Wireless Fidelity

SEMINAR REPORT ON

Guided By: Developed By:

Mr. DISHANT SONI
CHIRAG.H.PATEL

SUBMITTED TO:
Dept. of INEORMATION TECHNOLOGY
Sankalchand Patel College Of Engineering.
Visnagar-384315.

[1 ]
 Wireless Fidelity

SANKALCHAND PATEL COLLEGE

OF ENGINEERING,
VISNAGAR-384 315.

This is to certify that CHIRAG PATEL is the

student of B.E. Semester III Information
Technology has satisfactorily completed his
project work titled “Wireless Fidelity“
under the subject IT and it’s Impact on
Society (ITTS) and submitted his project
report on time by the term ending in
Nov/Dec-2006.

Name Roll No
CHIRAG.H.PATEL 21

Date of Submission: Project Guide: Head of Dept.

(I.T.):

[2 ]
 Wireless Fidelity

ACKNOWLEDGEMENTS

I am very thankful to our lecturer Mr.Dishant

Soni for his throughout guidance in the subject
“Information Technology” and it’s Impact on
Society”.

I am also very thankful to our librarian for

providing all the related study materials and
references, which were a must in this project
report.

Also I am thankful to our seniors who had given

a lot of help and guidance to us.

[3 ]
 Wireless Fidelity

ABSTRACT

WiFi (short for "wireless fidelity") is a term for certain types of wireless
local area network (WLAN) that use specifications in the 802.11 family.
The term Wi-Fi was created by an organization called the Wi-Fi
Alliance, which oversees tests that certify product interoperability. A
product that passes the alliance tests is given the label "Wi-Fi certified"
(a registered trademark).

Originally, Wi-Fi certification was applicable only to products using the

802.11b standard. Today, Wi-Fi can apply to products that use any
802.11 standard. The 802.11 specifications are part of an evolving set
of wireless network standards known as the 802.11 families. The
particular specification under which a Wi-Fi network operates is called
the "flavor" of the network. Wi-Fi has gained acceptance in many
businesses, agencies, schools, and homes as an alternative to a wired
LAN. Many airports, hotels, Unless adequately protected, a Wi-Fi
network can be susceptible to access by unauthorized users who use
the access as a free Internet connection. The activity of locating and
exploiting security-exposed wireless LANs is called war driving. An
identifying iconography, called war chalking, has evolved. Any entity
that has a wireless LAN should use security safeguards such as the
Wired Equivalent Privacy (WEP) encryption standard, the more recent
Wi-Fi Protected Access (WPA), Internet Protocol Security (IPsec), or a
virtual private network (VPN).

and fast-food facilities offer public access to Wi-Fi networks. These

locations are known as hot spots. Many charge a daily or hourly rate
for access, but some are free. An interconnected area of hot spots and
network access points is known as a hot zone.

[4 ]
 Wireless Fidelity

INDEX

 INTRODUCTION

 THE ROOTS OF WIRELESS

 THE EQUIPMENTS REQUIRED IN 802.11

 THE 802 STANDARD AND THE IEEE

 THE OPEN SYSTEM INTRCONNECTION (OSI) MODEL

 PROPRIETARY ENHANCEMENTS

 SECURITY ENHANCEMENTS

 WIRELESS TANSMISSION ENHANCEMENTS

 WIRELESS IN THE 21ST CENTURY

 ADDITIONAL 802.11 STANDARDS

 ADVANTAGES OF Wi-Fi

 DISADVANTAGES OF Wi-Fi

 CONCLUSION

[5 ]
 Wireless Fidelity

INTRODUCTION

While the focus of this paper is designed around the more casual or
non-technical computer or network user, many of the terms contained
within can still provide a degree of technical confusion. A glossary of
the terms as well as recommended reading list has been provided at
the end of the document to assist the reader in deciphering the more
cryptic acronyms and terminology contained within this text.

The idea of sitting comfortably in a lounge chair by the pool while

surfing the latest news or browsing through email on your laptop is an
appealing one. It is motivation enough for virtually any technophile or
computer enthusiast to make the leap in the wireless networking world
of 802.11 commonly referred to as Wireless Fidelity or simply WiFi for
short. The proliferation of networking across the American landscape
continues to grow at an astounding rate. According to PC magazine
approximately 9.5 million American households are currently equipped
with PC-based data networks an estimated 40 percent are wireless in
nature. Numbers such as these indicate a veritable wireless explosion
when one considers that the market has only been accessible to the
general public for several years.

Retailers across the country continue to load up their shelves with

seemingly endless stockpiles of wireless networking equipment. Tech
stores are buying large quantities such as routers, hubs, residential
gateway and wireless network cards to fulfill the consumer demand.
However, a degree of confusion still lingers in the air as to the exact
nature of the wireless network protocol cryptically named 802.11 by
the Institute of Electrical and Electronic Engineers (IEEE for short.)
The goal of this document is to expose and educate the average user
and curious professional as to the historical background of wireless

[6 ]
 Wireless Fidelity
technology, as well as its current implementations and potential in
both the public and private markets.

THE ROOTS OF WIRELESS

It wasn’t until around the early nineteen eighties that the IEEE made
its first true foray into networking in general with its
information of an official 802 “working group” for general
networking. A working group is a collection of researchers,
academics, and industry professionals who work towards
development of an industry and its subsequent approval by the
IEEE members. After almost ten years of refinement the IEEE
finally approved its 802 network standard protocol and set the
stage for the latter development of wireless networking.

Wireless networking in its most basic form has surprisingly been

around for quiet sometime, a little over 30 years to be exact.
Its roots come from a small academic experiment in the warm
waters of the Pacific by researchers at the University of Hawaii
in their attempts to find an effective means to share data
between universities sites on 4 separate islands. The result of
their labor was ALOHANET; the granddaddy of the IEEE 802.11
standard and ultimately wireless networking itself. While
ALOAHNET was little more than a mess of confusing networks
and computers, it still managed to successfully achieve its goal
of wireless data transmission at a then impressive rate of 1-
2Mbps. From here, wireless technology continued to evolve and
refine itself through various experiments and revision into the
802.11 standard, which has so captivated the global technology
market today.

1. What is wireless networking?

The term wireless networking refers to technology that enables two or

more computers to communicate using standard network protocols,
but without network cabling. Strictly speaking, any technology that
does this could be called wireless networking. The current buzzword
however generally refers to wireless LANs. This technology, fuelled by
the emergence of cross-vendor industry standards such as IEEE
[7 ]
 Wireless Fidelity
802.11, has produced a number of affordable wireless solutions that
are growing in popularity with business and schools as well as
sophisticated applications where network wiring is impossible, such as
in warehousing or point-of-sale handheld equipment.

2. What is a wireless network made up of?

There are two kinds of wireless networks:

 An ad-hoc, or peer-to-peer wireless network consists of a

number of computers each equipped with a wireless
networking interface card. Each computer can
communicate directly with all of the other wireless enabled
computers. They can share files and printers this way, but
may not be able to access wired LAN resources, unless one
of the computers acts as a bridge to the wired LAN using
special software. (This is called "bridging")

Figure-1: Ad-Hoc or Peer-to Peer Networking.

Each computer with a wireless interface can communicate directly with
all of the others.

 A wireless network can also use an access point, or base

station. In this type of network the access point acts like a
hub, providing connectivity for the wireless computers. It
can connect (or "bridge") the wireless LAN to a wired LAN,
allowing wireless computer access to LAN resources, such
as file servers or existing Internet Connectivity.

There are two types of access points:

Dedicated hardware access points (HAP) such as Lucent's WaveLAN,

Apple's Airport Base Station or WebGear's AviatorPRO. (See Figure 2).
Hardware access points offer comprehensive support of most wireless

[8 ]
 Wireless Fidelity
features, but check your requirements carefully. Figure 2: Hardware
Access Point.
Wireless connected computers using a Hardware Access Point.

Figure-2.Software Access Points that run on a computer equipped

with a wireless network interface card as used in an ad-hoc or peer-to-
peer wireless network. (See Figure 3) The Vicomsoft InterGate suites
are software routers that can be used as a basic Software Access
Point, and include features not commonly found in hardware solutions,
such as Direct PPPoE support and extensive configuration flexibility,
but may not offer the full range of wireless features defined in the
802.11 standard.

With appropriate networking software support, users on the wireless

LAN can share files and printers located on the wired LAN and vice
versa. Vicomsoft's solutions support file sharing using TCP/IP.

Figure-3: Software Access Point.

Wireless connected computers using a Software Access Point.

[9 ]
 Wireless Fidelity

THE EQUIPMENTS REQUIRED IN 802.11

MINI PC MODULE USB ADAPTRORS

PC CARDS PCI AND ISA BUS

[10 ]
 Wireless Fidelity

GATEWAY AND ACCESS POINTS

THE 802 STANDARD AND THE IEEE

If any one technical organization stands tall above the rest, it is the
IEEE. It is this body of academics and technology professionals who
help to carve the path through the often precarious and cumbersome
world of emerging high technology. The men and women of the IEEE
have been instrumental in helping to adopt and refine protocol and
operational standards for the countless forms of the computer and
communication technology. Typically they achieve such a great results
by forming working groups, whose sole mission is to resolve a
particular standard issue. Culminating almost ten years of discussion
and deliberation the IEEE finally adopted the 802 standards as their
official ground level networking standard in1990. From there on 802
continued to grow and develop into various standard specifications
such as the 802.3 for Ethernet networking in 1997.

After its initial validation by the IEEE, the 802.11 wireless networking
standards quietly exploded onto the market in many different
capacities, catching many IT departments by surprise. Over the last
couple years,802.11 standard itself has begun to see various
[11 ]
 Wireless Fidelity
incremental enhancements and adaptations to the protocol as it grows
to meet the industry’s needs. Subgroups have begun to spring up,
each trying to cope with a different facet or improvement to the
original standard. Such revisions include 802.11a, 802.11b and
802.11g to name just few of the major enhancements and revisions.
Each of these 802.11 refinements will be discussed in further technical
detail regarding protocol transmission elements and functionality.

THE OPEN SYSTEM INTERCONNECTION

(OSI) MODEL

In order to fully understand the basic networking architecture, which

underlies the fundamental IEEE 802 networking standard and its sub
sequential variations such as 802.3 Ethernet and 802.11 wirelesses,
one needs to take a brief look at the open systems interconnection (or
OSI) model. The OSI is an incredibly useful and sophisticated tool to
better understand the complex interactions that occur within a network
and its clients. The OSI outlines the way network control is passed
between 7 unique protocol layers. Each of these layers is responsible
for the handing and relating information and data transmission
between the user at one end the basic physical link, and everything in
between. While it is not important to absorb the more technical
components of the OSI model for the average network enthusiast or
basic user, it is necessary to achieve a basic understanding of the
components involved with any type of network data transmission and
interaction.

[12 ]
 Wireless Fidelity
Layer 1. Physical This is the initial layer of the OSI model. It works
at a bit stream or binary level. Its focus is the electrical impulses and
radio signals which pass through and within the actual physical
network structure it self at the electrical and mechanical layer. It
specifically deals with hardware issues regarding the transmission and
reception of the data on a carrier. Components involved with this layer
include cables, network cards, and all other physical aspects of the
network at hand.

Layer 2. Data Link The data link layer is responsible for the packet
handling specifically regarding bit level packet encoding and decoding.
Layer 2 also deals with transmission protocol knowledge and aspects
of error checking regarding the physical layer. Additionally the data
link layer is divided into sub layers, the Media Access Layer (MAC)
layer which controls access and permission restriction to the date
traveling on the layer and the Logical Link Control layer which is
responsible for the frame synchronization, flow control and error
checking.

Layer 3. Network This layer is responsible for the direction and

movement of the data within the network. Data technologies such as
switching and routing come heavily into play on layer 3. The network
layer ensures the creation and maintenance of logical paths where the
data flows when traveling from node to node. During these
transmissions the network layer also acts as a control layer to ensure
proper addressing, error handling, congestion control, and packet
sequencing.

Layer 4. Transport The primary duty of layer 4 is to ensure

complete and effective data movement between end systems and
hosts. In addition it monitors to ensure proper end-to-end error
recovery as well as data transport flow control.

Layer 5. Session The session layer is responsible for the

management and coordination of connections between different
applications interacting with the network and its data. Its
responsibilities include the establishment and termination of network
application connections as well as conversations, data exchanges, and
various dialogues at each end of the connection. Its primary duty is
the effective coordination of activities between applications using the
data within the network.

Layer 6. Presentation It is largely responsible for accurate display of

incoming and outgoing data. Its duties include handling encryption
matters as well as network formatting. Layer 6 also involves the
effective translation of application into network data and vice versa.

[13 ]
 Wireless Fidelity
Essentially the presentation layer works to maintain effective
compatibility and syntax between the network and the applications
with which it interacts.

Layer 7. Application The primary responsibility of the upper

application layer is support for end user processes. Layer 7 works to
accurately identify communication partners, address issues of quality
of service (QOS) as well as issues of user identification and
authorization, specifically regarding issues of privacy and security. The
application layer provides for file transfer, email, and various other
network services such as Telnet and FTP.

802.11 BASICS

802.11: The Foundation

Overview: The original wireless standard as defined by the IEEE in
1997 was specified regarding both the aforementioned physical and
link layers of the OSI model. 802.11 is the basic wireless technology
standard upon which all variations are based.

Operating Frequency:

Area Frequency Range

US 2.4000-204835Ghz
Europe 2.4000-2.4845Ghz
Japan 2.471-2.479Ghz
France 2.4465-2.4835Ghz
Spain 2.445-2.475Ghz

Transfer Rate: 1, 2Mbps

Mechanism: Direct Sequence Spread Spectrum (DSSS)
Frequency Hopped Spread Spectrum (FHSS)

After several years of hard work, deliberation, refinement and

frustration the IEEE finally agreed upon and ratified the 802.11
wireless standard in June of 1997. The 802.11 standard defined the
physical layer and medium access control layer (MAC) with a functional
operating frequency on the unlicensed 2.4Ghz Industrial Scientific and
Medical band (ISM) radio frequency. It operates with available data
transfer rates of 1 megabits per second (commonly abbreviated Mbps)

[14 ]
 Wireless Fidelity
and 2 Mbps. While enthusiasm ran high about the prospects of wireless
networking, people were needless to say less than thrilled with the
relatively dismal transfer rates. This was particularly apparent when
faced with traditional 802.3-wired Ethernet networks supporting two
fast wired networks protocols of 10-Base-T (10Mbps) and 100-Base-T
(100Mbps) at considerably lower implementation costs.

802.11 Also employed two very distinct variations on the physical layer
regarding the mechanism of radio transmission; Direct Sequence
Spectrum (DSSS) and Frequency hopped Spread Spectrum (FHSS)
regulations (FCC 15.247) for operation on the 2.4Ghz ISM band. While
each mechanism allows for 1-2Mbps of data transmission, FCC
regulations stipulate FHSS be limited to speeds no greater than 2Mbps.
As a result standards such as 802.11b and other high-speed variations
by default may not use FHSS. Needless to say FHSS radio transmission
experienced a relatively short life span in the world or WiFi.

Despite the initial success of the IEEE establishment of 802.11 as the

definitive wireless network transmission standard, the group of
immediately set about to create several other “working groups” to
address the need and demand for higher speed 802.11 standard
transmission protocols. This spawned the creation of the 802.11a and
802.11b (also called “802.11 High Rate”) working groups. Work began
immediately within these two groups and finally in the fall of 1999 the
IEEE was once again proud to announce their successful adoption and
amendment of the 802.11b wireless standard.

THE BIG THREE: 802.11A, 802.11B, 802.11G

Considering the world of 802,11 WiFi networking is still very much in

its infancy, three IEEE protocol standards have already poised
themselves at the center of the major technological whirlwind resulting
in constant technical revision and adjustment. Many of the following
specifications are approximate, particularly regarding aspects of WiFi
transfer rates and operating ranges. The nature of wireless networking
communication is inherently subject to various environmental and
situational factors that are able to greatly improve or impede its
relative performance at any given moment. Signal interference,
geographical location, and even atmospheric conditions such as
relative humidity and barometric pressure can dramatically alter the
performance of any 802.11x transmission.

802.11b: A Great Leap Forward

[15 ]
 Wireless Fidelity
Overview: The first major revision of the basic 802.11 standards to
be approved and ratified by the IEEE in 1999. Heralded as a major
leap forward in WiFi technology both in regards to ease of use,
implementation flexibility and relative cost.

Operating Frequency: 2.4GHz ISM

Transfer Rate (theoretical): 1,2,5.5,11 Mbps
Transfer Rate (throughput): 4 Mbps
Mechanism: Direct Sequence Spread Spectrum
(DSSS)
Channels Available: 11 (3 non-overlapping)
Maximum Range: 175ft. (average)

Regarding its predecessor the 802.11 wireless network standard,

802.11b still functions on the unlicensed 2.4GHz radio frequency (RF)
band as well as in infrared (IR). Enhancements include a greatly
increased transfer rate of 5.5 – 11Mbps and improved range. When
considering transfer rates it is important to realize that the
aforementioned transfer rate is purely a “theoretical” transfer speed as
expressed under optimal network and environmental conditions. The
more realistic transfer “throughput” of 11b is typically in the
neighborhood of 4-5 Mbps.

The 802.11 transmission standard represents a radical leap forward in

wireless networking technology. Although still relatively expensive to
utilize after its inception in 1999 an average user can currently expect
to find a complete wireless network interface card (NIC) for under
$200. The transmission speeds of the 11b standard effectively rival
those of more traditional 10-base-T 10Mbps wired LAN’S. However
there are les physical limitations or the hassle of punching holes in the
wall and ceilings and dealing with the proverbial “rat’s nest” of wires.
These issues make 11b very appealing and are helping fuel the
wireless network explosion.
802.11b is currently seen as the best functional and practical
alternative to wired networking by many users. Cheap implementation
cost coupled with relatively low learning curve for installation has
helped to make it the favorite for home and small office networks.
With proper planning and a little luck it is not uncommon to
successfully implement a home or small office network covering an
area of approximately 2500square feet with simply one access point
and several WiFi NIC’s. Benefits such as these have helped to make
the 11b standard a very popular choice regarding its relatively low cost
and simple installation.

Cost Benefit Analysis: While the benefits of 11b are in its cost and
range, it does struggle with some rather serious limitations. One

[16 ]
 Wireless Fidelity
glaring problem with 11b is its operation on 2.4GHz spectrum. Due to
its lack of FCC licensing restrictions, the 2.4GHz band has become
overcrowded. Wireless data transmissions utilizing 11b can suffer
severe signal impairment from devices such as microwave ovens,
cordless telephones and Bluetooth devices, which also make use of the
2.4GHz band.

Organizations who choose to use 11b may find themselves quickly

running out of bandwidth if any single access point must cater to more
than 4 users at a time. With a typical average throughput of
approximately 4-5Mbps, 4 users would have relatively low margin of
available bandwidth. Transfer rates such as these may not be much of
a problem for a family connection used predominately for web surfing.
However, a small office with large files to move between machines
may discover a very serious bottleneck. In situations such as these
users may find themselves forced to add more 11b access points to
decrease their relative load. Adding more access points may seem like
rather simple task. However, that becomes exceedingly more difficult
when there are only three usable channels (1,6, and 11) which do not
overlap. The job of configuring multiple access points under the
protocol and avoiding channel overlap can give even the most
technically savvy user a difficult time at best. The 802.11b standard is
a very fine choice for small home or office networks and provides a
substantial degree of signal range at a very affordable cost. For those
looking for more speed and flexibility the IEEE has recently introduced a
second addition to the 802 family; 11a.

802.11a: Faster and Faster

Overview: The second major revision of the basic 802.11 standard to
be approved and ratified by the IEEE in late 2001.While the “working
group” for 802.11a was technically started before 802.11b, its
objective was considerably more difficult and resulted in its later
rectification date. 802.11a represents a significant increase in transfer
rates with a maximum theoretical speed of 54Mbps; almost five times
that of 802.11b.

Operating Frequency: 5.8GHz Unlicensed National Information

Infrastructure (UNII)
Transfer Rate (theoretical): up to 54Mbps
Transfer Rate (throughput): 20-30(approximate average)
Mechanism: Orthogonal Frequency Division Multiplexing (OFDM)
Channels Available: 12(allnon-overlapping)
Maximum Range: 80ft(average)

While 802.11b still has much of its in the original 802.11 standard by
the IEEE, 11a represents a rather dramatic technological shift into new

[17 ]
 Wireless Fidelity
territory. Not only is 11a fundamentally different regarding its use of
the physical layer, but also in its use of
Orthogonal Frequency Division Multiplexing (OFDM) as a transfer
mechanism. The greatest advancement regarding 11a is its incredibly
fast data transfer rate. While its theoretical maximum transfer is
54Mbps, user can only expect to achieve higher speed if their client is
within 60 feet of the access point with a relatively unobstructed path.
Typical users can expect an effective transfer range of 20 – 36Mbps in
a traditional office setting with proper access point placement. Due to
its utilization of the 5Ghz frequency range regarding its physical layer,
the issue of interface from other devices is virtually non-existent at
this time. This is a major advantage gained by 11a when compared to
11b, which is incredibly susceptible to all sorts of interface.

Cost Benefit Analysis: While 802.11a is able to achieve tremendous

transfer speeds, it sacrifices available range as a result. Whereas many
wireless networks utilizing 11b can often succeed at effectively
transferring data from upwards of 300 feet away (given optimal
conditions), 11a will often find extreme signal degradation with as little
as 100 feet or less if there is not direct line of sight. Users who choose
t rely upon 11a will most likely be pleasantly satisfied by its vastly
improved speed. Organizations may find its implementation costly due
to the need for larger number of access points necessary to cover a
similar area. Implementing an 11a installation regarding configuration
and access point placements is typically easier than 11b installation
regarding configuration and access point placement is typically easier
than 11b due to the availability of 12 separate non-overlapping
channels for use in network configuration.

Another limitation also lays within 11a’s lack of backwards

compatibility with existing 11b network, or scrapping it all and starting
from scratch with a newer more expensive 11a installation.

Despite its limitations the 802.11a standard provides a very clear

advantage for users who require or demand higher speeds regardless
of the cost. For the same casual user who is less concerned with file
transfer and data rates 11a may be less than optimal choice.
Fortunately the hard working folks over at the IEEE are on top of just
such concerns; enter 802.11g.

802.11g: New Guy on the Block

Overview: 802.11g is the current IEEE standard in question. As of the
writing of this paper, it still has yet to be formally approved and
ratified by members of the IEEE. 11g find itself in a rather unique
position as it has similarities and ties to both 11b and 11a.

[18 ]
 Wireless Fidelity
Operating Frequency: 2.4GHz
Transfer Rate (theoretical): 5.4Mbps
Transfer Rate (throughput): 20-30(average)
Mechanism: Complementary Code Keying (CCK), OFDM
Channels Available: 3(1,6,11)
Maximum Range: 175ft(average)

802.11g shares on operating frequency with 11b in the 2.4GHz range

and utilizes 11b’s complementary code key CCK to ensure backwards
compatibility with all 802.11g competes with 11a regarding its
maximum speed with a theoretical maximum at 54Mbps and an
average throughput similar to that of 11a. This makes good sense as
11g borrows 11a’s OFDM technology in achieving its speed while still
functioning in the 2.4 GHz frequency range. 11g find itself currently
poised in a very unique position on several different grounds.

Cost Benefit Analysis:

One of the biggest advantages of 11g is obviously its tremendously
fast speed when compared to the transfer rates found in 11b network
installations. It also benefits from achieving such speeds with a
relatively substantial range Currently it is unclear whether or not 11g
will be able to effectively maintain significantly higher transfer rates
toward the end of its range. Various lab tests indicate that it may be
highly susceptible to severe signal degradation when pushed towards
its physical distance limitation. Consequently other institutions have
shown it to be surprisingly stable regarding throughput even at
distance. It is in this capacity that 11g suffers when compared to 11a
that is able to maintain a considerably higher throughput even when
pushed very close to its maximum range. 11g is also plagued with the
issue of severe interference (particularly when at distances over 100ft)
as it functions along with 11b on the overcrowded 2.4GHz band.

Despite its potential problems regarding interface 11g does provide for
some very enticing benefits to a wide variety of potential customers
and users. One of 11g’s biggest assets lays within its backward
compatibility with existing 11b WiFi networks. This is an obvious plus
as it allows for preexisting systems to be easily integrated and updated
with the faster 11g without having a scrap expensive and useful 11b
access points and wireless NIC’s. In addition to a high degree of
intersystem compatibility 11g is also a relatively cheap alternative to
the currently more expensive 11a. At the time of this publication the
average user can find 11g access points and wireless NIC’s for only
$10 or $15 dollars above that of 11b equipment. As a result 11g find
itself as a very cost effective high-speed alternative to 11a.

[19 ]
 Wireless Fidelity
While the positive aspects of the 11g standard are quiet obvious, one
additional problem is that the IEEE has not formally ratified it as an
official standard. While such accreditation is unquestionably coming
soon, companies and individual users alike still risk the potential of
owing current 11g wireless equipment, which has the distinct
possibility of incompatibility with an impending standard. While the
802.11g WiFi network protocol will unquestionably find a very healthy
niche in the wireless market
Its yet uncertain future may discourage large installations. For the
small home or office looking for a cost effective high-speed wireless
alternative, 11g may be the perfect answer.

PROPRIETARY ENHANCEMENTS

Organizations such as IEEE are absolutely invaluable when it comes to

the effective and thorough design, analysis, and implementation of
standards and protocols such as 802.11. However their creative
wheels often turn much slower than the market would desire. Often
exceedingly slow. Unfortunately the IEEE is no stranger to the
seemingly innumerable review committee’s, vote’s and technical
assessments which must occur before the approval of something as
advanced as a wireless standard such as 802.11x (the entire 802
standard took the better part of a decade). As a result of such a
tedious process numerous software and hardware vendors such as
Cisco, Linksys, D-link, Orinoco, and SNC just to name a few, have
taken it all upon themselves to help grease the proverbial market
wheels. They have done so by producing proprietary or “pre-standard
implementations” designed to help increase the functionality and
efficiency of their 802.11x products without having to wait for the
definitive stamp of approval from the IEEE.

SECURITY ENHANCEMENTS
[20 ]
 Wireless Fidelity
The 802.11 standard provides various mechanisms such as service set
identification (SSID) and wired Equivalent Privacy (WEP) encryption to
enhance security, the level of protection currently provided by wireless
802.11 networks leaves much to be desired, particularly when
transmitting any type of financial data or sensitive information across
the airways. The IEEE in conjunction with various technical groups and
academic institution in hard work reviving and creating newer and
more effective security measures. Companies such as Cisco have
taken initiative and already introduced proprietary protocols of their
own in an attempt to add security within there Networking
components. One such example is Cisco’s recent introduction of their
Light Extensible Authentication Protocol (LEAP) security protection.
LEAP is essentially a port based access control protocol where security
keys change dramatically with every wireless communication session.
LEAP represents a dramatically enhanced security protocol when
compared to well document security shortcomings of the original WEP
encryption, which has shown to be easily compromised by determined
individuals.

Wireless Firewall Gateway

I. Introduction

With the deployment of wireless network access in the workplace, the

requirement for a more enhanced security design emerges. Wireless
technology offers a more accessible means of connectivity but does
not address the security concerns involved with offering this less
restrained service. In order to facilitate management of this network,
maintain a secure network model, and keep a high level of usability, a
multi-functional device to do these tasks must be placed in the
wireless environment.

II Design Objectives

The WFG (Wireless Firewall Gateway) is designed to take on several

different roles in order for the process to be near transparent to the
user. Since the wireless network is considered to be an untrusted
environment, access is restricted in order to limit the amount of
damage that can be inflicted on internal systems and the Internet if an
intruder invokes an attack. This impedes the convenience of the
wireless service to users who wish to access external sites on the
Internet. Since unknown users are difficult to identify and hold

[21 ]
 Wireless Fidelity
accountable for damages, a method of user authentication is needed
to ensure that the user takes responsibility for their actions and can be
tracked for security concerns. A trusted user can then gain access to
services and the commodity Internet from which unauthenticated
users are blocked.

Keeping simplicity in mind, the WFG acts as a router between a

wireless and external network with the ability to dynamically change
firewall filters as users authenticate themselves for authorized access.
It is also a server responsible for handing out IP addresses to users,
running a website in which users can authenticate, and maintaining a
recorded account of who is on the network and when.

Users of the wireless network are only required to have a web browser
if they wish to authenticate and dynamic host configuration (DHCP)
software, which comes standard on most operating systems. Minimal
configuration is required by the user, allowing support for a variety of
computer platforms with no additional software. The idea is to keep
the wireless network as user-friendly as possible while maintaining
security for everyone.

III Internals

Given the multiple functionalities and enhanced security required for

this device, a PC running OpenBSD Unix was chosen with three
interfaces on different networks: wireless, external (gateway), and
internal (management). The following sections elaborate upon the
services that constitute the device's various roles:

Dynamic Host Configuration Protocol (DHCP) Server

DHCP is used to lease out individual IP addresses to anyone who

configures their system to request one. Other vital information such as
subnet mask, default gateway, and name server are also given to the
client at this time. The WFG uses a beta DHCPv3 open-source server
from the Internet Software Consortium with the additional ability to
dynamically remove hosts from the firewall access list when DHCP
releases a lease for any reason (client request, time-out, lease
expiration, and so on). Configuration files for the server are located
in /etc and follow the ISC standard (RFC) format. However, the server
executable is customized and does not follow these standards. If the
server needed to be upgraded, then the source code would need to be
re-customized as well.

[22 ]
 Wireless Fidelity
The DHCP server is configured to only listen on the subnet interface of
the wireless network. This prevents anyone from the wired network to
obtain a wireless IP address from this server. As an added security
measure, packet filters prevent any DHCP requests coming in on any
other interfaces.

IP Filtering

Stateful filtering is accomplished using OpenBSD's IPF software. IP

routing is enabled in the kernel state allowing for the packet filtering to
occur between the wireless and external network interfaces. Static
filters are configured on boot up in the /etc/ipf.rules file and are
designed to minimize remote access to the WFG. Only essential
protocols such as NTP, DNS, DHCP, and ICMP are allowed to reach the
system. This builds a secure foundation for the restricted environment.
For the users who do not require an authenticated session, access is
granted to selected servers for email, VPN, and web. Where applicable,
packet filtering is done at a transport layer - UDP or TCP, to allow for
stateful inspection of the traffic. This adds a higher level of security by
not having to explicitly permit dynamic or private port sessions into
the wireless network.

The same script that authenticates a user over the web also enables
their access to the unrestricted environment. When a user connects to
the web server, their IP address is recorded and upon successful login,
gets pushed to the top of the firewall filter list, permitting all TCP and
UDP connections out of the wireless network for that IP address.

In order to prevent succeeding users from being allowed trusted

access when the IP address is recycled, the in-memory database
software removes the firewall filter permit rule whenever the user's
next lease binding state is set to free, expired, abandoned, released,
or reset. The DHCP server will not issue the same IP address until it
frees the lease of the last client. This helps avoids the security issue of
someone hijacking an IP address that's been authenticated and using
it after the valid user is no longer using the wireless service

Web Authentication

The need for web-based authentication is necessary so that any user

running any platform can gain access to the wireless network. Apache
(open-source) web server is designed to securely handle this task. The
server implements Secure Socket Layer (SSL) for client/server public-
and-private key RSA encryption. Connecting to the web server via
HTTP automatically redirects the client browser to use HTTPS. This
ensures that the username and password entered by a user will not be

[23 ]
 Wireless Fidelity
sent in clear text. To further increase security, the SSL certificate is
signed by Verisign, a trusted Certificate Authority (CA), which assures
that an attacker is not imitating the web server to retrieve a user's
password information.

A website is setup where a user can go to type in their username and

password information. This site displays the standard government
system access warning and shows the IP address of the user's system
(using PHP). Once a user has typed their username and password at
the website where prompted, a Perl/CGI script then communicates
with a Radius server with RSA's MD5 digest encryption to determine if
the information submitted is correct. If the account information
matches what is in the Radius database, then commands to allow their
IP address, obtained through the Apache environment variables, are
added to the IPF access rules. If the user is not found in the Radius
database, or if the password entered is incorrect, a web page stating
"Invalid Username and Password" is displayed to the user. If
everything is successful, the user is notified of their privileged access.

Security

Every step is taken to ensure that a desirable security level is

maintained both on the WFG system and the wireless network while
not hindering functionality and usability. Only hosts connecting from
the wireless network can access the web server. For system
management purposes, Secure Shell (OpenSSH) connections are
permitted from a single, secured host. All other methods of direct
connection are either blocked by the firewall filters or denied access
through the use of application-based TCP wrappers.

User's authentication information is encrypted throughout the process:

SSL encryption with a certificate signed by a trusted CA between the
client's web browser and the server, and MD5 digest encryption
between the web server and the Radius system for account
verification.

Logs are kept for all systems, which gain access to both the restricted
and authorized network. The DHCP server keeps a record of what MAC
address (NIC address) requests an IP address and when it is released,
then passes that information to syslog. Syslog then identifies all
logging information from DHCP and writes it to /var/log/dhcpd.
Additionally, any user who attempts to authenticate via the web

[24 ]
 Wireless Fidelity
interface has their typed username and source IP address logged with
the current time along with whether or not they were successful. When
a lease on an IP address expires and is removed from the firewall
filters, it is noted with the authentication information in
/var/log/wireless. These logs are maintained by the website script and
DHCP server software, not syslog. Combined, it is possible to identify
who is on the network at a given time - either by their userid, or by
their burned-in physical address, for auditing purposes.

With the DHCP server managing the firewall filters, it is possible for a
user to manually enter a static IP address and authenticate, with the
permit rule never being removed. To prevent this, the CGI script reads
in the dhcpd.leases file and determines if the source IP address,
obtained through the environment variable $ENV{'REMOTE_ADDR'},
has an active lease. If no lease is found, or if the lease is expired or
abandoned, authentication is denied.

For an optimal security solution, the use of Virtual Private Networks

(VPN) is recommended. Since implementation of this solution requires
VPN software to be installed and configured on each wireless client, it
is beyond the scope of this white paper.

Wireless Transmission Enhancements:

Companies and researchers continue to make wireless networking
safer and more secure for the average user. Pre-standard
development has also continued to grow regarding the means and
speed by which the actual data is transferred. Companies such Texas
Instruments have also taken the initiative with the development of the
ACX100 MAC / baseband proprietary chipset by adding enhanced
functionality and speed to existing 802.11x standard protocols. By
utilizing technology such as the ACX100 chipset companies such as D-
Link have been able to offer pre-standardized enhanced product lines
such as their Air Plus 802.11b network items. D-Link Air Plus
technology allows for a theoretical doubling of the existing 11Mbps
transfer rate, with real world throughput transfer rates of
approximately 12Mbps (as opposed to the previous 4-5Mbps range
with traditional 11b products). Texas Instruments also claims their
ACX100 chipset allows for an estimated 30% gain in available range in
addition to complete systems integration with existing 802.11b

[25 ]
 Wireless Fidelity
network components. Proprietary enhancements such as these provide
users with enhanced functionality, minimal cost without any significant
deviation or risk taking regarding un-standardized IEEE or industry
protocols.

WIRELESS IN THE 21ST CENTURY

Since the advent of wireless networking in 1997 it has already begun

to firmly establish itself as an impressive technology that is here to
stay. Corporations, government facilities, academic institutions and the
traditional home user have all begun to discover ways that wireless
technology can help to free them from their confines of their homes
and the boundaries of their environment. Since the inception of
widespread internet access information has become more available to
more people than ever before. Through the use of WiFi networking
technology systems will be integrated and conjoined with spectacular
ease. Time spent of paperwork, filing, and various other traditional
tasks will provide users with more time for their pursuits.

The future of wireless technology is only limited by the resourcefulness

and creativity of those who choose to integrate it into their world.
Wireless classrooms can allow students to work more freely and
outside the boundaries of a traditional classroom while still able to
access a world of information. Government and mobile military

[26 ]
 Wireless Fidelity
installations will be able to more effectively manage their personnel
and security communications. Corporations are rapidly switching to
WiFi networks as it not only reduces their intradepartmental
paperwork and workload, but also allows them to serve their
customers and employees in “real-time,” a talent which is virtually
beyond financial compensation. The possibilities with wireless
technologies are limitless and beyond the scope of our current
technological conventions. With only a few years of active utilization
wireless networking has already begun to spread and will most likely
continue to do so with incredible speed.

WiFi in Our World: Wireless technology is no longer confined

within the walls of test facilities and research labs. Organizations and
institutions looking to expand their capabilities and increase their
efficiency are beginning to embrace the wireless wave. In small towns
across America public service is beginning to ride high on the wireless
wave. Organizations such as the Broomfield Police Department in
Colorado have begun to implement 802.11b wireless technology to
help provide their officers with up to the minute information access to
services such as the National Crime Information Center (NCIC) and
their local station. Wireless technology in the fork of access points
interspersed throught the city are helping reduce paper work and data
entry by officers, giving them more “face time” within the communities
in which they serve.

Doctors and nurses at George Washington University Hospital in

Washington DC are able to immediately access patient x-rays online
seconds after they are taken through the use of mobile IPAQ pocket
PC’s. Information turn-around and access time have been virtually
eliminated. Hours of waiting for images, records, and histories are
virtually problems of the past as information is seamlessly transferred
throught the massive complex on a sophisticated invisible network.
Patients are better connected with their care providers, and the
medical staff is immensely more in tune with the needs of their
patient. Mistakes are reduced, information is accurate, and lives are
saved.

Examples such as these are only the beginning of the wireless

movement in both the public and private sector. The world of wireless
is only just beginning to emerge. Its presence is already felt all
around, often without even the slightest indication it is there, floating
silently. While it is a fact that information uncovered is responsibility
found, wireless communication will help to provide us with the tools to
usher in a new era of technological communications and integration.
Many countries have also evolved during this process and are now
leading in this field. The top tem among them are as under:

[27 ]
 Wireless Fidelity

United States - 9190

United Kingdom - 6088
Germany - 2908
France - 1975
Japan - 1894
Canada - 589
Sweden - 417
Denmark - 416
Austria - 309
Hong Kong – 304

ADDITIONAL STANDARDS

While the major players in the world or wireless networking are the
IEEE standards 802.11a, 802.11b, and currently 802.11g, there are
various other standard task and working groups involved with
numerous components or wireless networking. Such standard
developments help to improve the transmission of its data and
promote the effective communication between its systems. The
following are current standards and task groups, which work to
continually enhance and expand the functionality of the overall 802.11
protocol.

802.11c Bridging the Gap

This standard is responsible for helping to ensure effective bridged
connections between access points. Companies and universities often
utilized this standard when attempting to span their networks across
various environments such as building and other widespread
installations requiring bridged communication.

[28 ]
 Wireless Fidelity

802.11d: Global Harmony

After its initial inception, 802.11 had very little to worry about in
regards to stepping on the proverbial electronic feet of others. The
introduction of the 802.11d standard task group has its sights set on
making the widespread proliferation and adoption of 802.11 a globally
pleasant experience. 802.11d is an ongoing standard group which
seeks to further enhance as well as define new PHY requirements that
comply with regulatory standards existent within other countries. This
standard is of particular importance for groups which utilize the 5GHz
band as the use of the frequency differs dramatically from country to
country.

802.11f: Roaming Around

The main function of the 802.11f standards work group is to help
resolve the issue of inter-compatibility between access points from
different vendors. The 802.11 protocol was initially designed without
such specific constraints as to allow for maximum flexibility when
working with different systems. However the rapid proliferation of
diverse wireless networking technology from numerous vendors has
spawned the need for an established standard allowing users to
maximize their mobility. The focus of the 802.11f working group is to
help promote WiFi allowing for enhanced compatibility between various
wireless vendors and their products.

802.11i: Security
After WEP encryption was effectively surpassed in August 2001, the
802.11i work group began to receive more attention, specifically since
its main focus is enhanced wireless security. 802.11i is a two layer
standard group which focuses both on issues concerning 802.1X (not a
part of the 802.11 standard) and network security, as well as a deeper
look into a specific WEP security fix called Temporal Key Integrity
(TKI).

802.11e: Quality Control

802.11e is a standard of increasing importance as the utilization of
wireless transmission of voice and video continues to expand on a
daily basis. Since its inception the 802.11 standard has lacked any
mechanism for the prioritization and organization of wireless network
traffic. The focus of the 802.11e standard work group is to promote
and improve Quality of Service for both audio and video across the
entire 802.11 standard. Its implementation will allow for drawbacks
compatibility with existing wireless LAN’s and should help to drastically
improve the transfer and presentation of such data.

[29 ]
 Wireless Fidelity

ADVANTAGES OF Wi-Fi

 Many reliable and bug-free WiFi products on the market

 Competition amongst vendors has lowered prices considerably
since their inception
 While connected on a WiFi network, it is possible to move about
without breaking the network connection.
 Wi-Fi finds the way when GPS can't

In the concrete canyons of city centres, GPS satellite positioning

systems often fail because high buildings block the signals they rely
on. But an unlikely back up for GPS is emerging: Wi-Fi.

A Wi-Fi based positioning system developed in the US and the UK

works best where GPS fails: in cities and inside cavernous complexes
like shopping malls. And because cheap Wi-Fi technology is already
appearing on a raft of gadgets like PDAs, cellphones and laptops faster
than more expensive GPS receivers are, the developers predict that
Wi-Fi could become central to new location-based applications. They
say emergency services in particular could find the system an essential
back up.

Wi-Fi allows people to connect devices wirelessly to the internet. Base

stations are springing up in coffee bars, libraries, universities, airports,
phone booths and other public places. Each base station broadcasts a
[30 ]
 Wireless Fidelity
radio signal to announce its presence to devices within a range of
around 100 metres. This signal incorporates a unique network address
code that identifies the base station.

Disadvantages of Wi-Fi

 The 802.11b and 802.11g flavors of Wi-Fi use the 2.4 Ghz
spectrum, which is crowded with other devices such as
Bluetooth, microwave ovens, cordless phones, or video sender
devices, among many others. This may cause degradation in
performance. Other devices which use microwave frequencies
such as certain types of cell phones can also cause degradation
in performance.

 Power consumption is fairly high compared to other standards,

making battery life and heat a concern.

 Not always configured properly by user. Commonly uses WEP

(Wired Equivalent Privacy) protocol for protection, though has
been shown to be easily breakable. Newer wireless solutions are
slowly providing support for the superior systems still employ
WEP. WPA (Wi-Fi Protected Access) protocol, though many

[31 ]
 Wireless Fidelity

CONCLUSION
The emerging world of wireless technology is still very much in its
infancy. Innovations occur on a daily basis as researchers and
engineers continue to develop faster, safer and cheaper methods of
wireless communication. From the smallest of home networks, to
largest enterprise installations, WiFi technology offers with it the
promise of a world free of cables and cords. It offers the ability to
move without constriction, to communicate efficiently, to learn faster
and easier. New standards will be created, old standards will die off;
confusion will unquestionably find itself a place in the wireless
marketplace. Fortunately confusion is a byproduct of choice; choice is
a luxury that novices and professionals alike will most certainly have in
the future world of wireless technology. it is the choices of today which
will inevitably help to shape the emerging world of wireless tomorrow.

[32 ]
 Wireless Fidelity

BIBLIOGRAPHY

The reference websites for creating a semi report which were

quite, helpful are

WEBSITE:

 www.weca.net

 www.nlectc.com

 www.Wi-Fi.com

[33 ]