2.6 Recognize and understand the administration of the following wireless technologies and concepts
o WTLS (Wireless Transport Layer Security)
o 802.11 and 802.11x
o WEP / WAP (Wired Equivalent Privacy / Wireless Application Protocol)
o Vulnerabilities
o Site Surveys
WTLS
WTLS stands for the wireless transport layer security. It is based on TLS and meant to increase security in the wireless application protocol, or WAP. However, unlike TLS, it supports low-bandwidth, memory, and CPU abilities for mobile devices. It is used for authentication and encrypts data.
802.11
Originally, the 802.11 standard was for wireless networks at 2.4 GHz. at the physical layer (layer 1). It is similar to 802.3 for wired networks. There are now various substandards such as 802.11b, 802.11a, 802.11g, and 802.11n (in progress). It defines two types of networks:
Ad-hoc - a group of clients all connected to one central device
Infrastructure - various access points and it bridges wired and wireless networks. This offers more scalability, easier and better management, and improved security.
802.11b
802.11b was the first of the lettered standards and operates at 2.4 GHz. at speeds up to 11 Mbps (megabits per second).
802.11a
802.11a was developed after 802.11b, unlike the name suggests. 802.11a operates at 5 GHz and offers speeds up to 54 Mbps.
802.11g
802.11g was designed to increase data transfer rates in the 2.4 GHz range and be backward-compatible with 802.11b.
WEP
WEP stands for the Wireless Equivalent Privacy. This was the first attempt at securing wireless networks secure and was intended to give wireless communications essentially the same privacy offered by wired communications, but not meant to be completely secure. Wireless communications in the radio frequency can travel through objects, and can easily be intercepted. It uses cryptography for privacy, which allows it to authenticate users. It can use up to four keys that can be rotated for added security. Common levels of encryption include 40 and 128 bits. It is extremely easy to set up, so it, or preferrably something more secure, should always be implemented when using 802.11 wireless communications. Weaknesses include managing the keys (cracking one exposes the whole network) and RC4 encryption was cracked in less than 15 minutes. Limiting the time the keys exist can help reduce the weaknesses. But, using 802.1x or WPA is much better.
WAP
WAP stands for Wireless Application Protocol. It is a suite of protocols supposed to allow users to use mobile devices to access information and thus is developed to use few resources. WAP browsers are present in many mobile devices, including many cell phones. WML (wireless markup language) was developed to use low bandwidth. Users "dial-into" a carrier, such as AT&T, then the WAP gateway translates between the device and the Internet, and delivers the content in nearly a text-only form.
Vulnerabilities
RF communications are vulnerable to eavesdropping/sniffing as well as denial of service. Encryption can help render eavesdropping useless and make sure that microwaves and other similar devices are not between your computer and the wireless router or you might get an unintentional DOS.
This page was last modified on 07/28/07 02:09 PM