8

INTRODUCTION
Wireless technologies are a reality that grows every day at a fast pace and gain
ing ever more adherents. They, in turn, ranging from those residential users eve
n those who make use of this technology on your desktop. Wireless networks vary
in their structural model. Can be implemented in a more complex, based stations
interconnected by one or several access points, or more simply, where stations c
an communicate with each other, a model point-to-point. According to the means o
f network configuration, this one still belongs to a technological standard that
differs from other wireless networks, ie, they are technologies that can vary w
ith the amplitude of the signal, the speed of the transfer medium and even the s
ame level of security that compose it. Based on the concept of wireless technolo
gies, this project will describe a brief history of wireless communication, the
transmission medium, the structure of a WLAN and finally will describe a project
of setting up a wireless point-to-point .
9
1
BRIEF HISTORY OF WIRELESS COMMUNICATION
The idea of wireless is the result of a series of developments in science, in fi
elds like mathematics and physics. In the mid-nineteenth century, from the theor
ies of two English physicists Michael Faraday and James Clerk Maxwell, Heinrich
Hertz built a transmitter arrestor, a device that generated radio waves from an
electric spark. This discovery contributed to the study of this important medium
. Another step should be to highlight the invention of wireless telegraphy in 19
01 by Italian physicist Guglielmo Marconi, who transmitted information from one
ship to the shore by means of Morse code. In the early twentieth century, advanc
es in vacuum tube, developed by Professor John Ambrose Fleming and English by Am
erican physicist Lee De Forest made it possible to modulate and amplify wireless
signals for sending voice transmissions. The extent and clarity of voice transm
issions increased as if made new progress in technology. During the First World
War, there were many interceptions of communications, which generated interest i
n developing new forms of communications that could be safer. But it was during
the Second World War that the use of wireless networks was really widespread and
very useful for the cir-
10 war stances. The information was transmitted securely via radio wave. In the
late 1960s began operating a wireless network called ALOHA, developed at the Uni
versity of Hawaii, who initiated the modern digital communication. During the la
st century, advances in wireless technology have made possible the creation of r
adio, television, mobile telephony and satellite communications. All kind of inf
ormation can now be sent to all over the world. Currently, much attention has be
en focused on the communication satellite, wireless and cellular technology.
1.1
11
2
MEANS OF WIRELESS TRANSMISSION
The means of transmission of a wireless network is the air, which is characteriz
ed by the total absence of wires or cables. This transmission is via electromagn
etic waves. A great feature of this means is that the signal is spread equally i
n all directions, unless restricted, and continues to propagate indefinitely. As
the distance from source increases, the energy is spread over a larger area, ma
king the signal weaker. On the path of electromagnetic signal, it is affected by
natural disturbances that can interfere with the signal.
2.1
Electromagnetic Spectrum
When they move, the electrons create electromagnetic waves that can propagate th
rough free space (including a vacuum). These waves were predicted by the English
physicist James Clerk Maxwell and produced in 1865 and first observed by German
physicist Heinrich Hertz in 1887. The number of oscillations per second of an e
lectromagnetic wave is called the frequency, f, and is measured in Hz (in honor
of Heinrich Hertz). The distance between two points maximum (or minimum) in a ro
w is called the wavelength, which is universally known by the Greek letter lambd
a.
12 When installing an antenna, with the appropriate size in an electrical circui
t, electromagnetic waves can be efficiently transmitted and received by a receiv
er located at a distance quite reasonable. All wireless communication is based o
n this principle. The electromagnetic spectrum is the splitting of electromagnet
ic waves according to frequency range and the physical characteristics inherent
in each track. Figure 1 shows the electromagnetic spectrum.
Figure 1 - Representation of the electromagnetic spectrum.
In wireless networks, radio, microwave and infrared rays are most often used to
transmit information, provided that the frequency modulated, amplitude or phase
waves. The higher the frequency, the higher the rate of data transmission, but w
aves like ultraviolet light, X-ray and gamma ray, although owned-
13 go higher frequencies, and modulation are difficult to produce and are more h
armful to living things. The use of frequencies within the electromagnetic spect
rum is subject to agreements and national and international conventions. The reg
ulatory agency in Brazil's Anatel.
2.1.1 Radio Transmission
In addition to its uses for public transmission of radio and television and a pr
ivate communication with devices like mobile phones, electromagnetic radiation c
an be used to transmit computer data. Informally, it says that a network that us
es electromagnetic radio waves operate at radio frequency, and transmissions are
called RF transmissions. The properties of radio waves depends on frequency. At
low frequencies, radio waves pass through obstacles, but power drops sharply as
the distance from source increases. High frequencies, radio waves tend to trave
l in straight lines and hit the barriers. They are also absorbed by the rain. In
all frequency radio waves are subject to interference from motors and other ele
ctrical equipment. Because of the ability that the radios have to travel long di
stances, interference with users is a problem. Therefore, all governments exerci
se tight control over radio transmitters, giving only one exception to the frequ
encies of lower order.
14
3
WLAN (Wireless Local Area Network)
Today's society is such that one side of organizations need to anticipate custom
er needs and know them well. From another, it must quickly in making internal de
cisions. Within this context, wireless networks have come to help balance these
needs. Every day, there is greater need for professionals to work beyond the fou
r walls of the office, getting closer to the customers, being where the work and
competitiveness require that they are, seeking to increase productivity. The in
formation is of technological or marketing, must be consulted and updated freque
ntly. It is within this context that the wireless communication has found fertil
e ground for the growth that has gained in recent years. Wireless networks are c
haracterized primarily by its physical medium of communication, air and radio wa
ves through the wireless networks diminish distances enabling devices interconne
cted to communicate and making this technology a means of earning money. This ty
pe of network is deployed in different situations: when you can not install a la
ndline (wired) and when there is need to create an infrastructure network tempor
ary, and when they want to extend an existing network. Examples of these situati
ons, it may be mentioned-
15 nar creating an infrastructure network in a building tombado1; in a meeting o
r conference with limited or even the customer service in restaurants, hotels, e
tc.. When it comes to wireless networks, it is understood that this course is a
network like a conventional Ethernet network, ie it has the same features as a n
ormal network. Well, a wireless network has exactly the same functionality that
has an Ethernet network. The main difference is that all tasks that carries an E
thernet network are also performed here without the need for wires. It seems, at
first glance that is simple, but how, for example, make the network secure enou
gh so that no unauthorized user takes possession of information that is not your
property and then make them public? Since it is difficult to monitor such activ
ity in conventional networks, so as to make the network secure? There are of cou
rse different way of doing this, this project will be presented end of course no
t the solution of how to do this, but will show the current technologies that ac
count for this type of activity and others that also perform various other tasks
. Now thinking about these and other issues that the IEEE (Institute of Electric
al and Electronics Engineers), the world's largest professional organization in
the area, has a group of standardization that develops standards in the areas of
electrical engineering and computer science. These patterns are nothing more th
an previous studies about a particular concept which then acquired a wireless te
chnology standard, ie€of equipment can be configured for a specific means of act
ion and thus to be classified as a pattern for a given task.
1
The term refers to the fallen monuments that were considered by the World Herita
ge Site, a building must be preserved and which can not be done installations in
order to attack it.
16 Currently, the best known type or standard in wireless networking is the 802.
11 standard. This in turn is the standard recognized by IEEE as the standard for
wireless LANs (Local Area Networks). Likewise, there are other standards that m
eet other needs and purposes. The WPANs (Wireless Personal Area Network) that pe
rsonal networks are short range, the WMANs (Wireless Metropolitan Area Network)
which are networks that serve metropolitan areas, the WWANs (Wireless Wide Area
Network), which are in the same technological level that WMANs, and the differen
ce is only in its service area. Again remember that this project will not make a
pproaches to all types of wireless networks, but will focus on that which breaks
down and is the most popular method of wireless communication. The 802.11 stand
ard. Figure 2 shows the major wireless technologies that apply to different leve
ls of technological expansion, then figure 3 shows how in practice a wireless ne
twork. Each with its own special features, functionality and range of use.
Figure 2 - WPAN, WLAN, and WMANs WWANs. The increasing level of wireless technol
ogies.
17
Figure 3 - Example of a wireless network Wireless.
3.1
TOPOLOGY
Wireless technology is a technology that is any device that has the ability to t
ransmit data without the presence of wires. That is, a technology that ranges fr
om a simple cell phone that transmits a file to another phone, even for large da
ta transfers between stations that use routers and access points. The main advan
tage of implementing a wireless network, it sure is the mobility it provides to
its users ensuring speed, agility and performance activities that stations do.
18 The basic infrastructure of a wireless network based on an Access Point (Acce
ss Point) and electronic interfaces present in the stations. Through these basic
mechanisms are set the access modes and the components that define both the typ
e of network as well as their modes of operation. The environment where some uni
ts of these two types of mechanisms can be considered the environment as a cell
of wireless communications known as BSS (Basic Service Set). This cell in isolat
ion, can be considered as a region capable of meeting the network devices, or ev
en a set of stations controlled by a single Access Point. The workstations (depe
nding on how they are configured) can move from one cell to another, which gives
the effect of roaming, ie it is the method by which the stations contained in a
cell can move from one cell to another without that, this season to lose the ne
twork connection. In other words, is to keep the station in an area larger than
the coverage area of your Access Point. Several BSS are called ESS (Extended Ser
vice Set) these give support to multiple APs. Thus, there is then what is called
the DS (Distribution System) which is the system that makes communication betwe
en the APs, ie, corresponds to the network backbone.
3.2
STRUCTURE
The way and made to communicate and share a wireless network is set according to
the architecture adopted. There are three ways of configuring a wireless networ
k to ensure the control and management of a WLAN: infrastructure mode basic infr
astructure mode and ad hoc mode or point-to point out.
19 3.2.1 Basic Infrastructure
This is the most common mode of communication and which uses so-called access po
ints, through the BSS method. The network based on basic infrastructure or can n
ot connect a wireless network to conventional networks. The Access Point is resp
onsible for the connection between the mobile stations and is also used for netw
ork authentication, management and control of data flow. In the basic infrastruc
ture so each client communicates directly with the access point, which is part o
f the distribution system. In this case the access point not only provides commu
nication with the conventional network also serves as a means of traffic between
wireless clients. Therefore, any request for communication between stations in
the BSS must pass through the Access Point. Communication between the station an
d any other network client driven, which is connected to the AP, must pass throu
gh the Access Point's cell BSS.
3.2.2 Network Infrastructure
Are networks ESS - Extended Service Set,€which are actually the union of several
 BSS networks connected through another network (an Ethernet network, for exampl
e). The structure of this type of network is typically composed of a set of APs
- access points (Access Points) interconnected, which allows the "migration" of
a device between two network access points. Importantly, for plants that process
is completely transparent, so the network is viewed as a single element. Each A
P serves its cell BSS while the res-
20 sible for communication between different cells. These cells are directly con
nected to other networks, since their APs are connected to these networks throug
h a network device. We realized then that this structure allows the output very
easily, for example, a station of a cell communication to a conventional network
. Figure 4 is a representation of a wireless network infrastructure.
Figure 4 - Example of a Wireless Network Infrastructure
21 3.2.3 Networks Ad Hoc or Peer-to-Point
A mobile ad hoc network
2
is a network formed without any administrative
tion center, which ensures that this type of configuration has the label of IBSS
(Independent Basic Service Set), ie, consisting only of mobile nodes that use a
wireless network interface for sending your information. Such we are able to ex
change directly, information amongst themselves, and the services available in t
he network are dependent on their storage resources and processing. In this type
of setting all stations have the same BSSID - Basic Service Set Identifier, whi
ch corresponds to an identifier of the wireless cell. The operation of a network
that communication mode is extremely easy, but the coverage area is reduced, re
quiring a range of one station reach the other for communication to occur. Figur
e 5 is a representation of the ad hoc network.
Figure 5 - Example of an ad hoc network
2
Ad-hoc is the English name given to the method of how the networks point-to-poin
t.
22 3.3 COMMUNICATION
After examining how the physical structure of a network and know its main compon
ents, it remains to show how an Access Point acquires network access, act as equ
ipment to make communication with the Access Point and therefore communicate wit
h each other. And in Chapter 4 will show the project of implementing a wireless
network. In view an outline of the system to be installed and configured just th
en making the appropriate settings in the system and from there jump to another
level more comprehensive configuration and maintenance of the network. Once an a
ccess point is properly connected to conventional Ethernet network, it has been
there a wireless network environment that extends to certain "edge", this bounda
ry corresponds to a cell that is ready to receive a number of stations that conn
ect to it and become a fully wireless network wireless, starting to provide serv
ices and information. The station that wants to connect to the network, it will
do so by two methods: One that uses criptografia3 and another that uses shared k
eys. It is worth remembering also that these two methods can not be seen as safe
when they act alone in the middle, but if they work in conjunction with other s
ecurity protocols will be very useful in order to protect the network. These met
hods in turn are the simplest that wireless technology has thus are totally inad
visable for networks that require a
3
This is a set of concepts and techniques designed to encode information so that
only the sender and receiver can access it, preventing an attacker can interpret
it.
23 stricter level in security control. Today, there are Hackers4 that can easily
decipher the encrypted key that system through software. Thus, there are safer
methods to protect the network than just this type of configuration. There are o
ther methods of accessing the wireless network designed to protect the availabil
ity of information on traffic passing through it and others who seek to protect
the information itself. Thus, these methods are more focused on their own networ
k security. Thus, then become real, no longer as simple forms of network access,
but become real security protocols.
3.3.1 Protocols
The protocols used by 802.11 vary according to the specificity of each medium. P
rotocols are access rules that vary from the rate of data transmission, even mor
e stringent levels of security. The pattern of WLANs has a multitude of protocol
s that meet various levels.
4
Individuals who design and modify software and hardware of computers, is develop
ing new features, or adapting old ones.
24 3.3.1.1 Standard 802.11
The 802.11 standard is a protocol specifying basic wireless local area networks,
WLANs. It is a standard that specifies operations in the frequency range of 2.4
GHz with data transmission rates ranging from 1 Mbps and 2 and was established
on June 26 in 1997 when the IEEE announced the rectification of the Protocol for
802.11 WLANs. The 802.11 standard specifies three physical layers (PHY) and onl
y one MAC sublayer (Medium Access Control): • Frequency Hopping Spread Spectrum
Radio PHY: This layer provides operations for 1 Mbps, 2 Mbps optional. Version 1
Mbps using two levels of modulation GFSK (Gaussian Frequency Shift Keying) and
2 Mbps uses four levels of the same modulation. • Direct Sequence Spread Spectru
m Radio PHY: This layer provides operations for both speeds of 1 Mbps and 2. Ver
sion 1 Mbps using DBPSK modulation (Differential Binary Phase Shift Keying), whi
le 2 Mbps using DBPSK modulation (Differential Quadrature Phase Shift Keying). •
Infrared PHY: This layer provides a transaction Mbps, 2 Mbps optional. Version
1 Mbps modulation uses 16-PPM (Pulse Position Modulation with 16 positions), and
version 2 Mbps using 4-PPM modulation. The physical layer is divided into two s
ub-layers: sub-layer of the physical medium dependent (PMD): This layer deals wi
th the characteristics of wireless medium and defines the methods for transmitti
ng and receiving through this medium.
25 Sub-layer convergence procedure of the physical environment (PLCP): This laye
r specifies the method of mapping the data units of the protocol sub-layer (MAC
MPDUs) in the format compatible with the PMD sublayer. The MAC sub-layer defines
the medium access mechanism. The Distributed Coordination Function (DCF, Distri
buted Coordination Function) is the fundamental mechanism for access and is base
d on CSMA / CA (Carrier Sense Multiple Access / Collision Avoidance). The retran
smission of collided packets is done following the rules of backbone exponential
ly. The IEEE 802.11 standard also defines an optional feature, called Centralize
d Coordination Function (PCF-Point Coordination Function), which, unlike the DCF
, MAC is a scheme where a centralized Access Point elects, in accordance with it
s rules, a wireless terminal for that it can transmit its packet. The main chara
cteristics of these two functions are: DCF: It is a mandatory component in all p
roducts compatible with the IEEE 802.11 and provides a best effort type service.
It is suitable for transmission of data that are not sensitive to network delay
, for example, email and ftp. In this role, the terminals perform this algorithm
distributed and must compete among themselves to gain access to the middle of e
ach packet transmission (Contention Mode). This process attempts to ensure fair
access to the channel for all stations. PAT: It is an optional service and is re
commended for data transmission with high sensitivity to network delay and traff
ic for high demand, for example, audio and video in real time. In this case, the
AP, that this algorithm performs centralized
26 has control of the canal and passes this control to wireless terminals when d
ue (Contention-free mode). These two coordination functions can also be used tog
ether in case of transmission of data packets of various types. The popularity o
f IEEE 802.11 market is due mainly to the DCF, as the PCF, by its complexity and
inefficiency for data transmission without time requirements, it is rarely impl
emented in current products. In addition, the PCF may cause unpredictable delays
and durations of transmission. Similar to the success of Ethernet, the IEEE 802
.11 DCF is often used for wireless networks, although its current form is not ef
fective for multimedia applications. A station may have to wait an arbitrarily l
ong time to send a package, which for real time applications like voice and vide
o, is unacceptable. To minimize this problem, the 802.11e version of the protoco
l is being developed. In IEEE 802.11e, MAC layer enhancements are being made to
improve the Quality of Service (QOS) via a CSMA with priority and advanced polli
ng techniques.
3.3.1.2 Standard 802.11b
802.11b was the first wireless standard used in large scale. It marked the popul
arization of technology. Of course there have been several previous standards, b
ut most owners and mutually incompatible. Enabled cards from different manufactu
rers to become compliant and costs fall, thanks to increased demand and competit
ion.
27 In 802.11b networks,€the theoretical speed is only 11Mbps and supports up to
32 users per access point. The physical layer of 802.11b uses Direct Sequence sp
read spectrum (DSSS - Direct Sequence Spread Spectrum) that uses open relay (bro
adcast) radio and operates in the 2.4GHz frequency. The rate of 11 Mbps can be r
educed up to 5.5 Mbps and can reach only 1 Megabit, depending on environmental c
onditions in which the waves are propagating (walls, fences, windows, etc.). For
this reason its main drawback is interference in both the transmission and rece
ption of signals, because the frequency in which it operates is equivalent to eq
uipment such as mobile phones, microwave ovens and Bluetooth devices. As wireles
s networks have a very large overhead because of signal modulation, checking and
retransmission of data transfer rates in practice are around 750 KB / s, less t
han two thirds of the maximum. On Windows you can use the utility that came with
your network adapter to verify the signal quality in each part of the environme
nt where the network should be available. On Linux this is done by programs like
KWiFiManager.
3.3.1.3 802.11a standard
After the 802.11b standard, the next standard for wireless networks has been rec
ognized by IEEE 802.11a (which actually began to be developed before the 802.11b
, but was terminated after), which uses a frequency of 5 GHz providing a theoret
ical speed of 54 Mbps, to a smaller area of expertise. In general, 802.11a cards
are also compatible with 802.11b, allowing them to be used in both types of net
works. An important observation to be made is that
28 802.11a and 802.11b cards to the mix, the speed is capped at the bottom and t
he whole network is operating at 11 Mbps. The baud rate includes all signs of mo
dulation, packet headers, error correction, etc.. The actual speed of 802.11a is
24-27 Mbps, slightly more than four times faster than 802.11b. Another advantag
e is that 802.11a allows a total of eight simultaneous channels, compared with o
nly three channels in 802.11b. This allows more access points are used in the sa
me environment, without loss of performance. Furthermore, by using a higher freq
uency, 802.11a transmitters also have a shorter range, theoretically half the ra
nge of 802.11b transmitters, which makes it necessary to use more access points
to cover the same area, which contributes to increase costs further. Both the 80
2.11a, 802.11b as they became obsolete with the introduction of 802.11g.
3.3.1.4 802.11g Standard
The standard for wireless networks today is 802.11g. It uses the same frequency
band of 802.11b: 2.4 GHz This allows the two patterns are intercompatíveis. The
idea is that you can add cards and access points to 802.11g and 802.11b network
already exists, keeping the old components, just as today we are free to add Gig
abit Ethernet cards and switches to an existing network of 100 Mbps . Neverthele
ss, the transmission speed in 802.11g is 54 Mbps, as in 802.11a networks. Ie, 80
2.11g combines the best of both worlds. For the network actually works at 54 Mbp
s, it is necessary that the access point and
29 all cards are 802.11g. By including a single 802.11b card on the network, the
whole network is operating at 11 Mbps. The 802.11g cards are not compatible wit
h 802.11a, but the two types of cards can talk to 11 Mbps using the 801.11b stan
dard, which becomes a common denominator. There are also dual-band plates, which
transmit simultaneously on two different channels, doubling the transmission ra
te (and also the level of interference with other nearby networks), reaching spe
eds of 108 Mbps. However, in order to reach the maximum speed should be used onl
y dual-band plates, or else it will be capped below.
3.3.1.5 Standard 802.11n
Still awaiting approval of the IEEE, the 802.11n promises to be much better in t
erms of resources than the other standards and is scheduled for early 2007. 802.
11n will also offer transfer rates greater than 100 Mbps (are planned over 500 M
bps) at ranges of 2.4 Ghz and 5Ghz. In addition, the new standard ensures greate
r efficiency in signal propagation and extensive backwards compatibility with ot
her protocols. Currently, two standards were proposed 802.11n. Each of them, sup
ported by its own group of key industry companies, is competing to become the fi
nal specification. Figure 6 shows a proposed equipment for 802.11n.
30
Figure 6 - Equipment capable of transmitting wireless data transmission rates up
to 500 Mbps
3.4
SAFETY
Basically,€the term security in wireless networks have exactly the same goal as
the wired networks is: Maintain the integrity of data and information which in t
urn can be manipulated or lost by unauthorized users. The basic difference is in
how security measures are adopted. Based on this, the best measure of security
to be adopted is one that exactly fits the entire system to protect it, or is ad
opting the standard that best fits the needs and ensure that the method adopted
for sure keep the data integrity. Adopting the "best market" may not be the best
option for certain environments. In other words, the network administrator must
 make a good security design, analyzing all the possible equipment that can be u
sed and then yes to adopt the higher standard of security for your network.
31 The way to connect to wireless network is also one of the ways to restrict ac
cess to the network making it more secure. The methods for authentication and en
cryption are an example. It is through the authentication of users the network b
ecomes more restricted and gaining control of users who use and encryption, whic
h guarantees the integrity of information exchanged through since being associat
ed with other security standards. The 802.11 standard defines two ways of authen
tication and security standards one of which is the default authentication simpl
er systems, where any station can access the network simply by requesting an aut
horization to drive the transmitting data, known as Open System Authentication f
ocused to networks that do not really need security for the authenticity of devi
ces. This type of network best suited to environments such as airports, train st
ations, buses, subways, hotels, malls and other public places. The method of use
r authentication is done through a mechanism where the unit requesting and authe
nticating unit share a secret key authentication, this method is known as Shared
Key The way authentication is done in the following way: The station you want a
ccess the network must send the Access Point (AP) a request to access it. The AP
responds to this request with a text containing 128 bytes of information. stati
on should recognize that the text that appears encrypted, ie it responds to the
AP the correct information for authentication. When the AP receives this informa
tion, it compares the response of the station with the correct answer, if you ar
e certain that the station is free to access the network. Each Access Point avai
lable on the market today have adapted to these two authentication methods.
32 Of course, for each user type, have certain types of configurations taking in
to account the particular purpose that each one has. Thus, there are other secur
ity settings that are made to the AP that operates according to the needs of the
medium. The SSID is an alphanumeric code feature on all equipment available in
the market, by default this code has already been completed which makes access t
o network more dynamic especially for those who are more laymen in the matter, a
nd make access faster and without complication. This is a configuration model is
not desirable for private environments, since this code is now easier to be dis
covered through identification algorithms, even if it is done in exchange for th
at alphanumeric code. If your network uses only this method of setting surely it
will not be safe. For this it is necessary to use protocols that besides this t
ype of system uses encryption as a means of ensuring network integrity.
3.4.1 WEP Protocol
The protocol WEP (wired equivalent privacy) protects the data link layer of data
during transmission from a client with the APs. In other words, WEP only contro
ls part of the wireless network, then the party will have wired their safety by
other means.
33
Figure 7 - Diagram of a network protected with WEP: Only part of the wireless ne
twork is protected
3.4.1.1 Authentication Form Authentication ensures that only customers in the ne
twork can access it, ie, it verifies the identity of the customer and evaluates
whether this season or customer can not access the network. As for privacy, this
service evaluates whether the data can be viewed by customers who have authoriz
ation. And finally, data integrity, is a question that ensures that the transmit
ted data is not modified in the way of back and forth between clients and APs. A
uthentication in WEP security protocol defines two ways to validate a client who
wants to access the network.€The first involves the use of encryption based on
RC4 algorithm created by Ron Rivest where the client using a cryptographic key (
WEP key) that is shared with Access Point, encrypts the challenge and returns th
e result to the Access Point. This, decrypts the result computed by the client a
nd only allow access to the network if the value found is the same that was sent
initially to check whether the requesting station has knowledge of the secret k
ey. Importantly, the technique of cryptographic
34 assemble photographs described above is rudimentary and does not provide mutu
al authentication. Therefore, the client does not authenticate the Access Point
and then there is no security if the client station will be communicating with a
legitimate network access point. It is also known that the authentication done
by only one party is considered as a weak and suffering from constant attacks. T
he other form of authentication uses the method known as Closed System Authentic
ation (Shared Key) and the Open System Authentication (Open System). It is vital
to know what level of data transmission equipment that that transmitter's signa
l support network for this kind of method. Well, there are patterns of 64 and 12
8 bits. The 64-bit is more common and is present in any currently marketed produ
ct. The 128-bit is not supported by all products and it is still necessary to en
able it to be made the transmission. Plus, all other equipment must support 128-
bit standard, otherwise it will be outside the network. The basic difference fro
m the standard 64-bit and 128-bit standard is precisely the size of the Shared K
ey in bits (40 or 104). Logically, the larger the key size, the greater the leve
l of security adopted. Figure 8 shows how is the authentication of users cryptog
raphically or not.
35
Figure 8 - Structure of the mode of authentication for wireless networks
wire.
A station that makes a request for access to the network using Shared Key system
, it is simply answered an SSID (Service Set Identifier), which allows free acce
ss to the network. In the open system, a client is authenticated even if he simp
ly respond with an empty string. For the SSID, this authentication is known as N
ULL Authentication. In practice, both the cryptographic method and the methods a
s Open System and Closed System Authentication are extremely vulnerable to attac
k, and if not improved, practically invite attacks on the network. The 802.11b s
tandard also supports service privacy through the use of encryption techniques f
or the wireless interface. This technique of WEP encryption for privacy also use
s the RC4 algorithm to generate a random data pseudoseqüência. Through this tech
nique, WEP can prevent the discovery of data transmitted over the wireless netwo
rk. WEP is applied across the network traffic to protect the TCP / IP (Transmiss
ion Control Protocol / Internet Protocol), IPX (Internet Packet Exchange), HTTP
(Hyper Text Transfer Proto-
36 col.) Supports WEP encryption keys of 40 bits to 104 bits. The WEP key of 104
bits, for example, 24 bits for the initialization vector (IV) becomes a key 128
-bit RC4. In general, increasing the size of the encryption key increases the se
curity level. Some research has shown that key size greater than 80 bits, makes
breaking the code becomes virtually impossible. However, most WLANs rely on cryp
tographic keys of up to 40 bits.
3.4.1.1 Integrity
The IEEE 802.11b standard also specifies a way to ensure integrity of data trans
mitted between clients and APs. This security service is designed to reject any
mail that has been altered during transmission. This technique uses a simple CRC
(Cyclic Redundancy Check). The CRC or frame check sequence is calculated on eac
h packet to be transmitted. The entire package is then encrypted using an RC4 ke
y to generate the cipher text of the message. At the receiver, the decryption is
 done and the CRC is then recalculated in the received message. Then, the calcul
ated CRC is compared with the CRC of the original message. If the CRCs calculate
d are different, indicate that the message had violated his integrity and the re
ceiver will discard it. Unfortunately, as in the service of privacy, integrity i
s vulnerable to certain attacks, regardless of the size of chave.Um important as
pect that is not often taken into account concerns regarding the management of e
ncryption keys, or That is, how long you should use the same encryption key in a
WLAN.
37 The outcome of the lack of concern for management of cryptographic key can ca
use numerous vulnerabilities WLANs. These vulnerabilities include WEP keys that
are almost never changed or are maintained with the default value or are weak ke
ys (only zeros, only one, based on weak passwords or other similar standard triv
ial). Another problem is the difficulty of constantly changing this WEP key in a
large WLAN environment. In a large environment that can be 15,000 APs, changing
the WEP keys becomes a challenge.
3.4.1.2 Problems with WEP
Some security problems of WEP protocol that make it a protocol that can not be c
onsidered completely safe: passive attacks to decrypt network traffic based on s
tatistical analysis; active attacks to insert new traffic from unauthorized mobi
le stations, among others, with it the following faults can be found in WEP: • U
se of static WEP keys - Many wireless users using an identical key for a long ti
me, is a risk factor. If a computer like a laptop was stolen, the key could beco
me compromised leaving all computers that share the same key also compromised. •
IV (Initialization Vector) - The WEP IV is 24 bits in the field with empty part
of the message sent. This field of 24 bits, used to start the key generation al
gorithm for RC4 is considered small for encryption. The reuse the same IV produc
es an identical key to data protection and small size ensures that it will repea
t
38 with a relatively high frequency in a busy network. Moreover, the 802.11 stan
dard does not specify how the IVs are set or changed, then the same brand of wir
eless devices can generate all the same sequence of IV and others may have a con
stant IV. As a result, attackers can record network traffic, determine the key a
nd use it to decode the data. • Prior Knowledge - What a curious fact to know th
at the IV of each key has 24 bits, combined with the weakness of RC4 key, leads
to an attack that recovers the key after intercepting and analyzing a small amou
nt of packet traffic. • Integrity Not Encrypted - The WEP does not provide integ
rity protection encrypted. However, the 802.11 MAC protocol uses a CRC unencrypt
ed to check the integrity of the packets with the correct checksum (checksum). T
his combination is dangerous and often leads to unintentional attacks "side chan
nel". There is also an active attack that allows an attacker to decrypt any pack
age by a systematic modification of packets and their CRCs sent to the AP. These
types of attacks are usually sudden and it is risky to design cryptographic pro
tocols that do not contain integrity protection encrypted, because of the possib
ility of interaction with other levels of protocol that may allow release of inf
ormation about the ciphertext.
39 3.4.2 Protocol WPA
The WPA security protocol, or (Wi-Fi Protected Access) is the security protocol
link layer for the IEEE 802.11 standard. It is also known as "WEP improved." Wit
h the increasing number of wireless networks especially for home users, institut
ions, universities and companies also increased the concern about the safety of
such networks. One advantage of WPA over WEP is to improve data encryption by us
ing a temporary key protocol (TKIP) that enables the creation of keys per packet
, and have error detecting function called Michael, an initialization vector 48
bits instead of 24 as in WEP and a key distribution mechanism. Moreover, another
 advantage is the improvement in the process of authenticating users. This authe
ntication uses the 802.11xe EAP (Extensible Authentication Protocol), which thro
ugh a central authentication server authenticates each user before that have acc
ess to the network.
3.4.2.1 Authentication
Authentication is mandatory. The authentication with WPA is a combination of ope
n system and 802.1X authentication, which uses two phases: The first phase uses
open system authentication and instructs the wireless client that it can send fr
ames to the wireless AP. The second stage uses to perform an 802.1X authenticati
on at the user level. TKIP, Protocol temporal key integrity, changes the unicast
encryption key and for each table and each change is synchronized between the w
ireless client and wireless AP. For the global encryption key, WPA includes a
40 being wireless and the wireless AP. For the global encryption key,€WPA includ
es a facility for the wireless AP to advertise changes to the connected wireless
clients. For WPA, encryption using TKIP is required. TKIP replaces WEP with a n
ew encryption algorithm, stronger than WEP, which can be performed using the cal
culation facilities present on existing wireless hardware. TKIP also provides: T
he verification of the security configuration after the determination of encrypt
ion keys. The synchronized changing of the unicast encryption key for each table
. The determination of an initial unicast encryption key unique to each key auth
entication précompartilhada. With 802.11 and WEP, data integrity is provided by
an ICV of 32 bits, appended to the 802.11 payload and encrypted with WEP. Althou
gh the ICV is encrypted, you can use cryptanalysis to change bits in the encrypt
ed payload and update the encrypted ICV without being detected by the receiver.
With WPA, a method known as Michael specifies a new algorithm that calculates a
MIC (message integrity code) with the calculation facilities available on existi
ng wireless hardware. The code MIC is placed between the data portion of the 802
.11 frame and the 4-byte ICV. The MIC field is encrypted together with the frame
data and the ICV. Michael The method also offers protection against reproductio
n. A new frame counter in the 802.11 is used to prevent replay attacks. WPA defi
nes the use of AES as an optional additional replacement for WEP encryption. How
does adding AES support through a firmware update may not be possible for exist
ing wireless equipment. Support for AES in network adapters and wireless APs is
not required. To support
41 the gradual transition from a wireless network based on WEP to WPA, it is pos
sible for a wireless AP supports WEP and WPA clients at the same time. During th
e association, the wireless AP determines which clients use WEP and which use WP
A. The disadvantage to supporting a combination of WEP and WPA clients is that t
he global encryption key is not dynamic. All other security enhancements in WPA
clients are preserved.
3.4.3 RADIUS Protocol
The RADIUS protocol (Remote Authentication Dial-In User Service) was developed b
y Livingston, later became part of the company and Lucent Technologies today is
part of the evolving standards in the IETF (Internet Engineering Task Force). Th
e protocol can be used in an integrated manner the various departments in ensuri
ng security and restricting access to a network. The RADIUS protocol is used to
provide services remotely in a secure way. Many corporations offer their employe
es, customers, partners and services remotely, some of these services can be acc
essed via a public network, such as the Internet. This fact makes clear that the
private network of a company or a laboratory can be accessed by anyone through
a public network. Precisely in this context arises the question of authenticatio
n.
42 3.4.3.1 Authentication
Authentication aims to ensure that access to a network and its services, is made
by legitimate users, or when referring to any one company, only employees, cust
omers and authorized partners must have the same access to services available in
your private network by preventing unauthorized access. When a user tries to ac
cess a network protected by an authentication system, the system validates your
identity before allowing access. Being an identity with access allowed, the syst
em generates an authorization for the user. From that moment on, the user will h
ave guaranteed access for a certain period of time established by the authentica
tion system. Thus, when the validity of his permit running out a new authenticat
ion process is required. This view allows us to have a general idea of how the a
uthentication process occurs in a system of this nature. However, there are diff
erent authentication systems and how they are implementing this process, to ensu
re the security of a private network, can vary. The first step is accomplished b
y the user to access remotely is sent a message containing your username and pas
sword for the RADIUS client. When you receive the user's client generates a RADI
US request containing the user data, forwarding it to the RADIUS server. A reply
message is expected for some time, but if someone arrives, the client may send
a new request to the same server or a RADIUS server alternative.€When you receiv
e a request to first server action is to validate the RADIUS client which sent t
he request message, thus avoiding
43 as a "fake" client can perform any operation. Since this is a valid client, t
he data for the user, sent in the request will be checked. Not just your usernam
e and password, but also the gate through which the user contacted the RADIUS cl
ient will be validated. After validating the information about the user, the RAD
IUS server sends a response to the client, denying access if the information is
not valid, or allowing access to the network otherwise. When the server allows a
ccess, it forwards the response sent from the client, the rights and permissions
relating to the type and level of access allowed to the user in question.
3.4.3.2 Problems with the RADIUS protocol
Some features of the configuration of the RADIUS protocol can be a major problem
for his performance. Especially the choice of an appropriate time for the inter
val between attempts to communication, the RADIUS client and RADIUS server. When
busy, the server simply does not report this condition to the client, leaving i
t to behave the same way for "smart" looking for a pre-established time, retryin
g the communication. Otherwise, if the client repeatedly retransmit its message,
the RADIUS server may become overloaded.
44
45 4 PROJECT CONFIGURATION OF A NETWORK POINT-A-POINT
Tackling will be a solution to this session connections wireless point-to-peer (
Ad Hoc model). As we saw earlier, this type of structure does not use an access
point. Therefore, in this case, you must configure a client to assume the initia
l part of the responsibilities of an access point, such as issuing warning messa
ges (beacons) the name of the ad hoc network to other clients of the wireless ne
twork.
4.1
MATERIAL USED
1. Desktop with Windows XP SP2. 2. Notebook with Windows XP SP2. 3. Wireless USB
Adapter. 4. PCMCIA Wireless Adapter.
4.2
CLIENT'S INITIAL SETUP
As written previously, will require that the client do the initial role of the a
ccess point. In this case, our initial client will be the desktop. For this we u
se the Wireless USB adapter. After the adapter is installed, the icon of Figure
9 will automatically appear at the bottom of the screen beside the clock.
Figure 9 - Icon adapter installed.
46 Then, the icon will access the option: "Open Network Connections." A window w
ill appear with all network connections on your computer. After this, go to "Pro
perties" option of the connection on the wireless card. Figure 10 is a represent
ation of this step.
Figure 10 - Representation of the configuration process of the initial client.
Within the configuration properties of the wireless adapter will be made to conf
igure IP addressing peer-to-point as shown in Figure 11. In the "General" tab, s
elect "TCP / IP" and go to "Properties." In the example, the following settings
were used: Address: 192.168.10.1 Mask: 255.255.255.0
47
Figure 11 - Setting the properties of the TCP / IP wireless adapter.
Click the "OK" and back to the Properties window, select the tab "Wireless Netwo
rks", as shown in figure 12. It will now be added the first client.
48
Figure 12 - Tab "Wireless" connection property of the wireless network adapter w
ireless.
Click the Add button. The next window refers to the following settings: • • • •
• • • SSID: Network Name Network Authentication: Open (a) Data Encryption: WEP N
etwork key: password (2222222222222) Confirm network key: repetition of the fiel
d Network key. Uncheck "The key is provided automatically." Check "This is a com
puter-to-computer (ad hoc) are unused wireless access points."
49 The configuration is as shown in figure 13:
Figure 13 - Representation of the client configuration of the network point-to-p
oint.
4.3
ADDING A NETWORK CUSTOMERS
Once the initial configuration of the client, we will now add another client to
a wireless network. Will be added to the notebook using the wireless PCMCIA adap
ter. First will set the network adapter to a second client the same IP network f
rom the desktop. The process is the same, the icon next to the clock click on "O
pen Network Connections." Figure 14 demonstrates the process.
50
Figure 14 - Representation of the case: "Open Network Connections."
In the Properties interface wireless access settings of TCP / IP. They should st
ay this way,€according to Figure 15: IP Address: 192.168.10.2 Mask: 255.255.255.
0. Gateway: 192.168.10.1 DNS: 200.204.0.10 (DNS of an ISP any).
Figure 15 - Setting the properties of the TCP / IP.
51 Pressing 'OK, back to the previous window select the tab "Wireless Networks".
Now to add the second client network, as shown in Figure 16.
Figure 16 - Tab 'Wireless Networks' ownership of the wireless network connection
.
By clicking the Add button, a window opens next regards the client settings must
be equal to the first client. Confirm and presto, the connection will be done a
utomatically. Right on the icon next to the clock you can access the "View Avail
able Wireless Networks." There is listed the ad hoc network we just created, as
shown in Figure 17.
52
Figure 17 - Client ready to be connected to the ad hoc network.
53
5
CONCLUSION
Wireless networks in recent years have gained ground in the market for local are
a networks, bringing mobility, agility and confidence. The trend is that wireles
s local area networks, will grow even more, providing greater speed in data tran
smission and greater security for those who use it. This thesis presented the te
chnology of wireless local area networks, specifically the 802.11 standard and i
ts sides. Since its creation, great advances have been made. However, as we have
a wireless network is not completely reliable because it is not immune to attac
k by malicious persons. It was also possible to present a project on setting up
a wireless point-to-point, where lay people can come into contact both in knowle
dge of technology and in its use.
54
REFERENCES
Tanenbaum, Andrew S. Computer Networks: Translation of the Third Edition. 3rd ed
. Rio de Janeiro: Campus, 1997.
SOARES, Luiz Fernando Gomes; LEMOS, Guido; Bedspreads, Sérgio.Redes Computer: Fr
om LANs, WANs and MANs to ATM networks. 2. ed. Rio de Janeiro: Campus, 1995.
AMARAL, Bruno Marques. Wireless Network Security. Available at: <http://cbpfinde
x.cbpf.br/publication_pdfs/nt00204.2006_01_30_22_51_07.pdf>. Accessed 16 nov. 20
06.
DUNCAN, Isabella Baker. Modeling and Analysis of IEEE 802.11 protocol. Federal U
niversity of Rio de Janeiro. Rio de Janeiro - RJ. June 2006. Available at <http:
//www.land.ufrj.br/laboratory/repository/upfiles/mastersthesis/dissertacao_isabe
la. Pdf>. Accessed 20 nov. 2006.
PINHEIRO, José Mauricio dos Santos. Issues for Building a Secure Wireless Networ
k. Available at: <http://www.projetoderedes.com.br>. Accessed 22 nov. 2006.
55
SCHWEITZER, Christiane; Sakuragui, Ron R. CARVALHO, Tereza Cristina Venturini, Y
eda Regina. TECHNOLOGIES FOR WIRELESS NETWORKS: WPANs, WLANs And WMANs. Universi
ty of São Paulo. PCS-LARC. São Paulo - SP. Available at: <http://www.linorg.cirp
.usp.br/SSI/SSI2005/Microcursos/MC04.pdf>. Accessed 21 nov. 2006.
SILVA, J. Adailton S. The Wireless Network Technologies. Available at: <http://w
ww.rnp.br/newsgen/9805/wireless.html>. Accessed on 01 dec. 2006.
Tocchetto, Philip. Setting up an Ad-Hoc wireless connection in Windows XP Availa
ble at: <http://www.rnp.br/newsgen/9805/wireless.html>. Accessed on 01 dec. 2006
.