of 32 characters.

All WLAN devices must use the same SSID for the users to get in touch with one another. Before a user can join a Wi-Fi network, he must first know the correct SSID. However, others may also be able to figure out the SSID through network sniffing.

A Basic Service Set (BSS) is a set of wireless devices that connect directly with each other. A number of BSSs can be linked to create a logical WLAN segment known as Extended Service Set (ESS). SSID is the name given to each ESS.

Wireless clients can set the SSID either manually or automatically. You can manually set the SSID by typing it in into the client network settings. To automatically set the SSID, leave the SSID blank or unspecified.

A network administrator frequently utilizes a public SSID, which is established on the access point and transmitted to all wireless devices in the network span. Some more recent wireless access points immobilize the automatic SSID transmission feature to enhance the security of the network.

The term ESSID (Extended Service Set Identifier) also refers to SSID. It is also sometimes referred to as the “network name.”

Security Issues

Service Set Identifier is a secret key set by the network administrator. Some management problems arise for the network administrator because of this. If the network administrator wishes to be shut out of the network, he/ she must modify the SSID of the network. Since every user in the network must configure the SSID into their system, they would all have to reconfigure the SSID on their network nodes. Some Wi-Fi Network Information Centers enable the user to configure a number of SSIDs at a time.

Disabling SSID Broadcasting

Several WAP (Wireless Access Point) manufacturers have supplemented a configuration choice which allows the user to disable SSID broadcasting. This promotes the security of the network because it is able to stop the SSID from being broadcast with Beacon frames and Probe Requests.

More Articles on SSIDs