Title:
Building secure wireless networks with 802.11
Personal Author:
Publication Information:
Chichester, UK : John Wiley & Sons Inc., 2003
ISBN:
9780471237150
Added Author:
Available:*
Library | Item Barcode | Call Number | Material Type | Item Category 1 | Status |
|---|---|---|---|---|---|
Searching... | 30000010023779 | TK5105.78 K52 2003 | Open Access Book | Book | Searching... |
On Order
Summary
Summary
Provides a step-by-step approach for planning and implementing a wireless LAN based on 802.11 Wireless Fidelity (Wi-Fi) technology Authors are Wi-Fi security experts who are able to address the firestorm of concerns about security for 802.11b networks Offers a clear perspective of interoperability with related wireless standards like 802.11a, HomeRF, and Bluetooth Explains how to achieve the same performance as a wired Ethernet connection and deliver flexibility and high speed
Author Notes
Jahanzeb Khan is Principal Engineer with RSA Security, Inc.
Anis Khwaja works in the IT department of a leading financial services firm
Table of Contents
| Acknowledgments | p. xiii |
| About the Authors | p. xv |
| Introduction | p. xvii |
| Part 1 Introduction to Wireless Local Area Networks (LANs) | p. 1 |
| Chapter 1 Networking Basics | p. 3 |
| Development of Computer Networks: An Overview | p. 4 |
| Network Types | p. 8 |
| Peer-to-Peer Networks | p. 8 |
| Local Area Networks (LANs) | p. 9 |
| Wide Area Networks (WANs) | p. 9 |
| Personal Area Networks (PANs) | p. 11 |
| The Internet | p. 11 |
| Virtual Private Networks (VPNs) | p. 12 |
| Network Topologies | p. 13 |
| Three Commonly Used Topologies | p. 13 |
| Choosing the Right Topology | p. 15 |
| Network Hardware and Software | p. 17 |
| Networking Components | p. 17 |
| Networking Software | p. 28 |
| Networking Protocol: TCP/IP | p. 28 |
| Putting It All Together | p. 32 |
| Summary | p. 33 |
| Chapter 2 Wireless LANs | p. 35 |
| Evolution of Wireless LANs: An Overview | p. 36 |
| A Basic Wireless LAN | p. 37 |
| Basic Architecture of a Wireless LAN | p. 39 |
| Wireless LAN Adapters | p. 40 |
| Access Points (APs) | p. 47 |
| Wireless LAN Configurations | p. 49 |
| Ad-Hoc Mode | p. 49 |
| Infrastructure Mode | p. 49 |
| Distribution Service Systems (DSSs) | p. 50 |
| Existing Wireless LAN Standards | p. 51 |
| IEEE 802.11 | p. 52 |
| IEEE 802.11b | p. 52 |
| IEEE 802.11a | p. 52 |
| HomeRF | p. 52 |
| Bluetooth | p. 53 |
| Are Wireless LANs Risks to Health? | p. 53 |
| Security Risks | p. 53 |
| Summary | p. 54 |
| Chapter 3 The Institute of Electrical and Electronics Engineers (IEEE) 802.11 Standards | p. 55 |
| History of IEEE | p. 56 |
| IEEE 802 Wireless Standards | p. 56 |
| The 802.11 Working Group | p. 57 |
| The 802.15 Working Group | p. 57 |
| The 802.16 Working Group | p. 58 |
| The 802.11 Family of Standards | p. 58 |
| The 802.11 Standard Details | p. 59 |
| 802.11 Security | p. 61 |
| Operating Modes | p. 62 |
| Roaming | p. 63 |
| The 802.11 Extensions | p. 64 |
| 802.11b | p. 64 |
| 802.11a | p. 66 |
| 802.11g | p. 68 |
| 802.11 Shortcomings | p. 69 |
| Wireless Standards Comparison | p. 69 |
| Summary | p. 70 |
| Chapter 4 Is Wireless LAN Right for You? | p. 71 |
| Benefits of Wireless LANs | p. 72 |
| Deployment Scenarios | p. 73 |
| Small Office Home Office (SoHo) | p. 73 |
| Enterprise | p. 74 |
| Wireless Internet Service Providers (WISPs) | p. 75 |
| Costs Associated with Wireless LANs | p. 78 |
| SoHo | p. 79 |
| Enterprise | p. 79 |
| WISPs | p. 79 |
| Deployment Issues | p. 79 |
| SoHo | p. 80 |
| Enterprise | p. 80 |
| WISPs | p. 80 |
| Security | p. 81 |
| Health Concerns | p. 81 |
| Summary | p. 81 |
| Part 2 Secure Wireless LANs | p. 83 |
| Chapter 5 Network Security | p. 85 |
| Network Operational Security | p. 86 |
| Physical Security | p. 87 |
| Common Network Attacks on Operational Security | p. 94 |
| External Network Attacks | p. 94 |
| Internal Network Attacks | p. 101 |
| Network Data Security | p. 103 |
| Resident-Data or File Security | p. 104 |
| Protecting Data Using Cryptographic Primitives | p. 104 |
| Network Data Transmission and Link Security | p. 106 |
| Securing Network Transmission | p. 108 |
| Summary | p. 116 |
| Chapter 6 Securing the IEEE 802.11 Wireless LANs | p. 117 |
| Wireless LAN Security Requirements | p. 118 |
| Wireless LAN Operational Security Requirements | p. 119 |
| Wireless LAN Data Security | p. 122 |
| The Institute of Electrical and Electronics Engineers (IEEE) 802.11 Standard Security | p. 123 |
| Service Set Identifiers (SSID) | p. 123 |
| Wired Equivalent Privacy (WEP) Protocol | p. 123 |
| IEEE 802.11 WEP Protocol Weaknesses and Shortcomings | p. 129 |
| The Future of 802.11 Standard Security | p. 131 |
| Common Security Oversights | p. 131 |
| Using Default or Out-of-the-Box Security | p. 131 |
| Using Fixed Shared Keys | p. 132 |
| Using Far-Too-Strong Radio Signals | p. 132 |
| Extending Wireless LAN Security | p. 132 |
| The 802.1X Authentication Protocol | p. 132 |
| Virtual Private Networks (VPNs) | p. 136 |
| Securing Wireless LAN | p. 137 |
| User Authentication | p. 138 |
| Data Confidentiality and Privacy | p. 138 |
| Wireless LAN Passwords and Usage Policies | p. 139 |
| Frequent Network Traffic and Usage Analysis | p. 139 |
| Summary | p. 139 |
| Part 3 Building Secure Wireless LANs | p. 141 |
| Chapter 7 Planning Wireless LANs | p. 143 |
| Step 1 Understanding Your Wireless LAN Needs | p. 144 |
| Step 2 Planning the Scope of Rollout | p. 147 |
| Step 3 Performing Site Survey | p. 147 |
| Considering the Geographic Coverage Area | p. 147 |
| Per-Site Security Requirements | p. 148 |
| Profiling Wireless LAN Users and Devices | p. 148 |
| Step 4 Setting Up Requirements and Expectations | p. 149 |
| Network Bandwidth and Speed | p. 150 |
| Coverage Area and Range of Wireless LANs | p. 150 |
| Security | p. 150 |
| Step 5 Estimating the Required Wireless LAN Hardware and Software | p. 150 |
| Basic Wireless LAN Hardware | p. 151 |
| Software | p. 154 |
| Conventional Hardware Requirements for Various Deployment Scenarios | p. 155 |
| Step 6 Evaluating the Feasibility of Wireless LANs and the Return on Investment (ROI) | p. 157 |
| Step 7 Communicating the Final Plan with Higher Executives and Potential Users | p. 158 |
| An Example of Wireless LAN Planning: Bonanza Corporation | p. 158 |
| Step 1 Bonanza Wireless LAN Needs | p. 159 |
| Step 2 Planning the Rollout | p. 160 |
| Step 3 Site Survey | p. 161 |
| Step 4 Setting Up Requirements and Expectations | p. 162 |
| Step 5 Estimating the Required LAN Hardware and Software | p. 163 |
| Step 6 Evaluating the Feasibility of Wireless LANs and Estimating Return on Investment (ROI) | p. 164 |
| Step 7 Communicating the Wireless LAN Deployment Plan with Executives | p. 165 |
| Summary | p. 165 |
| Chapter 8 Shopping for the Right Equipment | p. 167 |
| Making Your Wireless LAN Equipment Shopping List | p. 168 |
| Explore the LAN TechnologiesAvailable in the Market | p. 169 |
| Wireless LAN Technologies | p. 169 |
| Wired LAN Ethernet Equipment Technologies | p. 169 |
| Virtual Private Network (VPN) Gateways and Clients | p. 170 |
| Remote Authentication Dial-in User Service (RADIUS) Server | p. 170 |
| Wireless LAN Supporting Operating Systems | p. 171 |
| Major 802.11 Equipment Vendors and their Products | p. 172 |
| Cisco Systems | p. 172 |
| Agere Systems/ORiNOCO | p. 174 |
| Linksys | p. 176 |
| NetGear | p. 178 |
| Xircom/Intel Corporation | p. 180 |
| Decide Your Shopping Parameters | p. 183 |
| Shopping for LAN Equipment | p. 184 |
| Shopping on the Internet | p. 184 |
| Shopping Using Mail-Order Catalogs | p. 185 |
| Shopping at a Local Computer Hardware or Office Supply Store | p. 186 |
| Shopping Tips | p. 186 |
| Summary | p. 187 |
| Chapter 9 Equipment Provisioning and LAN Setup | p. 189 |
| Before We Start | p. 190 |
| Identifying the Wireless LAN Components | p. 190 |
| Wireless LAN Adapters | p. 191 |
| Wireless LAN Access Points (APs) | p. 193 |
| Wireless LAN Antennas | p. 193 |
| Networking Support Servers | p. 194 |
| Setting Up a Wireless LAN for the 802.11 Infrastructure Mode | p. 195 |
| Setting Up a Wireless LAN Access Point | p. 195 |
| Setting Up Wireless LAN Adapters | p. 202 |
| Finishing the Access Point Configuration | p. 210 |
| Testing Your Standalone Wireless LAN | p. 215 |
| Adding More Computers to Your Standalone Wireless LAN | p. 216 |
| Connecting a Wireless LAN to the Internet | p. 216 |
| Using Multiple AP Configurations | p. 218 |
| Overlapping AP Configuration | p. 218 |
| Non-Overlapping AP Configuration | p. 220 |
| Setting Up Wireless LAN for the 802.11 Ad-Hoc Mode | p. 222 |
| Summary | p. 223 |
| Chapter 10 Advanced 802.11 Wireless LANs | p. 225 |
| High Security and Authentication--Enabled 802.11 Wireless LANs | p. 225 |
| The 802.1X Standard | p. 226 |
| Virtual Private Network for Wireless LANs | p. 227 |
| Building a Secure Wireless LAN with 802.1X and VPN Technology | p. 231 |
| Point-to-Point Wireless Connectivity between Two Sites | p. 244 |
| Point-to-Point Wireless Connectivity Requirements | p. 245 |
| Network Configuration | p. 245 |
| Setting Up ORiNOCO Point-to-Point Radio Backbone Kit | p. 246 |
| Securing the Point-to-Point Wireless Connectivity Using VPN | p. 249 |
| Secure Remote Access from a Wireless LAN over the Internet Using VPNs | p. 249 |
| Summary | p. 250 |
| Part 4 Troubleshooting and Keeping Your Wireless LAN Secure | p. 251 |
| Chapter 11 Troubleshooting Wireless LANs | p. 253 |
| Common Problems | p. 253 |
| Hardware Problems | p. 254 |
| Software Problems | p. 256 |
| Handling Bandwidth Congestion Due to Competing Devices | p. 258 |
| Upgrading Wireless LANs | p. 259 |
| Optimizing and Managing the Network Load through Monitoring Wireless LAN Quality | p. 260 |
| Summary | p. 260 |
| Chapter 12 Keeping Your Wireless LAN Secure | p. 261 |
| Establishing Security Policy | p. 262 |
| Understanding Your Security Policy Requirements | p. 262 |
| Creating Security Policy | p. 265 |
| Communicating Security Policy | p. 271 |
| Security Policy Compliance | p. 271 |
| Intrusion Detection and Containment | p. 272 |
| Wireless LAN AP Monitoring Software | p. 272 |
| Intrusion Detection Software | p. 272 |
| Antivirus Software | p. 272 |
| Firewall and Router Logs | p. 273 |
| Network Login and Activity Logs | p. 273 |
| Getting Ready for Future Security Challenges | p. 273 |
| Summary | p. 273 |
| Appendix A Wireless LAN Case Studies | p. 275 |
| Home-Based Wireless LANs: The Khwaja Family Residence | p. 276 |
| Background | p. 276 |
| The Problem | p. 276 |
| The Solution | p. 277 |
| Results | p. 278 |
| Future | p. 278 |
| A Small Corporation Wireless LAN: The Morristown Financial Group | p. 278 |
| Background | p. 278 |
| The Problem | p. 279 |
| The Solution | p. 279 |
| The Results | p. 279 |
| The Future | p. 280 |
| Campus-Wide Wireless LAN: Carnegie Mellon University | p. 280 |
| Background | p. 280 |
| The Problem | p. 281 |
| The Solution | p. 281 |
| The Results | p. 283 |
| Wireless Internet Service Providers: M-33 Access | p. 283 |
| Background | p. 283 |
| The Problem | p. 283 |
| The Solution | p. 284 |
| The Result | p. 286 |
| The Future | p. 286 |
| Appendix B Installing ORiNOCO PC Card Under Various Operating Systems | p. 287 |
| Installing under Windows 98, Windows ME, and Windows 2000 | p. 287 |
| System Requirements | p. 288 |
| Software Requirements | p. 288 |
| Installation Steps | p. 288 |
| Installing under Windows NT 4.0 | p. 294 |
| System Requirements | p. 294 |
| Software Requirements | p. 294 |
| Installation Steps | p. 295 |
| Installing under Mac OS | p. 296 |
| System Requirements | p. 297 |
| Software Requirements | p. 297 |
| Installation Steps | p. 297 |
| Installing under Linux | p. 300 |
| System Requirements | p. 300 |
| Software Requirements | p. 300 |
| Installation Steps | p. 300 |
| Glossary of Terms and Abbreviations | p. 305 |
| References | p. 321 |
| Index | p. 323 |
