How a wireless network works

A wireless local area network (WLAN) links two or more computers with Network Interface Cards (NICs) through a technology based on radio waves. All devices that can connect to a wireless network are known as stations. Stations can be access points (APs), or clients.

Access points are base stations for the wireless network. They receive and transmit information for the clients to communicate with.

The topology of a wireless network defines how the wireless devices interact with each other, two basic structures exist

• Ad hoc

Mainly used by home users, an Ad hoc topology consists of two or more wireless devices which directly connect to each other In the same range called a basic service area (BSA) creating a basic service set (BSS). Every BSS has an Identification known as a BSSID, also known as the MAC address, which is a unique identifier that is associated with every NIC.

The following diagram illustrates an Ad hoc network

• Infrastructure

This uses an access point, a small unit which acts as a transparent bridge between wireless devices and a standard cabled network, increasing the cabled LAN to include wireless devices. Wireless devices communicate only with the access point and not with each other directly.

All the wireless equipment (access point and client computers) must be configured with the same SERVICE SET IDENTIFIER (SSID) this is a word used to identify the wireless network. The wireless access point will automatically broadcast the SSID to any computers using the correct channel to communicate. The following diagram is an example of the Infrastructure topolog

For any client to join a WLAN, it must know the SSID of the WLAN; therefore, the access points typically broadcast their SSID to let the clients know that an AP is in range.

NOTE: Where possible broadcasting the SSID should be disabled and the client computers manually configured with the correct SSID this will help prevent unauthorised access as intruders would have to know the correct SSID and channel for the network

Wireless Encryption

Data streams, known as packets, are sent between the Access Point, and its clients. You need no physical access to the network or its wires to pick up these packets, just the right tools. It is with the transmission of these packets that pose the largest security threat to any wireless network

To protect the network, the majority of home and small business networks are encrypted using the two most popular methods:

• WEP - Wired Equivalent Privacy

This is available in 3 different key lengths: 64, 128, and 256 bits, known as WEP 64, WEP 128, and WEP 256 respectively.

WEP is more compatible with older devices and is used quite extensively. Each WEP key contains a 24 bit Initialization Vector (IV), and a user-defined or automatically generated key; for instance, WEP 128 is a combination of the 24 bit IV and a user entered 26 digit hex key. ((26*4)+24=128)

WEP also comes in WEP2 and WEP+, which are not as common and still as vulnerable as the standard WEP encryption

• WPA - WiFi Protected Access

WPA was designed to distribute different keys to each client; however, a pre-shared key (WPA-PSK) is widely used, in which every client has the same passphrase.

To fully utilize WPA, a user would need an 802.1x authentication server, which small businesses and typical home users simply cannot afford.

WPA utilizes a 48 bit Initialization Vector (IV), twice the size of WEP, which combined with other WEP fixes, allows substantially greater security over WEP.

Setting up a Wireless Client

To set up a wireless client to communicate with a known AP the following can be configured

Open the wireless NIC properties, the screen shot below is from a Windows XP computer. To access the wireless properties right click on My Network Places and select Properties. Then Right click on the wireless NIC and select properties

Assuming you have already configured the IP Address settings, select the wireless networks tab shown below

Assuming you have disabled the SSID broadcast from the AP, clicking on “View Wireless Networks” will not display your network, this will have to be manually entered. To achieve this click the Add button

On the Association page shown below

Manually enter the SSID in the Network name field. Then select the network authentication type. In this network I am using WPA-PSK so I will select this option and enter the network key. Then click on ok

Back on the Wireless Network tab, the wireless network is now displayed under preferred networks. Click on properties to open the Advanced window and select your topology, in this example I am using a Infrastructure AP, select this option and then click on Close

Now click on “View Wireless Networks” to display your network SSID and encryption type. In the example below the SSID is HistoricCars using WPA

.