A wireless LAN or WLAN is a wireless local area network that uses radio waves as its carrier. There are two possible types of operation: Peer-to-peer or ad-hoc mode This mode is a method for wireless devices to directly communicate with each other. Operating in ad-hoc mode allows wireless devices within range of each other to discover and communicate in peer-to-peer fashion without involving central access points. This is typically used by two PCs to connect to one another, so that one can share the other's Internet connection for example, as well as for wireless mesh networks. Infrastructure mode This mode of wireless networking bridges a wireless network to a wired Ethernet network. Infrastructure mode wireless also supports central connection points for WLAN clients. A wireless access point is required for infrastructure mode wireless networking, which serves as the central WLAN communication station. The standarts for wireless networking accepted by The IEEE are named similarly to the wired ethernet standarts. Wireless network standarts are basicly named IEEE 802.11x The 1997 802.11 standard specifies three transmission techniques allowed in the physical layer. The infrared method uses much the same technology as television remote controls do. The other two use short-range radio, using techniques called FHSS and DSSS. Both of these use a part of the spectrum that does not require licensing (the 2.4-GHz ISM band). ######kartinka######### Each of the five permitted transmission techniques makes it possible to send a MAC frame from one station to another. They differ, however, in the technology used and speeds achievable. Of all 5 possible transpission techniquies the subject of our work is especially OFDM The first of the high-speed wireless LANs, 802.11a, uses OFDM (Orthogonal Frequency Division Multiplexing) to deliver up to 54 Mbps in the wider 5-GHz ISM(industrial, scientific and medical)band The other high speed wireless LANs 802.11b and 802.11g use the narrower 2.4Ghz ISM band. As the term FDM suggests, different frequencies are used—52 of them, 48 for data and 4 for synchronization. Since transmissions are present on multiple frequencies at the same time, this technique is considered a form of spread spectrum, but different from both CDMA and FHSS. Splitting the signal into many narrow bands has some key advantages over using a single wide band, including better immunity to narrowband interference and the possibility of using noncontiguous bands. A complex encoding system is used, based on phase-shift modulation for speeds up to 18 Mbps and on QAM above that. At 54 Mbps, 216 data bits are encoded into 288-bit symbols. The technique has a good spectrum efficiency in terms of bits/Hz and good immunity to multipath fading. The 802.11 Medium Access Sublayer 802.11 supports two modes of operation. The first, called DCF (Distributed Coordination Function), does not use any kind of central control (in that respect, similar to Ethernet). The other, called PCF (Point Coordination Function), uses the base station to control all activity in its cell. All implementations must support DCF but PCF is optional. We will now discuss these two modes in turn. When DCF is employed, 802.11 uses a protocol called CSMA/CA (CSMA with Collision Avoidance). In this protocol, both physical channel sensing and virtual channel sensing are used. Two methods of operation are supported by CSMA/CA. In the first method, when a station wants to transmit, it senses the channel. If it is idle, it just starts transmitting. It does not sense the channel while transmitting but emits its entire frame, which may well be destroyed at the receiver due to interference there. If the channel is busy, the sender defers until it goes idle and then starts transmitting. If a collision occurs, the colliding stations wait a random time, using the Ethernet binary exponential backoff algorithm, and then try again later. The other mode of CSMA/CA operation is based on MACAW and uses virtual channel sensing, as illustrated in Fig. 4-27. In this example, A wants to send to B. C is a station within range of A (and possibly within range of B, but that does not matter). D is a station within range of B but not within range of A. #########kartinka##################### 802.11 Frame structure The 802.11 standard defines three different classes of frames on the wire: data, control, and management. Each of these has a header with a variety of fields used within the MAC sublayer. In addition, there are some headers used by the physical layer but these mostly deal with the modulation techniques used, so we will not discuss them here. First comes the Frame Control field. The second field of the data frame, the Duration field, tells how long the frame and its acknowledgement will occupy the channel. This field is also present in the control frames and is how other stations manage the NAV mechanism. The frame header contains four addresses, all in standard IEEE 802 format. The source and destination are obviously needed, but what are the other two for? Remember that frames may enter or leave a cell via a base station. The other two addresses are used for the source and destination base stations for intercell traffic. The Sequence field allows fragments to be numbered. Of the 16 bits available, 12 identify the frame and 4 identify the fragment. The Data field contains the payload, up to 2312 bytes, followed by the usual Checksum. Management frames have a format similar to that of data frames, except without one of the base station addresses, because management frames are restricted to a single cell. Control frames are shorter still, having only one or two addresses, no Data field, and no Sequence field. The key information here is in the Subtype field, usually RTS, CTS, or ACK. #############kartinka#################### Wireless security The security of a wireless LAN is very important, especially for applications hosting valuable information. For example, networks transmitting credit card numbers for verification or storing sensitive information are definitely candidates for emphasizing security. In these cases and others, proactively safeguard your network against security attacks. The most important security risks are: insertion Attacks - the insertion attacks are based on placing unauthorized devices on the wireless network without going through a security process and review Interception and monitoring wireless traffic - These interception and monitoring attacks are popular on broadcast wired networks like Ethernet. The same principles apply to wireless. - sniffing and capturing the legitimate traffic.hijacking the session by inserting false traffic - hijacking the session by inserting false traffic - base station cloning by tricking legitimate wireless clients to connect to the attacker’s honeypot network by placing an unauthorized base station with a stronger signal within close proximity -broadcast monitoring - if a base station is connected to a hub rather than a switch, any network traffic across that hub can be potentially broadcasted out over the wireless network. Missconfiguration -SSID is a configurable identification that allows clients to communicate to the appropriate base station. With proper configuration, only clients that are configured with the same SSID can communicate with base stations having the same SSID. SSID from a security point of view acts as a simple single shared password between base stations and clients - but this can be easily sniffed as it is in plain text. Jamming Denial of service attacks for wired networks are popular. This same principle can be applied to wireless traffic, where legitimate traffic gets jammed because illegitimate traffic overwhelms the frequencies, and legitimate traffic can not get through. Client to Client Attacks - denial of service, hybrid threads. the first step to solving these problems is using WEP(wired equivalent privacy) is 802.11's optional encryption standard implemented in the MAC Layer that most radio network interface card (NIC) and access point vendors support. WEP specifies a shared secret 40 or 64-bit key to encrypt and decrypt the data. Some vendors also include 128 bit keys (know as "WEP2") in their products. With WEP, the receiving station must use the same key for decryption. Each radio NIC and access point, therefore, must be manually configured with the same key. Wi-Fi Protected Access (WPA and WPA2) are systems to secure wireless (Wi-Fi) networks. They were created in response to several serious weaknesses researchers had found in the previous system, Wired Equivalent Privacy (WEP).Data is encrypted using the RC4 stream cipher, with a 128-bit key and a 48-bit initialization vector (IV). One major improvement in WPA over WEP is the Temporal Key Integrity Protocol (TKIP), which dynamically changes keys as the system is used. When combined with the much larger IV, this defeats the well-known key recovery attacks on WEP.