Wireless Networking Flashcards
original 802.11 standard, which defined features like wireless network cards, special configuration software, capability to run multiple styles of networks, and how transmissions work; uses 2.4 GHz band, DSSS spectrum, 2 Mbps max speed, ~300 feet max range
802.11-1997
wireless network mode, also peer-to-peer mode, where each wireless device is directly connected/contacts each other
Ad hoc mode
unit of organization involving two or more wireless devices connected in ad hoc mode
Independent Basic Service Set (IBSS)
wireless network mode involving one or more WAPs connecting to wireless nodes centrally, similar to a physical star topology; preferred by businesses or networks that need to share resources
infrastructure mode
network created with wireless devices connected in infrastructure mode
wireless local area network (WLAN)
unit of organization involving one WAP servicing a given area
Basic Service Set (BSS)
unit of organization involving more than one WAP servicing a given area
Extended/Extended Basic Service Set (ESS/EBSS)
defines a BSS, usually either the MAC of a WAP or a 48-bit randomly generated string of numbers that goes into every frame
Basic Service Set Indentifier (BSSID)
standard name applied to a BSS or IBSS; 32-bit ID string inserted into the header of every frame; often also used for ESS
Service Set Identifier (SSID)
form of radio waves used for Wi-Fi communications; data is broadcast is small, discrete chunks over different frequencies availble within a range
spread-spectrum
spread-spectrum broadcasting method that sends data out on different frequencies at a time; uses more bandwidth - around 22 MHz
direct-sequence spread-spectrum (DSSS)
spread-spectrum broadcasting method that sends data out on one frequency at a time; uses less bandwidth - 1 MHz
frequency-hopping spread-spectrum (FHSS)
spread-spectrum broadcasting method that is better at dealing with interference and is used on all but the earliest 802.11 networks; the latest of the three methods
orthogonal frequency-division multiplexing (OFDM)
method used by wired networks for accessing network media without colliding with other frames; a listening devices measures whether the voltage level is higher than a given threshold before sending data; if a collision is detected, the node wait for a period of time before trying again
carrier sense multiple access with collision detection (CSMA/CD)
the waiting period a device must wait for before sending data if the voltage measured on a line is above a certain threshold; typically the length of the current frame plus a short, predefined silence period
interframe gap (IFG)
randomly generated timeout period following a detected collision before a sending nodes tries to send data again
backoff
method used by wireless network for accessing network media without colliding with other frames; steps are taken to avoid collisions
carrier sense multiple access with collision avoidance (CSMA/CA)
method for collision avoidance specifying rules for sending data on the media, such as defining a backoff period on top of an IFG and requiring that receiving nodes send out an ACK for every processed frame; ACK also tells nodes to wait a given period of time before accessing the media; data is retransmitted if no ACK is receiving until the packet reaches the destinations; only method that is implemented today
Distributed Coordination Function (DCF)
method for collision avoidance that is not implemented today
Point Coordination Function (PCF)
first widely-adopted Wi-Fi standard; uses the 2.4 GHz band, DSSS spectrum, 11 Mbps max speed, ~300 feet max range
802.11b
Wi-Fi standard that uses the 5.0 GHz band, OFDM spectrum, 54 Mbps max speed, ~150 feet max range; was not as popular as 802.11b
802.11a
mode that an 802.11g network was in if all devices connected were 802.11g; ran at speeds up to 54 Mbps
native mode
Wi-Fi standard using the 2.4 GHz band, OFDM spectrum, 54 Mbps max speed, ~300 feet max range, and backwards compatible with 802.11b
802.11g
feature of some 802.11g devices that is not part of the 802.11g standard; it enables devices to use two channels for transmissions to increase throughput
channel bonding
feature of 802.11n that enables devices to make multiple simultaneous connections called streams; required for all devices except mobile devices to use multiple antennas to implement it
multiple in/multiple out (MIMO)
multiple-antenna technology of some 802.11n WAPs that helps get rid of dead spots by adjusting the signal to a discovered client
transmit beamforming
mode for 802.11n WAPs where the WAP sends out separate packets just for legacy devices
legacy mode
mode for 802.11n WAPs where special packets are sent that support older standards and can improve the speed of those standards due to 802.11n’s wider bandwidth
mixed mode/high-throughput/802.11a-ht/802.11g-ht (802.11n)
mode for 802.11n WAPs with the best goodput; works for 802.11n only networks
Greenfield mode
Wi-Fi standard that uses the 2.4 GHz band (dual-band devices can support both bands), OFDM (QAM) spectrum, 100+ Mbps max speed, ~300 feet max range, and backwards compatible with 802.11b/g/a (a is not part of the standards, but implemented by manufacturers of many dual-band WAPs); features MIMO and transmit beamforming; added overhead to the frame encapsulation process when supporting older types, and having any 802.11b devices drops the network to 802.11b speeds
802.11n
Wi-Fi standard that is an expansion of 802.11n; uses the 5 GHz band, OFDM (QAM spectrum), max speeds up to 1 Gbps, ~300 feet max range, and backwards compatible with 802.11a
802.11ac
special version of OFDM used by 802.11n and 802.11ac devices
quadruple-amplitude modulated (QAM)
feature of the latest versions of 802.11ac that gives a WAP the ability to broadcast to multiple users simultaneously
Multiuser MIMO (MU-MIMO)
the act of claiming a legit item as your own rather than the truth, such as making a NIC report a legitimate MAC address rather than its own
spoof
the first real Wi-Fi security standard, addressing authentication and encryption
802.11i
standard used in 802.11i to setup a network with serious authentication with a RADIUS server and passwords encrypted with EAP; gets rid of the PPP in EAP and puts the EAP info in an Ethernet frame; port-based authentication network access control mechanism
IEEE 802.1X
protocol that encrypts passwords in the IEEE 802.1X standard; acts more like a PPP wrapper
Extensible Authentication Protocol (EAP)
a server that stores usernames and passwords
RADIUS server
in a wireless network, the wireless access point that the supplicant contacts, requesting permission to access the network; it contacts the RADIUS server on behalf of the supplicant
Network Access Server (NAS)
most popular form of authentication in wireless network, it consists of a secret code shared between and stored on the supplicant and WAP, encrypted with AES
EAP-PSK
EAP type that defines use of a RADIUS server and mutual authentication, requiring certificates on the servers and every client
EAP-TLS
EAP type that defines use of a RADIUS server, but with only a server-side certificate
EAP-TTLS
also Protected EAP (PEAP); uses password function based on MS-CHAPv2 with an encryipted TLS tunnel; most common form of EAP
EAP-MS-CHAPv2
EAP type that uses on MD5 hashes for transfer of credentials; least used
EAP-MD5
proprieatry type of EAP used mostly by Cisco; uses a combination of MS-CHAP authentication between client and radius server
LEAP
Cisco’s relacement for LEAP, supported by all current OS’s
EAP-FAST (EAP Flexible Authentication via Secure Tunneling)
wireless security method that uses a 64- or 128-bit encryption algorithm; uses the RC4 cipher, making the key only about 40 or 104 bits; the key is static and shared; for these reasons, this method is easily hacked; also no user authentication
Wired Equivalent Privacy (WEP)
the extra code in WEP, 24 bits, used to start the encryption process
initialization vector (IV)
an intermediate fix for WEP, offering security enhancements and a key integrity-checking feature; uses dyanmic key generation; adds TKIP around the WEP encryption scheme
Wi-Fi Protected Access (WPA)
an extra layer of security featured in WPA, it checks the integrity of the encryiption key
Temporal Key Integrity Protocol (TKIP)
replacement for TKIP-RC4, it is more robust; a 28-bit block cipher
CCMP-AES
the current top security standard, it fully supports the 802.11i standard; supports AES
Wi-Fi Protected Access 2 (WPA2)
version of the currrent top wireless security standard, which is used alongside a RADIUS server
WPA2-Enterprise
any WAP that you can connect to directly and configure singularly
thick client
a WAP that must be configured by a wireless controller
thin client
protocol used for interoperability between different brands/thin and thick clients
Lightweight Access Point Protocol (LAPP)
process of using a single SSID and a pool of VLANs to reduce broadcasts; uses a single domain, and the WAP? Assigns randomly a VLAN to a device/client
VLAN pooling
a graphical representation of RF sources in an area
heat map
the standard straight wire antennas that provide the most omnidirectional function; has two radiating elements that point in opposite directions
dipole antennas
an antenna that focuses the radio wave into a kind of beam; examples include parabolic, dish, and Yagi
unidirectional antenna
flat, plate shaped antenna that generates a half-sphere beam; great for offices where the signal needs to be strong in the room, but stay within the room; are always mounted on a wall
patch antenna
a timing frame sent from a WAP at regular intervals, a major part of broadcast traffic
beam (frame)
the loss of packets due to an overworked WAP
jitter
phenomenon where a non-metallic material reduces or elminates a Wi-Fi signal that passes through it, like brick, sheetrock, and wood
absorption
phenomenon where metallic materials reflect a radio wave, sending them in directions other than where they need to go
reflection
phenomenon where a glass material bends radio waves
refraction
a feature in many public facilities where an attempt to access the network open a Web Browser, requiring the client to agree to a Terms of Service to continue
captive portal
an RF scanner used to identify RF sources in an environment
spectrum analyzer
how RFI is measured, comparing the signal strength to the overall interference/noise
signal-to-noise ratio (SNR)
a rogue access point that mimics an existing SSID to get people to connect to it
evil twin
act of looking for wireless networks by using omnodirectional antennas attached to a laptop while running wireless sniffing programs
war driving
the act of marking with chalk to tell other war drivers where a wireless network is and other related information
war chalking
