Wireless, Virtual, Cloud, & Mobile Networking–Advanced IP Networking–NETWORKING, SECURITY, & MORE ESSENTIALS—CompTIA Network+ (N10-007) NETWORK-PLUS Certification Prep Course Notes
Wireless, Virtual, Cloud, & Mobile Networking
Wireless Networking
(Note:Ad-hoc networks are Wi-Fi networks comprised only of peer computers.)
- Intro To 802.11–uses radio waves to transmit info between nodes.
- A WAP (Wireless Access Point) is a bridging device that connects into an Ethernet network & communicates via radio waves to wireless clients.
- A WAP has a SSID (Service Set Identifier), a word or phrase used to connect wireless devices to the WAP device.
- CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance) is the method used to prevent wireless collisions.
- Almost all devices & gadgets today have wireless NICs built-in to them!
- 802.11 Standards
- Early wireless standards were 802.11b (2.4-GHz) and 802.11a (5.0 GHz).
- First widely used standard was 802.11g (2.4 GHz).
- Current fastest standards are 802.11n and 802.11ac.
- 802.11 is the standard & the letters are extensions, technically.
- 802.11b–“the granddaddy” of them all 11 Mbps on 2.4 GHz band DSSS.
- 802.11a–same times as 802.11b, but on 5.0 GHz range at 54 Mbps (OFDM).
- 802.11g–“changed the game”; that ubiquitous Linksys blue router.
- 2.4 GHz band at 54 Mbps OFDM (backwards compatible with 802.11b)
- 802.11n–runs at both 2.4/5.0 GHz band range from 108-300 Mbps OFDM
- introduced the idea of “channels” & MIMO (“meemo”)
- Greenfield mode = all ‘n’ devices on network.
- 802.11ac
- Power over Ethernet (PoE)
- A PoE WAP needs to use a PoE switch or a PoE injector but does not need a directly connected 110 plug.
- PoE used 802.3af originally, but has been replaced with PoE+ (plus) using the 802.3at standard that supports the newer WAPs supporting up to 30 watts.
- PoE 802.3af, 15.4 watts maximum (original standard).
- PoE+ 802.3at, 30 watts maximum.
- Antennas (if you’re dealing with radios, then you are dealing with antennas!)
- Different types of antennas have different radiation patterns, & can be placed to provide a radiation pattern to meet wireless requirements.
- Patch antennas are regularly used on exterior walls (Patch antennas are like half a sphere!)
- Antenna placement and the “gain” should be considered when selecting antenna types, locations, and security boundaries.
- The 802.11 standard is radio-waves.
- Omni antennas don’t really exist in the 802.11 world!
- Dipole antennas are very common in the world of 802.11 (like a flattened bagel or donut!)
- Patch antennas are common in enterprise environments (like half a sphere!)
- Directional/Yagi antennas–extremely directional (like a football!)
- Directional/Parabolic–tend to be even stronger than Yagi.
- SMA (Sub Miniature version A) connector
- ‘Gain’ measured in dBi (decibels)
- Wireless Security Standards
- The 802.11 standards are used for both SOHO & Enterprise routers.
- 802.11i was slow to release, so WPA (Wi-Fi Protected Access) was created using TKIP encryption. (Temporal Key Integrity Protocol).
- WPA2 (Wi-Fi Protected Access II) uses CCMP-AES as the encryption protocol and is more secure.
- WPA3 (Wi-Fi Protected Access 3).
- WPA, WPA2, and WPA3 are the three security and security certification programs developed by the Wi-Fi Alliance to secure wireless computer networks.
- The Alliance defined these due to the poor protection of the previous WEP system.
- Original 802.11 used passphrase for authentication.
- Open/shared systems vs. Closed system
- WEP (Wired Equivalent Privacy) authentication (WEP has 64-bit key & 128-bit key, which is really 40-bit & 104-bit, respectively.)
- WEP encryption RC4 protocol issues.
- WPA –> TKIP is for WPA.
- WPA2 –> CCMP/AES is for WPA2.
- WPA2 Enterprise uses a “Radius server”!
- *WEP is easily crackable & should NOT be used!
- WPA uses TKIP. TKIP makes WPA more robust than WEP, but even WPA is still fairly crackable.
- WPA2 is the current standard today, but even WPA2 is crackable if the passwords are short.
- If you’re using WPA2-PSK (Personal Shared Key) use long passwords, or better yet, passphrases!
- Implementing Wireless Security
- (Note: Enabling backward compatibility allows hosts with less secure encryption and/or slower connection speeds to connect to the WAP.)
- Disable SSID broadcast
- Use MAC filtering
- Limit the number of DHCP-issued addresses.
- MAC ACL–Access Control List based on MAC addresses
- Advanced WAPs can incorporate cool things like:
- Multiple SSIDs (one permanent SSID that allow only certain people in and a visitor SSID that is more robust in what it allows; i.e.–MAC filtering).
- DHCP issue limiting
- *Note: Always change default user name & password!
- Remote Management
- *Client isolation–everyone can connect to one SSID but then can’t see each other.
- important, especially on a public wireless network.
- Threats To Your Wireless Network
- Rogue access point can be accidental, but evil twins are intentional.
- Illegal 802.11 jammers can knock everyone off a network.
- Rogue access points and evil twins can cause a lot of headaches!
- Rogue A.P.–Rogue access point is an unauthorized access point.
- 802.11 jammers are illegal in the U.S.!
- De-authentication attack
- Retro Threats
- “War driving” is the act of driving around & mapping the location and state of wireless access points.
- War chalking is drawing a symbol on the sidewalk indicating the current state of a present WAP.
- Wi-Fi Protected Setup (WPS)
- WPS enables one-button setup of wireless devices.
- All modern wireless devices are WPS-enabled.
- WPS can be a security threat. It can be easy to hack.
- Enterprise Wireless
- Enterprise wireless systems have multiple WAPs that can all have the same wireless controller for configuration setup.
- The wireless controller can monitor traffic, set up various zones, or access areas, and define services’ access to specific WAP destinations.
- The 802.11 standards are used both on SOHO routers and enterprise routers.
- The “wireless controller” can be a switch or a piece of software that allows us to control all of our wireless devices simultaneously.
- All of the WAPs in an enterprise are managed by a wireless controller with a single utility. All WAPs in an enterprise environment that have the same SSID work cooperatively.
- Installing a Wireless Network
- Interference, reflections, & absorption are all environmental issues that can affect the wireless signal.
- A Wi-Fi signal is different on various devices; match radiation patterns and 802.11 specifications to the signal requirement.
- Pay attention to the bandwidths and use channels with the least amount of congestion.
- Issues that affect the wireless signal:
- Interference, reflections, absorption (for example, concrete walls will just “eat up” radio-waves), refraction (bends the radio-wave signal to work for our benefit, like forming/shaping glass, for example.)
- Attenuation–weakening of the signal over a long distance. (Distance limitation).
- Signal-to-Noise ratio–a relative gauge of strength; important measurement used more than anything else.
- Wireless range extender–self-standing device that acts as a wireless repeater. (These can be difficult to use & not reliable.)
- Mesh networks–kind of acts like an extender should behave.
- Wireless Scenarios
- Interference can disrupt or slow wireless connections.
- Sources of interference can include other WAPs, wireless mice & keyboards and even microwaves.
- Remove sources of interference or change the WAP’s frequency to avoid interference.
- Use Windows utilities to check wireless speeds.
- Don’t use the wrong WAP password. (If you see a 169.254 address, thats an IPIPA address!)
- Getting an IPIPA address can be a big clue to a bad password.
- Changes made to WAP settings will no longer match client profiles. (So try deleting the current profile and resigning in!)
- More Wireless Scenarios
- Adding or updating access points with more robust 802.11 standard devices should be considered for slow wireless networks.
- Be aware of gain loss due to length of cable and keep cables short when possible.
- Antenna placement is a bit of an art; test and retest to ensure expected coverage.
- Slow Wireless Networks:
- Over capacity? (Not enough WAPs? Poor placement of WAPs?)
- Jitter (increase capacity to fix jitter)
- Antenna Problems:
- Incorrect antenna type–(can be prevented with proper organization in the beginning set-up process!)