block, we're gonna talk about wireless networking.
It's Marlon. Wireless networking has become extremely common. It's what else now more commonplace in homes and a kind of wired network. We have mobile phones with
wireless access on them. We have tablets with WiFi on. They don't even have any other way to get on the network now.
very common, but it also comes with a number of security issues.
Uh, it's easily ah, accessed with a,
ah, typical network cable. You have to actually go plug in. Or you could have it
locked, offered, blocked off or turned off. Um, it's easy access with WiFi,
but wife eyes a lot cheaper because just broadcast over an area
could be used anywhere.
So the wireless access point the first part. So this is where
that this the source of our WiFi signal word
connecting to sew it converts is wired signal. At some point, the Internet has come in on a wire and goes into the wireless access point, and that's where it gets turned into wireless signals.
And this is also same device that you connect to with your wireless device.
Now there's two. There's various different kinds off
now. Wireless access points. We have single and put single output in multiple input in multiple out foot.
The single input sing awful is one antenna, one frequency
with the memo or multiple input. Multiple output will have multiple antennas.
Um, sometimes multiple frequencies. Sometimes they're same frequency. The idea with multiple antennas is
you have three sources that you can connect to. So you have a better chance because if you have a lot of things blocking wife, I've seen Oken get bounced off walls and through doorways and scattered. So if you have three antennas, you have a better chance or Maur.
The more intense you have, the better chance you have of getting a signal
so you could be receiving your connection on one antenna
and sending your data back on another antenna.
But then we have different WiFi stairs. That offer also operate different frequencies, so we can all set the intense tha
operate different frequencies.
Most access points also function as a bridge switch and router
because the Internet has won I P address and you're now rallying traffic to your network, which is probably have a different range of I P addresses. There could be internal life. He addresses
private I p addresses
and you'd have more than one poor on it. So it's a switch.
Some good security measures When configuring your WiFi access point is tiu change the full s i d.
Now make it easier. That'll make it harder for
malicious user toe identify. So it's called lynxes. They gonna know you have a lynx. This rider,
you can enable mac filtering so that people only I p only device that you know of are allowed to connect your WiFi access point.
There could be a bit cumbersome if you have a lot of devices, but you can configure it to say, OK, only
I look at the Mac address for my phone and I look at the macro, just fall like computers, and they're the only ones that allowed the keg to WiFi access point. Anyone else trying connect even if they have the right username and password are gonna be our connect because they don't have the Mac address,
make sure you enable some kind of encryption,
preferably W p A. To that's the strongest one right now.
Really paranoid. Can limit the power output reduced range so that it's not detectable outside of your house
or connected connected ble.
That seems to be less and less a problem. You end up more people turning up the output as yet more WiFi signals competing if you live in a convinced they're here.
So we just talked about the access point. But then we also have the client, which is the host that connects to the access point, usually a laptop or mobile phone.
There are four kinds of common wireless networks. These were kind of topography is for wireless networks. We have an ad hoc where we don't have an access point,
I have a laptop with WiFi and I have another laptop with WiFi. I could make them talk to each other
over wireless without going through an access point.
It's not as reliable as a nexus point, and usually not as fast.
You can only do it with two devices, so it's a direct connection, 1 to 1
that's called ad hoc
extension to a wired network. That's the more typical infrastructure
format, so you already have an existing network with a bunch of wire computers.
existing, uh, you wanna add WiFi devices to the existing network
through a while? Saxes point.
So the wireless tax point we're just plug into a switch with the rest of your network
Third one's multiple access points. So we want to spread out our networking further so we could have
one network that has multiple access points in various buildings.
They're all still come back to the same network
to cover a wider area,
then use it almost is like a bridge to connect to wire network. So we could have a wired network with WiFi with the wireless X point that talks to another wireless access point, another building and then connects back to
so you could connect to wife, too. Wired networks independent wired networks together through
to wireless access points. Talking to each other
would be his faster cable, but it's a lot cheaper and easier.
Then running a cable, you can buy higher output
wireless access points that are designed for uni directional
transmission received. So instead of your typical antenna which just sits up in listens in a radius, you could have directional antennas that you appointed each other.
That would be something you'd use for this kind of set up.
Or even if it's just a short term set up, you just need to connect two buildings together. Short term. This would be a solution. Land a land.
So the first kind of encryption that was available for WiFi networks was called weapon Wired. Equivalent privacy
Very insecure, easily cracked.
Use pre share keys to encrypt the packets with either forty eight hundred four bits, depending on the pre keys appreciated key set up,
and that sent the initial value.
The initial 24 bits of that appreciated keys were sent in plain text,
so we already have 24 bits. So if we had the time in the space,
you could easily crack the Web code and gain access
based off. Those 1st 24 bits
could reconstruct the rest of the key.
So what weapon is very insecure? It's you.
It's not recommended. If all you can do what it's not recommended that you use the WiFi and less static that you're absolutely don't care if anyone can see
there's many of theirs, many free where programs out there right now that will do wept encryption to make it really easy.
some kid in their bedroom would probably be able to crack your wife after using weapons.
Then came W. P. A. WiFi protected access.
Not part of the attitude 11 standard, which is the standard for wireless, was compatible and tried to resolve Some wept shortcomings.
the initial value sent was 24 bit before. Now it's 48 bits.
User was called temporal keys for encryption is have appreciated key,
but did address sending the s s i n g and the clear the S i D is the broadcast name for the network. So you know what network is named?
It was very vulnerable to deal after denial of service attacks
through ah, injected packets.
It could also be it was the pre sharqi could be,
uh, cracked using dictionary attacks.
If appreciated. Key was 14 characters or less, though,
so we talked about I mentioned temporal keys briefly.
It's part of T kip, uh, temporal key into integrity protocol.
Where are secret key is, uh, created doing the authentication. So it wasn't completely pre shared.
They guarantee that each packet was sent with unique encryption Key
the UK to WiFi particular access. Version two is the current standard.
It's the most secure of the three because it uses 256 bits. A s encryption, which is government grade,
has two standards. Enterprise and personal. So personally, still use appreciate a key, but it's all encrypted, and the longer they appreciate her key, the better the encryption and the better protected. You are
so on your WiFi device. You set up a
along 16 character, random numbers and letters.
Then you put in that same
Ah Siri's of numbers and letters on the client,
when you authenticate
with ah so den you that initial value pre shared key That was the weakness in W. P. A and
That was passing. They're clear.
Ah, some personal motor. You just had that pre shared key. So enterprise mode.
You could connect to what was named what's called a radius server,
which was used back, which was originally created for authenticating dollop users on remote ums. But you could have user name and password required for your log in to your WiFi access,
and that was used name password be tied back to
would be connected to a central user identity server or could be tied back to your actor directory so you could have used your username and password from your active directory your Windows environment to gain WiFi access.
That was enterprise mode,
probably enterprise. Most A lot of clients don't support enterprise mode most desktop world, but there's a lot of different WiFi chipsets and drivers out there, and some of them won't support enterprise.
But most home users, that wouldn't be an issue.
So I mentioned briefly that the attitude 11 is the IEEE standard for wireless.
And it's one of the few IEEE standards. A lot of people, actually, no. Because when we talk about the different versions of WiFi out there, we actually refer to it as 8 to 11 a, b, G or N.
home users go shop for
Internet route or for WiFi routers, they're actually a little familiar with this could say, Oh, I know I want one that's capable of doing end or I know I want to be at least capable of doing G. So what do those letters mean? Well, so those letters were, uh, the addition to the standard to find the different frequencies and faster speech for the WiFi protocol
so they don't go in order of how they were developed, though unfortunately,
so be was the 1st 1 out, operates on 2.4 gigahertz
and was capable of 5.5 and 11 megabytes per second. So kind of slow. With first time out there, it was called B
2.4. With capable of a pretty decent distance, we still use 2.4 quite a bit in the end protocol. But then we also have, uh,
g that came out which operate at the same 2.4
was backwards compatible with B, But what they would do 54 megabits instead of the 11.
Now, I say could do 54 megabits as theoretical. That was probably if you're sitting right next to the router, you would get 54 megabits or wireless access point.
And sometimes I have a net. That's a theoretical max. But
real performance was it still was faster than be
on backwards compatible, so most devices would be G and backward compatible Would be
s. So then they also came out with a, which worked over five gigahertz
and go 6 to 54 megabytes per second.
What was nice about a was
it provided a stronger signal when you're at a shorter range. But five gigahertz doesn't travel as far as 2.4.
So five gigahertz was nice inside a house. But if you're using outside the House of Prime, where I'm gonna get it, the other thing that was nice about, though was since five gigahertz doesn't travel a sw far, there's less chance of interference with other WiFi networks.
So it's kind of a two fold one, because five gigahertz doesn't transmit as far as a 2.4, so you won't get the interference. The other part was of security. No one else was running five gigahertz a lot. People weren't running a So if you're on the A,
you had less chance. Even if there was someone ready, a tow have interference.
But the biggest weakness there was, it didn't travels far. Still, not very prolific as a setting on what as a capability on WiFi cards, most men will do B G, an end, which I'll just I'll mention
a was short lived. You don't see many that many wireless nix that support, eh?
on then. So the latest that we're using right now is, you know, to 11 n
It could work at 2.4 or five gigahertz,
with rates up to 600 megabytes per second.
The way it reaches these higher speeds is with the multiple antennas, the multiple in multiple out concept
so you can transmit and receive on different antennas.
So a greater chance of receiving
and sending us a signal
or you could send receive on multiple antennas at once to gain 600 megabytes,
depending on how many, depending on interference, traffic and how many other uses you had,
just like the 54 megabytes 600 was his theoretical Max
isn't actually a WiFi standard. It's new Crimson standard for a B G. N N
defines how to do authentication for those networks.
So a lag behind ah no to 11 to manufacturing difficulties.
I kind of got lost in the wave of low cost a toe to toe 11 be devices,
I said five gigahertz
megabytes per second
downgrades and increments of 48 36 24 18 12 9
ranges about 50 feet indoors, 100 feet outdoors.
Higher frequencies more easily absorbed by objects so it doesn't have the same kind of penetration that the 2.4
so at the higher data rates of V but not interoperable with because a different frequency.
But you don't have the interference with out of the 2.4 space.
He was, in fact, a standard when it first came out.
Low cost of cards and access points worked over 2.4,
realistically, six megabytes per second.
If your outdoor at three feet, you get about a meg per second
endorse. Your range is about 150 feet.
Now this this next, these next pros and cons really apply to be G and n
where the band worth of shared between all users on the access point
uh, 2.4 is a public on unlicensed spectrum, so you could turn on the using ace. Um,
a while is telephone narrow. You could
interfere. The WiFi. The microwave could interfere
with the wife. I, um,
and then other users could interfere with your wife. I Other network, especially if you're an apartment building
G. Realistically, 24.7 megabits per second
also supported backward compatibility to be same kind of range because we're looking at the same 2.5 Giga Hertz frequency and still usually a single antenna. So we had 100 50 feet end or 300 feet outdoors.
Now be went. Upgrade to G has G was only backwards compatible to be
on is compatible with B and G
on a client's because it could do five gigahertz
uses the memo concept the multiple multiple out with several antenna transmit receive because the multiple antennas we can reach about turning three feet indoors
and for 50 feet outdoors.
Now that really all depends on the kind of wall. Also, you know that you have around your house and how many walls you have inside your house.
realistically, about 150 megabits, not 600 But realistically, 150 is still quite a bit over
the 24.7 realistically of the G.
some things to consider it with WiFi or wireless networks
is ah band with Leighton. See, that comes from variety of issues
such as walls the strength, the signal
small, the same with less bandwidth. So
further away, the more walls you have. A slow roby
light and see is created by the constant need to add extra processing to the signal in order to compensate for interference. And stability
really depends on the hardware and software.
It all comes back down to. A stronger signal, gives you less light and see him or speed.
G, which is the most common and still most end, still operate 2.4 also.
And like I mentioned, a lot of other devices operate it that also
Cordless phones, work way ovens, garage door openers,
other wireless networks.
Most says Wireless access point. You can change the channel so most newer wireless access points will auto detect the other WiFi networks bill. There will be on connect to him, but those you can see you can do it for WiFi app on your phone.
You can see the the other available WiFi networks want. Channels are transmitting on so most wireless access points while I was setting for auto, and it will try to choose the channel that has the least number of competing access points.
If not, you could go and look at yourself.
There's free where software that will let you see all the outside wireless access points around you and what channels are broadcasting on. And then you can manually set your WiFi
access point to be at a different channel.
So then you don't have people transmitting and receiving on the same channel is you are.
That's one way to boost your signal and get a
get me of more reliable band with
smaller wireless technologies. They don't talk about 15. Bluetooth,
which allows for short range wireless communications, also operates on the public. Unlicensed 2.4 gigahertz range
only up to 2.1 megabytes per second. You're not going to use this for surfing the Web or really in for file transfers. It's more designed for peripherals such as a Bluetooth mouse or Bluetooth keyboard
or a wireless headset.
You know to 16 is why Max.
a broader version of WiFi designed for Man's or metropolitan area networks
operates at 2.32 point five and 3.5. You see, it's still kind of around that same 2.4 range
It's really designed to provide, Ah
that last mile that the Internet connection
to users that don't have any other way of getting Internet. They were not able to get DSLR cable
they can use. Why Max?
If the service is offered where they are, it's usually a central antenna placed on a wire water tower,
and then multiple users around there can
received there, innit? From that single single.