16: Wireless Networking
Making UPCA In None
Using Barcode drawer for Software Control to generate, create UPC Code image in Software applications.
Read GTIN - 12 In None
Using Barcode recognizer for Software Control to read, scan read, scan image in Software applications.
Figure 16-7 Authenticating using RADIUS
UPC A Creator In Visual C#
Using Barcode generator for VS .NET Control to generate, create UPC A image in Visual Studio .NET applications.
Draw UPC-A Supplement 2 In .NET
Using Barcode maker for ASP.NET Control to generate, create UPC-A Supplement 2 image in ASP.NET applications.
Username and password Permission granted Supplicant Access to network resources RADIUS server
Generating UCC - 12 In VS .NET
Using Barcode drawer for .NET Control to generate, create UPC-A Supplement 5 image in Visual Studio .NET applications.
UPC-A Supplement 2 Generator In Visual Basic .NET
Using Barcode creator for Visual Studio .NET Control to generate, create UPC A image in .NET framework applications.
Draw Bar Code In None
Using Barcode encoder for Software Control to generate, create bar code image in Software applications.
GTIN - 128 Creator In None
Using Barcode drawer for Software Control to generate, create GS1 128 image in Software applications.
Here s where it gets tricky What are the points of potential failure of security here All over the place, right The connection between each of these devices must be secure; several protocols make certain of that security PPP, for example, provides a secure dial-up connection between the supplicant and the NAS IPSec often provides security between the NAS and the RADIUS server Finally, the RADIUS server needs to use a protocol, such as one of the many implementations of the Extensible Authentication Protocol (EAP), for the authentication part of the deal See Figure 16-8
Drawing Data Matrix In None
Using Barcode maker for Software Control to generate, create ECC200 image in Software applications.
Bar Code Generator In None
Using Barcode maker for Software Control to generate, create barcode image in Software applications.
Figure 16-8 Authentication using RADIUS with protocols in place
EAN13 Maker In None
Using Barcode generation for Software Control to generate, create EAN13 image in Software applications.
Create Code 3 Of 9 In None
Using Barcode generation for Software Control to generate, create Code39 image in Software applications.
Drawing International Standard Book Number In None
Using Barcode printer for Software Control to generate, create ISBN - 13 image in Software applications.
Print Linear Barcode In Visual Basic .NET
Using Barcode generator for Visual Studio .NET Control to generate, create Linear 1D Barcode image in VS .NET applications.
RADIUS server PPP IPSec EAP-TLS EAP-TTLS PEAP
Data Matrix ECC200 Printer In Visual Studio .NET
Using Barcode generator for ASP.NET Control to generate, create Data Matrix 2d barcode image in ASP.NET applications.
Encode European Article Number 13 In VB.NET
Using Barcode creation for Visual Studio .NET Control to generate, create EAN-13 image in VS .NET applications.
EAP defines a framework for authentication, but does not specify how the authentication happens Developers have, therefore, come up with many ways to handle the specifics, such as EAP-TLS, EAP-TTLS, and PEAP, to name just a few The differences among the many flavors of EAP cause countless hours of argument among geeks, but from a technician s perspective you simply use the scheme that your network hardware supports Both the WAP and the wireless NICs have to use the same EAP authentication scheme You set this in the firmware or software, as you can see in Figure 16-9
Bar Code Drawer In C#
Using Barcode creation for VS .NET Control to generate, create bar code image in VS .NET applications.
Code 3/9 Drawer In VB.NET
Using Barcode printer for Visual Studio .NET Control to generate, create Code 3/9 image in .NET framework applications.
CompTIA Network+ All-in-One Exam Guide
Encode GTIN - 12 In .NET
Using Barcode generator for VS .NET Control to generate, create UPC-A Supplement 2 image in .NET framework applications.
Data Matrix Maker In .NET
Using Barcode generator for Reporting Service Control to generate, create ECC200 image in Reporting Service applications.
Figure 16-9 Setting EAP authentication scheme
NOTE EAP and RADIUS servers for authentication paint half the picture on 8021X security implementation The other half is WPA2, discussed below
The final step in securing a wireless network is encrypting the data packets that are floating around Encryption electronically scrambles data packets and locks them with a private encryption key before transmitting them onto the wireless network The receiving network device has to possess the encryption key to unscramble the packet and process the data Thus, a hacker who grabs any data packets out of the air can t read those packets unless he or she has the encryption key Enabling wireless encryption through Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA), or WPA2 provides a good level of security to data packets in transit Data Encryption Using WEP Wired Equivalent Privacy (WEP) encryption uses a 64- or 128-bit encryption algorithm to scramble data packets, though even with the strongest encryption enabled, WEP isn t considered to be a particularly robust security solution In fact, WEP can be cracked in 60 seconds with just a regular laptop and open source software! WEP doesn t provide complete encryption for data packets It works only on the two lowest OSI network layers: the Data Link and Physical layers Encryption is stripped from the data packet before it travels up through the subsequent network layers to the application Another problem with WEP is that the encryption key is both static (never changes from session to session) and shared (the same key is used by all network nodes)
16: Wireless Networking
There is also no mechanism for performing user authentication That is, network nodes that use WEP encryption are identified by their MAC address, and no other credentials are offered or required With just a laptop and some open source software, MAC addresses are very easy to sniff out and duplicate, thus opening up a possible spoofing attack Data Encryption Using WPA Wi-Fi Protected Access (WPA) addresses some of the weaknesses of WEP, and acts as a security protocol upgrade to WEP-enabled devices WPA offers security enhancements such as dynamic encryption key generation (keys are issued on a per-user and per-session basis) and an encryption key integrity-checking feature WPA works by using an extra layer of security, called the Temporal Key Integrity Protocol (TKIP), around the WEP encryption scheme It s not, therefore, a complete replacement protocol for WEP TKIP added a 128-bit encryption key that seemed unbreakable when first introduced Within a couple of years of introduction, though, hackers could waltz through WPA security almost as quickly as through WEP security Another solution had to be found Data Encryption Using WPA2 The IEEE 80211i standard amended the 80211 standard to add much-needed security features One of those features we ve discussed already: the 8021X authentication measure using EAP to provide secure access to Wi-Fi networks Another key feature, Wi-Fi Protected Access 2 (WPA2), changes the encryption algorithm used in WEP and WPA to the Advanced Encryption Standard (AES); a 128-bit block cipher that s much tougher to crack than the 128-bit TKIP wrapper WPA2 is not hack proof, but it definitely offers a much tougher encryption standard that stops the casual hacker cold