Wireless, Virtual, Cloud, & Mobile Networking–Advanced IP Networking–NETWORKING, SECURITY, & MORE ESSENTIALS—CompTIA Network+ (N10-007) NETWORK-PLUS Certification Prep Course Notes

Wireless, Virtual, Cloud, & Mobile Networking

Wireless Networking

(Note:Ad-hoc networks are Wi-Fi networks comprised only of peer computers.)

• Intro To 802.11–uses radio waves to transmit info between nodes.
  • A WAP (Wireless Access Point) is a bridging device that connects into an Ethernet network & communicates via radio waves to wireless clients.
  • A WAP has a SSID (Service Set Identifier), a word or phrase used to connect wireless devices to the WAP device.
  • CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance) is the method used to prevent wireless collisions.
  • Almost all devices & gadgets today have wireless NICs built-in to them!

• 802.11 Standards
  • Early wireless standards were 802.11b (2.4-GHz) and 802.11a (5.0 GHz).
  • First widely used standard was 802.11g (2.4 GHz).
  • Current fastest standards are 802.11n and 802.11ac.
  • 802.11 is the standard & the letters are extensions, technically.
    • 802.11b–“the granddaddy” of them all 11 Mbps on 2.4 GHz band DSSS.
    • 802.11a–same times as 802.11b, but on 5.0 GHz range at 54 Mbps (OFDM).
    • 802.11g–“changed the game”; that ubiquitous Linksys blue router.
      • 2.4 GHz band at 54 Mbps OFDM (backwards compatible with 802.11b)
    • 802.11n–runs at both 2.4/5.0 GHz band range from 108-300 Mbps OFDM
      • introduced the idea of “channels” & MIMO (“meemo”)
      • Greenfield mode = all ‘n’ devices on network.
    • 802.11ac

• Power over Ethernet (PoE)
  • A PoE WAP needs to use a PoE switch or a PoE injector but does not need a directly connected 110 plug.
  • PoE used 802.3af originally, but has been replaced with PoE+ (plus) using the 802.3at standard that supports the newer WAPs supporting up to 30 watts.
    • PoE 802.3af, 15.4 watts maximum (original standard).
    • PoE+ 802.3at, 30 watts maximum.

• Antennas (if you’re dealing with radios, then you are dealing with antennas!)
  • Different types of antennas have different radiation patterns, & can be placed to provide a radiation pattern to meet wireless requirements.
  • Patch antennas are regularly used on exterior walls (Patch antennas are like half a sphere!)
  • Antenna placement and the “gain” should be considered when selecting antenna types, locations, and security boundaries.
  • The 802.11 standard is radio-waves.
  • Omni antennas don’t really exist in the 802.11 world!
  • Dipole antennas are very common in the world of 802.11 (like a flattened bagel or donut!)
  • Patch antennas are common in enterprise environments (like half a sphere!)
  • Directional/Yagi antennas–extremely directional (like a football!)
  • Directional/Parabolic–tend to be even stronger than Yagi.
  • SMA (Sub Miniature version A) connector
  • ‘Gain’ measured in dBi (decibels)

• Wireless Security Standards
  • The 802.11 standards are used for both SOHO & Enterprise routers.
  • 802.11i was slow to release, so WPA (Wi-Fi Protected Access) was created using TKIP encryption. (Temporal Key Integrity Protocol).
  • WPA2 (Wi-Fi Protected Access II) uses CCMP-AES as the encryption protocol and is more secure.
  • WPA3 (Wi-Fi Protected Access 3).
  • WPA, WPA2, and WPA3 are the three security and security certification programs developed by the Wi-Fi Alliance to secure wireless computer networks.
    • The Alliance defined these due to the poor protection of the previous WEP system.
  • Original 802.11 used passphrase for authentication.
  • Open/shared systems vs. Closed system
  • WEP (Wired Equivalent Privacy) authentication (WEP has 64-bit key & 128-bit key, which is really 40-bit & 104-bit, respectively.)
  • WEP encryption RC4 protocol issues.
  • WPA –> TKIP is for WPA.
  • WPA2 –> CCMP/AES is for WPA2.
  • WPA2 Enterprise uses a “Radius server”!
  • *WEP is easily crackable & should NOT be used!
  • WPA uses TKIP. TKIP makes WPA more robust than WEP, but even WPA is still fairly crackable.
  • WPA2 is the current standard today, but even WPA2 is crackable if the passwords are short.
    • If you’re using WPA2-PSK (Personal Shared Key) use long passwords, or better yet, passphrases!

• Implementing Wireless Security
  • (Note: Enabling backward compatibility allows hosts with less secure encryption and/or slower connection speeds to connect to the WAP.)
  • Disable SSID broadcast
  • Use MAC filtering
  • Limit the number of DHCP-issued addresses.
  • MAC ACL–Access Control List based on MAC addresses
  • Advanced WAPs can incorporate cool things like:
    • Multiple SSIDs (one permanent SSID that allow only certain people in and a visitor SSID that is more robust in what it allows; i.e.–MAC filtering).
  • DHCP issue limiting
  • *Note: Always change default user name & password!
  • Remote Management
  • *Client isolation–everyone can connect to one SSID but then can’t see each other.
    • important, especially on a public wireless network.

• Threats To Your Wireless Network
  • Rogue access point can be accidental, but evil twins are intentional.
  • Illegal 802.11 jammers can knock everyone off a network.
  • Rogue access points and evil twins can cause a lot of headaches!
  • Rogue A.P.–Rogue access point is an unauthorized access point.
  • 802.11 jammers are illegal in the U.S.!
  • De-authentication attack

• Retro Threats
  • “War driving” is the act of driving around & mapping the location and state of wireless access points.
  • War chalking is drawing a symbol on the sidewalk indicating the current state of a present WAP.

• Wi-Fi Protected Setup (WPS)
  • WPS enables one-button setup of wireless devices.
  • All modern wireless devices are WPS-enabled.
  • WPS can be a security threat. It can be easy to hack.

• Enterprise Wireless
  • Enterprise wireless systems have multiple WAPs that can all have the same wireless controller for configuration setup.
  • The wireless controller can monitor traffic, set up various zones, or access areas, and define services’ access to specific WAP destinations.
  • The 802.11 standards are used both on SOHO routers and enterprise routers.
  • The “wireless controller” can be a switch or a piece of software that allows us to control all of our wireless devices simultaneously.
  • All of the WAPs in an enterprise are managed by a wireless controller with a single utility. All WAPs in an enterprise environment that have the same SSID work cooperatively.

• Installing a Wireless Network
  • Interference, reflections, & absorption are all environmental issues that can affect the wireless signal.
  • A Wi-Fi signal is different on various devices; match radiation patterns and 802.11 specifications to the signal requirement.
  • Pay attention to the bandwidths and use channels with the least amount of congestion.
  • Issues that affect the wireless signal:
    • Interference, reflections, absorption (for example, concrete walls will just “eat up” radio-waves), refraction (bends the radio-wave signal to work for our benefit, like forming/shaping glass, for example.)
  • Attenuation–weakening of the signal over a long distance. (Distance limitation).
  • Signal-to-Noise ratio–a relative gauge of strength; important measurement used more than anything else.
  • Wireless range extender–self-standing device that acts as a wireless repeater. (These can be difficult to use & not reliable.)
  • Mesh networks–kind of acts like an extender should behave.

• Wireless Scenarios
  • Interference can disrupt or slow wireless connections.
  • Sources of interference can include other WAPs, wireless mice & keyboards and even microwaves.
  • Remove sources of interference or change the WAP’s frequency to avoid interference.
  • Use Windows utilities to check wireless speeds.
  • Don’t use the wrong WAP password. (If you see a 169.254 address, thats an IPIPA address!)
  • Getting an IPIPA address can be a big clue to a bad password.
  • Changes made to WAP settings will no longer match client profiles. (So try deleting the current profile and resigning in!)

• More Wireless Scenarios
  • Adding or updating access points with more robust 802.11 standard devices should be considered for slow wireless networks.
  • Be aware of gain loss due to length of cable and keep cables short when possible.
  • Antenna placement is a bit of an art; test and retest to ensure expected coverage.
  • Slow Wireless Networks:
    • Over capacity? (Not enough WAPs? Poor placement of WAPs?)
    • Jitter (increase capacity to fix jitter)
  • Antenna Problems:
    • Incorrect antenna type–(can be prevented with proper organization in the beginning set-up process!)