Posted filed under CISSP.

  • Wireless Communications
  • WAP (Wireless Applications Protocol)
    –Developed for wireless (PDA’s, mobile phones, pagers, etc. devices to communicate)

  • WTLS (Wireless Transport Layer Security)
    –Security protocol developed for WAP communications
  • Please do not confuse WAP with WLANS

Wireless Technologies 

WLANS – Defined by the IEEE’s 802.11 standard (operates at Layer two of the OSI Model)

  • WLAN Components
    –Access Point (AP) that functions as a transparent bridge between wireless clients and an existing wired network. The AP typically has at least one interface (i.e., WAN port) to connect to an existing wired network.–SSID is the name of the wireless network or simply the AP’s name.–Client that could be a portable device (laptop) or a workstation with a wireless NIC.
  • Ad-Hoc Connection
    –A direct wireless connection between two computers–No Access Point is involved


Wireless Standards
–802.11b – Transmits up to 11Mbps at 2.4 GHz

–802.11a – Transmits up to 54 Mbps at 5 GHz

–802.11g –Transmits up to 54 Mbps at 2.4 GHz

–802.11d –To emulate 802.11b for countries where the 2.4 GHz is not available

–802.11f – Improves 802.11 handover mechanism to maintain connection while roaming

–802.11h – Improves on 802.11a by adding better control over channel selection and transmission power

–802.11i – Deals with Security based on AES. Has a feature called Robust Security Network (RSN), which defines two security methodologies. The first for legacy-based hardware using RC4, and the second for new hardware based on AES.

–802.11j – Basically made changes to the 5GHz signaling capabilities to support Japan’s regulatory requirements

–802.11n – Currently ratified and offers 100+ Mbps.


Wireless Networking Security

The are four components to wireless network security

–Access control





Access Control

–You can control which clients access your AP through various techniques

–Simply turn off your SSID broadcast to hide your AP’s presence

–A stronger means of access control is to enable MAC filter. You can have a list of permitted MACs or blocked MACs to limit connections

–SSID and MAC address are transmitted across the wireless network. A malicious user out there can detect a MAC address and configure his/her computer to impersonate and thus gain access to your AP
–You can encrypt communications between AP and clients

–To make a connection, clients must use the same encryption scheme and also possess the appropriate key

–Encryption blocks unapproved connections to your AP (at least in theory)

–A stronger encryption scheme is more desirable to keep your communications secure
Authentication (Shared Key)
–Via RADIUS or other systems you can enable client authentication over your wireless network

–Authentication provides much stronger access control

–Encryption with authentication is still required to prevent eavesdroppers from getting access to you data
Open Authentication (Not desirable)
–Any wireless client can connect if AP is configured as open authentication.

–Usually used by many public places such as hotels, business centers, coffee shops, etc.
–Means of segregating network traffic

–Could be wireless client isolation or network isolation

–Commonly used in public wireless networks to prevent users from accessing others’ computers

–Some APs offer network isolation through custom routing configurations
WEP – Wire Equivalent Privacy
–Uses a shared secret (64-bit key) between the client and the AP

–Before each packet is transmitted, CRC-32 checksum is appended to it (the packet) and both are encrypted using RC4 with the shared secret and an initialization vector (IV)

–Due to the flaws in the RC4 implementation in WEP, and the reuse of the IV values, WEP transmissions can be decrypted by an attacker in a very short period of time.


Initialization Vector (IV)

Randomly-generated value used by many cryptosystems to ensure that a unique a  ciphertext is generated when there are multiple ciphertext generated by the same key.

It is simply a continuously changing number used in combination with a secret key to encrypt data.
WPA – Wi-Fi Protected Access
–Was develop as a stopgap measure to rescue the limitations or weaknesses in WEP (after it became publicly known).

–Uses an improved implementation of RC4 with 128-bit key. The IV was also expanded from 24 to 48 bits.

–WPA uses TKIP (Temporal Key Integrity Protocol) using a different key for each packet.

–WEP’s CRC-32 was replaced with a message integrity check, dubbed “Michael”. Michael protects the packet’s header and data, and uses a frame counter to thwart replay attacks.

–Another advantage of WPA is that both the client and AP (network) authenticate with each other.
WPA2 – Wi-Fi Protected Access 2
–WPA2 implements the final IEEE 802.11i amendment to the 802.11 standard (as opposed to WPA which implemented just a subset of 802.11i.

–WPA2 is compliant with FIPS 140-2.

–RC4 was replaced by AES (Advanced Encryption Standard) which is a stronger encryption algorithm.

–TKIP and Michael were replaced by CCMP (Counter-Mode/CBC-MAC Protocol) that manages encryption keys and message integrity.

–WPA2 support IEEE 802.1X authentication, that is based on the Extensible Authentication Protocol (EAP) framework. EAP allows the authenticating partners to negotiate  the authentication method during the authentication phase.



Broadband Wireless


–Defined by IEEE 802.16, WiMAX allows the implementation of wireless Metropolitan Area Networks by using long range, broadband wireless technology.

–Offers improved access when a base station and client are not in line of sight, as defined in 802.16a.

–Security is based on AES (Advanced Encryption Standard) and EAP (Extensible Authentication Protocol).

–Broadband wireless supports protocols and services, such as ATM, voice, video, IP, etc.




To Become Certified For CISSP Please Visit This Link;

Comments are closed.