Wi-Fi It's a brand name you can license after passing compatability tests It's 802.11? It's not WiMax Purpose: Act like a wireless ethernet Cheap Simple to use Downgrade gracefully Short Haul (not like cellular) Roaming is not described by the standards Therefore it might not work Therefore each vendor can do something clever Same with channel bonding Spectrum Starts around 2.4Ghz Means small antenna Means one can focus the beam with a small antena Pringles can story Absorbed by things (walls, water) mor than lower frequency but less than 5 Ghz) Channels (see http://en.wikipedia.org/wiki/List_of_WLAN_channels) Divided into channels of 5 Mhz There are 11 in the US at 200 mwatts There are 13 in Europe at 100 mwatts There are 14 in Japan Worldwide Amature radio shares channels 2-6 A broadcaster on channel N also radiates onto N+1 and N-1 and N+2 and N-2 and so on Must be -30db more than 11 Mhz away and -50db more than 22 Mhz away Cell phones, Bluetooth, and others use this band Microwave ovens emit here 200 mwatts max (unless you cheat) LOng range at http://en.wikipedia.org/wiki/Long-range_Wi-Fi Protocol Start with Request to associate ... reply yes Then request to authenticate .... reply yes Different that Ethernet .. has Request to Send and Clear to Send and ACK for each packet http://searchnetworking.techtarget.com/answer/Can-neighboring-80211n-and-80211g-networks-avoid-coexistence-problems 802.11 The original standard Uses infrared or radio Used 1 or 2 Mb/sec Not reasonably available 802.11b Raw data rate of 11Mb/sec or 5.5 or 2 or 1 Mb/sec Uses a spread-spectrum technology 30M at 11Mb/s 90 meters at 1 Mb/sec 100 kilometers with serious antennas and line of sight TCP sees 5.9 Mb/sec UDP sees 7.1Mb/sec CSMA/CA 802.11g Raw data rate of 54 Mb/sec,real rate 24.7Mb/sec G is backwards compatable with B Uses a different encoding scheme SSID Access Point Periodically broadcasts a 1Mb/sec beacon containing the SSID WEP Weird, a failed protocol In 2001, a group from the University of California, Berkeley presented a paper describing weaknesses in the 802.11 WEP (wired equivalent privacy) http://www.cypherpunks.ca/bh2001/mgp00016.html Kismac ... http://kismac.binaervarianz.de/ FBI showed a three minute crack with available tools WPA Data is encrypted with RC4 just like WEP The TKIP is a 128 bit value from The MAC address The serial number for this packet The SSID The Base Key (a random number) From the TKIP a 48 bit IV is generated This is MUCH MUCH bigger than the IP in WEP This is unlikely to be repeated by the same base station This is unlikely to be repeated by different base stations This defeats replay attacks This defeats key reuse attacks Replace CRC with MIK, which makes it harder to alter the message but doesn't use too much CPU WPA2 Replace RC4 with AES (more secure, more CPU power) MIK is replaced by CCMP Windows got support of WPA2 on May 1st, 2005. Apple got support with Airport Extreme WPA2 is manditory for the WiFi certification as of 13-March-2006 WAPI Chinese government mandate for use in China instead of WPA2 Based on authentication servers and public key crypt to exchange certificates Once session passwords are exchanged, a SECRET symetric algorithm encrypts data. Comparing WiFi and Wired Ethernet Bandwidth Cannot determine if a collision has occured Can't hear Transmissions might or might not overlap Authentiate Request Authenticate Reply There are lots of authentication mechanisms Associate Request Assocate Reply Disassociate Beacon There is a 4 way handshake I send a Request To Send You Send a Clear To Send I send Data You send ack Ether is clear for the next pair This is done in 802.11b and 802.11g if it hears b style transmissions in the air Dumb for forwarding nodes WiFi Fragments at the network layer Invisible to IP Because noise favors small packets and silence favors large ones Promiscious Mode Jamming High traffic Security Mac Adresses DNS DHCP War Driving Mesh Networks Why Mobile Meshes Routing Failure Highest Density Switch I Know Of... http://www.xirrus.com/public/company/index.shtml ($1000) Locating Broadcasters Lots of Info http://www.wildpackets.com/support/compendium/manual_appendices/nxA1_AP#wp1001864