Title:
Building secure wireless networks with 802.11
Personal Author:
Publication Information:
Chichester, UK : John Wiley & Sons Inc., 2003
ISBN:
9780471237150
Added Author:
Available:*
Library | Item Barcode | Call Number | Material Type | Item Category 1 | Status |
---|---|---|---|---|---|
Searching... | 30000010023779 | TK5105.78 K52 2003 | Open Access Book | Book | Searching... |
On Order
Summary
Summary
Provides a step-by-step approach for planning and implementing a wireless LAN based on 802.11 Wireless Fidelity (Wi-Fi) technology Authors are Wi-Fi security experts who are able to address the firestorm of concerns about security for 802.11b networks Offers a clear perspective of interoperability with related wireless standards like 802.11a, HomeRF, and Bluetooth Explains how to achieve the same performance as a wired Ethernet connection and deliver flexibility and high speed
Author Notes
Jahanzeb Khan is Principal Engineer with RSA Security, Inc.
Anis Khwaja works in the IT department of a leading financial services firm
Table of Contents
Acknowledgments | p. xiii |
About the Authors | p. xv |
Introduction | p. xvii |
Part 1 Introduction to Wireless Local Area Networks (LANs) | p. 1 |
Chapter 1 Networking Basics | p. 3 |
Development of Computer Networks: An Overview | p. 4 |
Network Types | p. 8 |
Peer-to-Peer Networks | p. 8 |
Local Area Networks (LANs) | p. 9 |
Wide Area Networks (WANs) | p. 9 |
Personal Area Networks (PANs) | p. 11 |
The Internet | p. 11 |
Virtual Private Networks (VPNs) | p. 12 |
Network Topologies | p. 13 |
Three Commonly Used Topologies | p. 13 |
Choosing the Right Topology | p. 15 |
Network Hardware and Software | p. 17 |
Networking Components | p. 17 |
Networking Software | p. 28 |
Networking Protocol: TCP/IP | p. 28 |
Putting It All Together | p. 32 |
Summary | p. 33 |
Chapter 2 Wireless LANs | p. 35 |
Evolution of Wireless LANs: An Overview | p. 36 |
A Basic Wireless LAN | p. 37 |
Basic Architecture of a Wireless LAN | p. 39 |
Wireless LAN Adapters | p. 40 |
Access Points (APs) | p. 47 |
Wireless LAN Configurations | p. 49 |
Ad-Hoc Mode | p. 49 |
Infrastructure Mode | p. 49 |
Distribution Service Systems (DSSs) | p. 50 |
Existing Wireless LAN Standards | p. 51 |
IEEE 802.11 | p. 52 |
IEEE 802.11b | p. 52 |
IEEE 802.11a | p. 52 |
HomeRF | p. 52 |
Bluetooth | p. 53 |
Are Wireless LANs Risks to Health? | p. 53 |
Security Risks | p. 53 |
Summary | p. 54 |
Chapter 3 The Institute of Electrical and Electronics Engineers (IEEE) 802.11 Standards | p. 55 |
History of IEEE | p. 56 |
IEEE 802 Wireless Standards | p. 56 |
The 802.11 Working Group | p. 57 |
The 802.15 Working Group | p. 57 |
The 802.16 Working Group | p. 58 |
The 802.11 Family of Standards | p. 58 |
The 802.11 Standard Details | p. 59 |
802.11 Security | p. 61 |
Operating Modes | p. 62 |
Roaming | p. 63 |
The 802.11 Extensions | p. 64 |
802.11b | p. 64 |
802.11a | p. 66 |
802.11g | p. 68 |
802.11 Shortcomings | p. 69 |
Wireless Standards Comparison | p. 69 |
Summary | p. 70 |
Chapter 4 Is Wireless LAN Right for You? | p. 71 |
Benefits of Wireless LANs | p. 72 |
Deployment Scenarios | p. 73 |
Small Office Home Office (SoHo) | p. 73 |
Enterprise | p. 74 |
Wireless Internet Service Providers (WISPs) | p. 75 |
Costs Associated with Wireless LANs | p. 78 |
SoHo | p. 79 |
Enterprise | p. 79 |
WISPs | p. 79 |
Deployment Issues | p. 79 |
SoHo | p. 80 |
Enterprise | p. 80 |
WISPs | p. 80 |
Security | p. 81 |
Health Concerns | p. 81 |
Summary | p. 81 |
Part 2 Secure Wireless LANs | p. 83 |
Chapter 5 Network Security | p. 85 |
Network Operational Security | p. 86 |
Physical Security | p. 87 |
Common Network Attacks on Operational Security | p. 94 |
External Network Attacks | p. 94 |
Internal Network Attacks | p. 101 |
Network Data Security | p. 103 |
Resident-Data or File Security | p. 104 |
Protecting Data Using Cryptographic Primitives | p. 104 |
Network Data Transmission and Link Security | p. 106 |
Securing Network Transmission | p. 108 |
Summary | p. 116 |
Chapter 6 Securing the IEEE 802.11 Wireless LANs | p. 117 |
Wireless LAN Security Requirements | p. 118 |
Wireless LAN Operational Security Requirements | p. 119 |
Wireless LAN Data Security | p. 122 |
The Institute of Electrical and Electronics Engineers (IEEE) 802.11 Standard Security | p. 123 |
Service Set Identifiers (SSID) | p. 123 |
Wired Equivalent Privacy (WEP) Protocol | p. 123 |
IEEE 802.11 WEP Protocol Weaknesses and Shortcomings | p. 129 |
The Future of 802.11 Standard Security | p. 131 |
Common Security Oversights | p. 131 |
Using Default or Out-of-the-Box Security | p. 131 |
Using Fixed Shared Keys | p. 132 |
Using Far-Too-Strong Radio Signals | p. 132 |
Extending Wireless LAN Security | p. 132 |
The 802.1X Authentication Protocol | p. 132 |
Virtual Private Networks (VPNs) | p. 136 |
Securing Wireless LAN | p. 137 |
User Authentication | p. 138 |
Data Confidentiality and Privacy | p. 138 |
Wireless LAN Passwords and Usage Policies | p. 139 |
Frequent Network Traffic and Usage Analysis | p. 139 |
Summary | p. 139 |
Part 3 Building Secure Wireless LANs | p. 141 |
Chapter 7 Planning Wireless LANs | p. 143 |
Step 1 Understanding Your Wireless LAN Needs | p. 144 |
Step 2 Planning the Scope of Rollout | p. 147 |
Step 3 Performing Site Survey | p. 147 |
Considering the Geographic Coverage Area | p. 147 |
Per-Site Security Requirements | p. 148 |
Profiling Wireless LAN Users and Devices | p. 148 |
Step 4 Setting Up Requirements and Expectations | p. 149 |
Network Bandwidth and Speed | p. 150 |
Coverage Area and Range of Wireless LANs | p. 150 |
Security | p. 150 |
Step 5 Estimating the Required Wireless LAN Hardware and Software | p. 150 |
Basic Wireless LAN Hardware | p. 151 |
Software | p. 154 |
Conventional Hardware Requirements for Various Deployment Scenarios | p. 155 |
Step 6 Evaluating the Feasibility of Wireless LANs and the Return on Investment (ROI) | p. 157 |
Step 7 Communicating the Final Plan with Higher Executives and Potential Users | p. 158 |
An Example of Wireless LAN Planning: Bonanza Corporation | p. 158 |
Step 1 Bonanza Wireless LAN Needs | p. 159 |
Step 2 Planning the Rollout | p. 160 |
Step 3 Site Survey | p. 161 |
Step 4 Setting Up Requirements and Expectations | p. 162 |
Step 5 Estimating the Required LAN Hardware and Software | p. 163 |
Step 6 Evaluating the Feasibility of Wireless LANs and Estimating Return on Investment (ROI) | p. 164 |
Step 7 Communicating the Wireless LAN Deployment Plan with Executives | p. 165 |
Summary | p. 165 |
Chapter 8 Shopping for the Right Equipment | p. 167 |
Making Your Wireless LAN Equipment Shopping List | p. 168 |
Explore the LAN TechnologiesAvailable in the Market | p. 169 |
Wireless LAN Technologies | p. 169 |
Wired LAN Ethernet Equipment Technologies | p. 169 |
Virtual Private Network (VPN) Gateways and Clients | p. 170 |
Remote Authentication Dial-in User Service (RADIUS) Server | p. 170 |
Wireless LAN Supporting Operating Systems | p. 171 |
Major 802.11 Equipment Vendors and their Products | p. 172 |
Cisco Systems | p. 172 |
Agere Systems/ORiNOCO | p. 174 |
Linksys | p. 176 |
NetGear | p. 178 |
Xircom/Intel Corporation | p. 180 |
Decide Your Shopping Parameters | p. 183 |
Shopping for LAN Equipment | p. 184 |
Shopping on the Internet | p. 184 |
Shopping Using Mail-Order Catalogs | p. 185 |
Shopping at a Local Computer Hardware or Office Supply Store | p. 186 |
Shopping Tips | p. 186 |
Summary | p. 187 |
Chapter 9 Equipment Provisioning and LAN Setup | p. 189 |
Before We Start | p. 190 |
Identifying the Wireless LAN Components | p. 190 |
Wireless LAN Adapters | p. 191 |
Wireless LAN Access Points (APs) | p. 193 |
Wireless LAN Antennas | p. 193 |
Networking Support Servers | p. 194 |
Setting Up a Wireless LAN for the 802.11 Infrastructure Mode | p. 195 |
Setting Up a Wireless LAN Access Point | p. 195 |
Setting Up Wireless LAN Adapters | p. 202 |
Finishing the Access Point Configuration | p. 210 |
Testing Your Standalone Wireless LAN | p. 215 |
Adding More Computers to Your Standalone Wireless LAN | p. 216 |
Connecting a Wireless LAN to the Internet | p. 216 |
Using Multiple AP Configurations | p. 218 |
Overlapping AP Configuration | p. 218 |
Non-Overlapping AP Configuration | p. 220 |
Setting Up Wireless LAN for the 802.11 Ad-Hoc Mode | p. 222 |
Summary | p. 223 |
Chapter 10 Advanced 802.11 Wireless LANs | p. 225 |
High Security and Authentication--Enabled 802.11 Wireless LANs | p. 225 |
The 802.1X Standard | p. 226 |
Virtual Private Network for Wireless LANs | p. 227 |
Building a Secure Wireless LAN with 802.1X and VPN Technology | p. 231 |
Point-to-Point Wireless Connectivity between Two Sites | p. 244 |
Point-to-Point Wireless Connectivity Requirements | p. 245 |
Network Configuration | p. 245 |
Setting Up ORiNOCO Point-to-Point Radio Backbone Kit | p. 246 |
Securing the Point-to-Point Wireless Connectivity Using VPN | p. 249 |
Secure Remote Access from a Wireless LAN over the Internet Using VPNs | p. 249 |
Summary | p. 250 |
Part 4 Troubleshooting and Keeping Your Wireless LAN Secure | p. 251 |
Chapter 11 Troubleshooting Wireless LANs | p. 253 |
Common Problems | p. 253 |
Hardware Problems | p. 254 |
Software Problems | p. 256 |
Handling Bandwidth Congestion Due to Competing Devices | p. 258 |
Upgrading Wireless LANs | p. 259 |
Optimizing and Managing the Network Load through Monitoring Wireless LAN Quality | p. 260 |
Summary | p. 260 |
Chapter 12 Keeping Your Wireless LAN Secure | p. 261 |
Establishing Security Policy | p. 262 |
Understanding Your Security Policy Requirements | p. 262 |
Creating Security Policy | p. 265 |
Communicating Security Policy | p. 271 |
Security Policy Compliance | p. 271 |
Intrusion Detection and Containment | p. 272 |
Wireless LAN AP Monitoring Software | p. 272 |
Intrusion Detection Software | p. 272 |
Antivirus Software | p. 272 |
Firewall and Router Logs | p. 273 |
Network Login and Activity Logs | p. 273 |
Getting Ready for Future Security Challenges | p. 273 |
Summary | p. 273 |
Appendix A Wireless LAN Case Studies | p. 275 |
Home-Based Wireless LANs: The Khwaja Family Residence | p. 276 |
Background | p. 276 |
The Problem | p. 276 |
The Solution | p. 277 |
Results | p. 278 |
Future | p. 278 |
A Small Corporation Wireless LAN: The Morristown Financial Group | p. 278 |
Background | p. 278 |
The Problem | p. 279 |
The Solution | p. 279 |
The Results | p. 279 |
The Future | p. 280 |
Campus-Wide Wireless LAN: Carnegie Mellon University | p. 280 |
Background | p. 280 |
The Problem | p. 281 |
The Solution | p. 281 |
The Results | p. 283 |
Wireless Internet Service Providers: M-33 Access | p. 283 |
Background | p. 283 |
The Problem | p. 283 |
The Solution | p. 284 |
The Result | p. 286 |
The Future | p. 286 |
Appendix B Installing ORiNOCO PC Card Under Various Operating Systems | p. 287 |
Installing under Windows 98, Windows ME, and Windows 2000 | p. 287 |
System Requirements | p. 288 |
Software Requirements | p. 288 |
Installation Steps | p. 288 |
Installing under Windows NT 4.0 | p. 294 |
System Requirements | p. 294 |
Software Requirements | p. 294 |
Installation Steps | p. 295 |
Installing under Mac OS | p. 296 |
System Requirements | p. 297 |
Software Requirements | p. 297 |
Installation Steps | p. 297 |
Installing under Linux | p. 300 |
System Requirements | p. 300 |
Software Requirements | p. 300 |
Installation Steps | p. 300 |
Glossary of Terms and Abbreviations | p. 305 |
References | p. 321 |
Index | p. 323 |