1

Seth Hirachand Mutha College

P IV- Computer Networks
Case Study

Aniket Bhoir
Roll no – 03
SY BSc IT

Date: __/__/__ Sign:________

 2

Objective:
To Study How Wi-Fi Works? & it’s Secure
Applications.
 3

What Is

Wireless Fidelity – popularly known as Wi-Fi, developed on IEEE 802.11

standards, is widely used technology advancement in wireless
communication. As the name indicates, WI-FI provides wireless access to
applications and data across a radio network. WI-FI sets up numerous ways
to build up a connection between the transmitter and the receiver such as
DSSS, FHSS, IR – Infrared and OFDM.

Wi-Fi is a trademark of the Wi-Fi Alliance that manufacturers may use to

brand certified products that belong to a class of wireless local area network
(WLAN) devices based on the IEEE 802.11 standards. 802.11, the most
widely used WLAN technology. Because of the close relationship with the
underlying standards, the term Wi-Fi is often used as a synonym for IEEE
802.11 technology.
 4

Wi-Fi Certification.
Wi-Fi technology builds on IEEE 802.11 standards. The IEEE develops and
publishes these standards, but does not test equipment for compliance with
them. The non-profit Wi-Fi Alliance formed in 1999 to fill this void — to
establish and enforce standards for interoperability and backward
compatibility, and to promote wireless local-area-network technology. As of
2009 the Wi-Fi Alliance consisted of more than 300 companies from around
the world. Manufacturers with membership in the Wi-Fi Alliance, whose
products pass the certification process, gain the right to mark those
products with the Wi-Fi logo.
Specifically, the certification process requires conformance to the IEEE
802.11 radio standards, the WPA and WPA2 security standards, and the EAP
authentication standard. Certification may optionally include tests of IEEE
802.11 draft standards, interaction with cellular-phone technology in
converged devices, and features relating to security set-up, multimedia, and
power-saving.

The Name Wi-Fi.

The term Wi-Fi suggests Wireless Fidelity, resembling the long-established

audio-equipment classification term high fidelity (in use since the 1930s) or
Hi-Fi (used since 1950). Even the Wi-Fi Alliance itself has often used the
phrase Wireless Fidelity in its press releases and documents; the term also
appears in a white paper on Wi-Fi from ITAA. However, based on Phil
Belanger's statement, the term Wi-Fi was never supposed to mean anything
at all.
The term Wi-Fi, first used commercially in August 1999, was coined by a
brand-consulting firm called Interbrand Corporation that the Alliance had
hired to determine a name that was "a little catchier than 'IEEE 802.11b
Direct Sequence'". Belanger also stated that Interbrand invented Wi-Fi as a
play on words with Hi-Fi, and also created the yin-yang-style Wi-Fi logo.
 5

Uses of

Internet Access – A Wi-Fi enabled device such as a personal computer,

video game console, smartphone or digital audio player can connect to the
Internet when within range of a wireless network connected to the Internet.
The coverage of one or more (interconnected) access points — called
hotspots — can comprise an area as small as a few rooms or as large as
many square miles. Coverage in the larger area may depend on a group of
access points with overlapping coverage. Wi-Fi technology has been used in
wireless mesh networks, for example, in London, UK.

A roof-mounted Wi-Fi antenna

In addition to private use in homes and offices, Wi-Fi can provide public
access at Wi-Fi hotspots provided either free-of-charge or to subscribers to
 6

various commercial services. Organizations and businesses - such as those

running airports, hotels and restaurants - often provide free-use hotspots to
attract or assist clients. Enthusiasts or authorities who wish to provide
services or even to promote business in selected areas sometimes provide
free Wi-Fi access. As of 2008 more than 300 metropolitan-wide Wi-Fi (Muni-
Fi) projects had started. As of 2010 the Czech Republic had 1150 Wi-Fi based
wireless Internet service providers.
Routers that incorporate a digital subscriber line modem or a cable modem
and a Wi-Fi access point, often set up in homes and other premises, can
provide Internet access and internetworking to all devices connected
(wirelessly or by cable) to them. With the emergence of MiFi and WiBro (a
portable Wi-Fi router) people can easily create their own Wi-Fi hotspots that
connect to Internet via cellular networks. Now many mobile phones can also
create wireless connections via tethering on iPhone, Android, Symbian, and
WinMo.
One can also connect Wi-Fi devices in ad-hoc mode for client-to-client
connections without a router. Wi-Fi also connects places that would
traditionally not have network access, for example bathrooms, kitchens and
garden sheds.

An outdoor Wi-Fi access point in Minneapolis

 7

City wide Wi-Fi: In the early 2000s, many cities around the world
announced plans for city-wide Wi-Fi networks. This proved to be much more
difficult than their promoters initially envisioned with the result that most of
these projects were either canceled or placed on indefinite hold. A few were
successful, for example in 2005, Sunnyvale, California became the first city in
the United States to offer city-wide free Wi-Fi.
In May, 2010, London, UK Mayor Boris Johnson pledged London-wide Wi-Fi
by 2012. Both the City of London, UK and Islingto already have extensive
outdoor Wi-Fi coverage

Campus-wide Wi-Fi - Carnegie Mellon University built the first wireless

Internet network in the world at their Pittsburgh campus in 1994, long
before Wi-Fi branding originated in 1999. Most campuses now have wireless
Internet.

An outdoor Wi-Fi access point in Toronto

Direct computer-to-computer communications -

Wi-Fi also allows communications directly from one computer to another
without the involvement of an access point. This is called the ad-hoc mode
of Wi-Fi transmission. This wireless ad-hoc network mode has proven
popular with multiplayer handheld game consoles, such as the Nintendo DS,
digital cameras, and other consumer electronics devices.
Similarly, the Wi-Fi Alliance promotes a pending specification called Wi-Fi
Direct for file transfers and media sharing through a new discovery- and
security-methodology.
 8

Interactive TV
Wi-Fi’s Interactive TV content is rich in graphic and are uniquely designed to
suite viewers locally. Games are enabled by a high-end broadcast quality
production platform and are tested by our skilled team of broadcasting
technicians. We also make certain that our clients are always upfront in this
swiftly developing market, by leveraging the most up-to-date and most
advanced technology in the market
1) Flexible and powerful content management system for moderation
and processing of viewer feedback.

2) Modular architecture with web GUI for monitoring the interactive

services.

3) Supports various interactive platforms like IVR, WAP, WEB, SMS,

and MMS.

4) Customized GUI Interface for all Interactive Services.

5) 2D and 3D real-time high-performance and high-quality graphics.

6) Supports multiple output formats: SD digital video (PAL and NTSC

in 4:3 and 16:9 ratios), HD digital video.

Interactive TV SMS Version

 9

Wi-Fi Phone: A Wi-Fi cell phone (also called a cellular-Internet phone or

cell-Internet phone) is a cellular telephone that can automatically switch
between conventional cellular and Wi-Fi VoIP modes, even during the
course of a conversation. A Wi-Fi LAN acts, in effect, as a cellular repeater
for such a phone.
Wi-Fi cell phones are designed to prevent a phenomenon called drop-out
that occurs when a cell phone set cannot maintain reliable contact with a
repeater. Drop-out is a problem in dense urban areas and in concrete- and -
steel buildings, which can block the radio-frequency (RF) signals between
cell phone sets and outdoor repeaters. If a cell phone set is near the limit of
a given repeater's range and the user walks from outdoors to indoors, loss
of contact (a dropped call) can result.
With a Wi-Fi cell phone set, if the building has Wi-Fi access, the call is
handed off from the conventional cellular network to the Wi-Fi LAN, taking
advantage of VoIP technology to maintain the call without drop-out.
Conversely, a Wi-Fi VoIP-based conversation taking place indoors, or within
a Wi-Fi hotspot, can seamlessly transfer to the conventional cellular network
if the user wanders out of range of the hotspot during the call.

Future directions - As of 2010 Wi-Fi technology has spread widely within

business and industrial sites. In business environments, just like other
environments, increasing the number of Wi-Fi access points provides
network redundancy, support for fast roaming and increased overall
network-capacity by using more channels or by defining smaller cells. Wi-Fi
enables wireless voice-applications (VoWLAN or WVOIP). Over the years,
Wi-Fi implementations have moved toward "thin" access points, with more
of the network intelligence housed in a centralized network appliance,
relegating individual access points to the role of "dumb" transceivers.
Outdoor applications may utilize mesh topologies.
 10

Why

?
Introduction:
Wi-Fi, or Wireless Fidelity, is a technology standard developed in 1997 by
the Institute of Electrical and Electronics Engineers (IEEE). Wi-Fi is all about
high speed wireless internet access. In today’s scenario, workers typically
move about a lot and need to operate from several stations other than their
office cabin. As gadgets like laptops and PDAs were developed to meet this
need, it was also necessary to develop wireless internet technologies to
enhance their function. This is where Wi-Fi comes in.

Wi-Fi is fast
Wi-Fi typically offers much faster internet access than cable and DSL
connections, a definite advantage for businesses. The high speed is also
useful when you’re on the move. There is a promise of enhanced
productivity here.

Wi-Fi is Convenient
You can access internet from your Wi-Fi enabled device from wherever you
are, as long as you are within range of a base station or source. Thus the
workers can move about with their gadgets from their cabin down the
corridor to the conference room all without losing connection. You can also
access your company’s network from your own laptop or PDA, even when
you are in another place, like a business associate’s office, a hotel or
convention center, as long as this place has a Wi-Fi network.
 11

It is also faster and more cost effective for the company to set up a wireless
network than a wired connection.

Wi-Fi is Ubiquitous
The Wi-Fi technology is already commercialized, so most of the computing
and communication gadgets like laptops and PDAs come Wi-Fi enabled.
Further, this Wi-Fi certified gadgets are interoperable regardless of the
brand.
On the other hand, public Wi-Fi access sites or hot spots are also on the
increase. More and more offices, bookstores, airport lounges and food
outlets are setting up Wi-Fi hotspots in the hope that this will induce their
tech-savvy customers to stay on. In some cities, entire neighborhoods and
business districts are setting up bigger hotspots.
Drawbacks
The small range is the biggest drawback for Wi-Fi. Even while you can move
about without the wires, the mobility is severely restricted. Most typically, it
is about a radius of 100 feet or so from the hotspot.
Earlier versions of Wi-Fi radios drain a lot of power, which is a disadvantage
for laptops as they are battery dependent. Also, nearby equipment like
microwave ovens and cordless phones can cause interference.
Security is another big threat. It is easy for anyone to access your wireless
networks if you are not careful. Therefore it is important to install stringent
security precautions depending on the sensitivity of the information you
handle.

What Happens ?
Wi-Fi uses radio technology for communication, and mostly operates at 2.4
or 5 GHz frequency. Most of the new connectible devices are today Wi-Fi
certified, which means not only that they are Wi-Fi enabled, but also that
these devices are interoperable.
In a Wi-Fi network, computers with a Wi-Fi network card can connect
wirelessly to a Wi-Fi router. The router is connected to internet using a cable
 12

or DSL modem. Any Wi-Fi enabled connectible device within 60 meters or so

of the access point can access the internet.
Some Wi-Fi hotspots are open in the sense that anyone with a connectible
device within the range can access them, while some others are closed
which means that only authorized users can access them using a password.
 13

Where Wi-Fi can help ?

Interoperability is one big advantage of Wi-Fi. Wi-Fi allows users to connect
with internet as well as with each other and other devices. It also helps you
transcend the distance imitations of using cables and also saves some of the
cost.
Wi-Fi technology is of special advantage to people in marketing and sales as
these sectors involve a lot of travel. In fact Wi-Fi can help anyone who has to
move about a lot on work. They can access their work email or company
databases from wherever they are using Wi-Fi technology. Thus Wi-Fi
technology allows businesses to grow and expand fast.
 14

Advantages and
challenges

Operational advantages - Wi-Fi allows the deployment of local area

networks (LANs) without wires for client devices, typically reducing the costs
of network deployment and expansion. Spaces where cables cannot be run,
such as outdoor areas and historical buildings, can host wireless LANs.

As of 2010 manufacturers are building wireless network adapters into most

laptops. The price of chipsets for Wi-Fi continues to drop, making it an
economical networking option included in even more devices. Wi-Fi has
become widespread in corporate infrastructures.

Different competitive brands of access points and client network-interfaces

can inter-operate at a basic level of service. Products designated as "Wi-Fi
Certified" by the Wi-Fi Alliance are backwards compatible. "Wi-Fi"
designates a globally operative set of standards: unlike mobile phones, any
standard Wi-Fi device will work anywhere in the world.

Wi-Fi operates in more than 220,000 public hotspots and in tens of millions
of homes and corporate and university campuses worldwide. The current
version of Wi-Fi Protected Access encryption (WPA2) as of 2010 is
considered secure, provided users employ a strong passphrase. New
protocols for quality-of-service (WMM) make Wi-Fi more suitable for
latency-sensitive applications (such as voice and video); and power saving
mechanisms (WMM Power Save) improve battery operation.
 15

Limitations - Spectrum assignments and operational limitations do not

operate consistently worldwide. Most of Europe allows for an additional 2
channels beyond those permitted in the U.S. for the 2.4 GHz band. (1–13 vs.
1–11); Japan has one more on top of that (1–14). Europe, as of 2007, was
essentially homogeneous in this respect. A very confusing aspect is the fact
that a Wi-Fi signal actually occupies five channels in the 2.4 GHz band
resulting in only three non-overlapped channels in the U.S.: 1, 6, 11, and
three or four in Europe: 1, 5, 9, 13. Equivalent isotropically radiated power
(EIRP) in the EU is limited to 20 dBm (100 mW).

A keychain-size Wi-Fi detector

Reach - Wi-Fi networks have limited range. A typical wireless router using
802.11b or 802.11g with a stock antenna might have a range of 32 m (120 ft)
indoors and 95 m (300 ft) outdoors. The IEEE 802.11n however, can exceed
that range by more than two times. Range also varies with frequency band.
Wi-Fi in the 2.4 GHz frequency block has slightly better range than Wi-Fi in
the 5 GHz frequency block. Outdoor ranges - through use of directional
antennas - can be improved with antennas located several kilometers or
more from their base. In general, the maximum amount of power that a Wi-
Fi device can transmit is limited by local regulations, such as FCC Part 15 in
USA.
Due to reach requirements for wireless LAN applications, Wi-Fi has fairly
high power consumption compared to some other standards. Technologies
such as Bluetooth (designed to support wireless PAN applications) provide a
 16

much shorter propagation range of <10m and so in general have lower

power consumption. Other low-power technologies such as ZigBee have
fairly long range, but much lower data rate. The high power consumption of
Wi-Fi makes battery life in mobile devices a concern.
Researchers have developed a number of "no new wires" technologies to
provide alternatives to Wi-Fi for applications in which Wi-Fi's indoor range is
not adequate and where installing new wires (such as CAT-5) is not possible
or cost-effective. For example, the ITU-T G.hn standard for high speed Local
area networks uses existing home wiring (coaxial cables, phone lines and
power lines). Although G.hn does not provide some of the advantages of Wi-
Fi (such as mobility or outdoor use), it's designed for applications (such as
IPTV distribution) where indoor range is more important than mobility.
Due to the complex nature of radio propagation at typical Wi-Fi frequencies,
particularly the effects of signal reflection off trees and buildings, algorithms
can only approximately predict Wi-Fi signal strength for any given area in
relation to a transmitter. This effect does not apply equally to long-range
Wi-Fi, since longer links typically operate from towers that broadcast above
the surrounding foliage.

Mobility - The very limited practical range of Wi-Fi essentially confines

mobile use to such applications as inventory-taking machines in warehouses
or in retail spaces, barcode-reading devices at check-out stands, or
receiving/shipping stations. Mobile use of Wi-Fi over wider ranges is limited,
for instance, to uses such as in an automobile moving from one hotspot to
another (known as Wardriving). Other wireless technologies are more
suitable as illustrated in the graphic.

Data security risks - The most common wireless encryption-standard,

Wired Equivalent Privacy (WEP), has been shown to be easily breakable even
when correctly configured. Wi-Fi Protected Access (WPA and WPA2)
encryption, which became available in devices in 2003, aimed to solve this
problem. Wi-Fi access points typically default to an encryption-free (open)
mode. Novice users benefit from a zero-configuration device that works out-
of-the-box, but this default does not enable any wireless security, providing
open wireless access to a LAN. To turn security on requires the user to
 17

configure the device, usually via a software graphical user interface (GUI).
On unencrypted Wi-Fi networks connecting devices can monitor and record
data (including personal information), but such networks may use other
means of protection, such as a virtual private network or secure Hypertext
Transfer Protocol (HTTPS) and Transport Layer Security.

Speed vs. Mobility of wireless systems: Wi-Fi, HSPA, UMTS, GSM

Population - Many 2.4 GHz 802.11b and 802.11g access-points default to

the same channel on initial startup, contributing to congestion on certain
channels. To change the channel of operation for an access point requires
the user to configure the device.

Channel pollution: - Market forces may drive a process of standardization.

Interoperability issues between non-Wi-Fi brands or proprietary deviations
from the standard can still disrupt connections or lower throughput speeds
on all devices within range, including any non-Wi-Fi or proprietary product.
Moreover, the usage of the ISM band in the 2.45 GHz range is also common
to Bluetooth, WPAN-CSS, ZigBee, and any new system will take its share.
Wi-Fi pollution, or an excessive number of access points in the area,
especially on the same or neighboring channel, can prevent access and
 18

interfere with other devices' use of other access points, caused by

overlapping channels in the 802.11g/b spectrum, as well as with decreased
signal-to-noise ratio (SNR) between access points. This can become a
problem in high-density areas, such as large apartment complexes or office
buildings with many Wi-Fi access points. Additionally, other devices use the
2.4 GHz band: microwave ovens, security cameras, ZigBee devices,
Bluetooth devices and (in some countries) Amateur radio, video senders,
cordless phones and baby monitors, all of which can cause significant
additional interference. It is also an issue when municipalities or other large
entities (such as universities) seek to provide large area coverage. This
openness is also important to the success and widespread use of 2.4 GHz
Wi-Fi.
 19

Hardware
Standard devices:- A wireless access point (WAP) connects a group of
wireless devices to an adjacent wired LAN. An access point resembles a
network hub, relaying data between connected wireless devices in addition
to a (usually) single connected wired device, most often an ethernet hub or
switch, allowing wireless devices to communicate with other wired devices.

An embedded RouterBoard 112 with U.FL-RSMA pigtail and R52 mini PCI Wi-Fi card
widely used by wireless Internet service providers (WISPs) in the Czech Republic

Wireless adapters allow devices to connect to a wireless network. These

adapters connect to devices using various external or internal interconnects
such as PCI, miniPCI, USB, ExpressCard, Cardbus and PC Card. As of 2010,
most new laptop computers come equipped with internal adapters. Internal
cards are generally more difficult to install.
 20

OSBRiDGE 3GN - 802.11n Access Point and UMTS/GSM Gateway in one device

Wireless routers integrate a Wireless Access Point, ethernet switch, and

internal router firmware application that provides IP routing, NAT, and DNS
forwarding through an integrated WAN-interface. A wireless router allows
wired and wireless ethernet LAN devices to connect to a (usually) single
WAN device such as a cable modem or a DSL modem. A wireless router
allows all three devices, mainly the access point and router, to be configured
through one central utility. This utility is usually an integrated web server
that is accessible to wired and wireless LAN clients and often optionally to
WAN clients. This utility may also be an application that is run on a desktop
computer such as Apple's AirPort.

USB wireless adapter

Wireless network bridges connect a wired network to a wireless network. A

bridge differs from an access point: an access point connects wireless
devices to a wired network at the data-link layer. Two wireless bridges may
be used to connect two wired networks over a wireless link, useful in
situations where a wired connection may be unavailable, such as between
two separate homes.
Wireless range-extenders or wireless repeaters can extend the range of an
existing wireless network. Strategically placed range-extenders can elongate
a signal area or allow for the signal area to reach around barriers such as
those pertaining in L-shaped corridors. Wireless devices connected through
repeaters will suffer from an increased latency for each hop.
 21

Network security
The main issue with wireless network security is its simplified access to the
network compared to traditional wired networks such as ethernet. With
wired networking one must either gain access to a building (physically
connecting into the internal network) or break through an external firewall.
Most business networks protect sensitive data and systems by attempting to
disallow external access. Enabling wireless connectivity provides an attack
vector, particularly if the network uses inadequate or no encryption.
An attacker who has gained access to a Wi-Fi network router can initiate a
DNS spoofing attack against any other user of the network by forging a
response before the queried DNS server has a chance to reply.

Securing methods: - A common but unproductive measure to deter

unauthorized users involves suppressing the access point's SSID broadcast.
This is ineffective as a security method because the SSID is broadcast in the
clear in response to a client SSID query. Another unproductive method is to
only allow computers with known MAC addresses to join the network. But
intruders can defeat this method because they can often (though not
always) set MAC addresses with minimal effort (MAC spoofing). If
eavesdroppers have the ability to change their MAC address, then they may
join the network by spoofing an authorized address.
Wired Equivalent Privacy (WEP) encryption was designed to protect against
casual snooping, but is now deprecated. Tools such as AirSnort or Aircrack-
ng can quickly recover WEP encryption keys. Once it has seen 5-10 million
encrypted packets, AirSnort can determine the encryption password in
under a second; newer tools such as aircrack-ptw can use Klein's attack to
crack a WEP key with a 50% success rate using only 40,000 packets.
To counteract this in 2002, the Wi-Fi Alliance approved Wi-Fi Protected
Access (WPA) which uses TKIP as a stopgap solution for legacy equipment.
Though more secure than WEP, it has outlived its designed lifetime and has
known attack vectors.
 22

Wi-Fi Security for Public Networks

Introduction:

Wi-Fi hotspots present a unique set of security problems, quite different

from the security issues involved in home and office networks. These
hotspots have unknown computers accessing them. And in this case, the
very nature of a public hotspot demands that it broadcasts its SSID. A public
hotspot also has to do away with encryption and MAC address filtering to
enable hassle free access to all users.

Even if a public hotspot used encryption and user verification, it is not

possible to tell which customer accesses the network with a malicious
intent.

Under these circumstances, the precautions have to come from the users
who access a Wi-Fi public hotspot. Here are a few things you can do to
protect yourself while using a public hotspot.

1. Use legitimate access points

This is an often overlooked, nevertheless important safety step. Malicious

access points that connect to hijackers’ databases have started coming up
everywhere. These have the same SSID as a legitimate access point. The
malicious ones can collect such information as your usernames, passwords
and even credit card data of people who sign up for new services.

Steer clear of anything that doesn’t look as coming from a legitimate

provider. Also check the list of all legitimate SSIDs in any given area. Avoid
setting the wireless card in your gadgets to automatically connect with any
available network. Turn off peer-to-peer mode when you are in a public
place to avoid others connecting directly to you, and last but not the least,
keep your Wi-Fi card in the off position when you don’t use it!

2. Encrypt your sensitive files

Emails, usernames and passwords and virtually anything you beam from
your device to the access point can be intercepted by someone close by. A
lot of this information is going as clear text and not in a converted format,
making it possible for the interceptor to access your information. Therefore
 23

encrypt any sensitive information you send via email from a public hotspot.
There are numerous file encryption programs, freeware and shareware to
help you with this.

3. Use a VPN

A VPN or virtual private network creates a tunnel between your device and
the hotspot, thus preventing anyone in between from intercepting your
data. This has become a standard requirement for companies to allow
remote employees to connect to their networks. If your company does not
provide you with a corporate VPN, you can go for a commercial one like
JiWire SpotLock.

4. Set up a personal firewall

Connecting to a public wireless network implies that you are joining a local
network of unknown computers. These are on the same IP subnet, so it is
easier for them to capture the traffic between your computer and the
hotspot. Therefore always install a personal firewall program to protect your
personal laptop. In the case of a corporate device, consult the IT manager
before installing any firewall.

5. Install and regularly update your anti-virus software

Public networks are places where your machine is the most vulnerable to
attacks from viruses and other malicious code. It is more important here to
have effective antivirus software in your system. Also take care to visit the
vendor’s website and download the latest update, or avail the auto-update
features.

6. Update your OS

Most large utility and business software vendors like Microsoft and Apple
frequently develop additional security patches for their operating System
and programs. In the case of Microsoft Windows, you can visit the Windows
Update site to get the new patches. In the case of Mac OS, enable the
automatic Software Update feature in System Preferences.

Also be wary of the attachments that come with emails, as most of the
recent viruses and worms have spread through them.
 24

7. Ensure privacy

Take care while you are typing information like name and password while
you are at a public hotspot. There are people around you.

8. Use Web-based email instead of Outlook

Avoid sending emails through Outlook, Eudora or Apple Mail when you’re
using a public hotspot. Always use web-based email that uses secure http.

9. Disable files sharing

You may be using file sharing while you are using your home or office
network. Make sure that this feature is turned off before you access a public
hotspot, for obvious reasons.

10. Protect your confidential files with strong passwords

Use a strong password for access to your computer and a separate password
to protect sensitive files. It would be a good idea to back up this with your
most important data stored in an encrypted keychain storage device.

Wi-Fi Security for Home Networks

Introduction

Security is a huge concern for anyone setting up a Wi-Fi network, as anyone

who is close enough to the hotspot can break into your system and access
the information. Therefore it is important that suitable security measures
are adopted along with setting up a Wi-Fi network, whether at home or
workplace.

Here are a few tips that can help you establish reasonably good security
measures for your home or small office Wi-Fi network, with a standard
wireless router and one or more roaming access points.
 25

1. Change the router’s default name and password

This is the most fundamental step, as intruders can easily find out the
default name and password of the manufacturer. In fact most of the
manufacturers stick to the IP addresses 192.168.1.1 or 192.16.2.1. Therefore
ensure to rename the router and have a strong password to access the
router configuration software. You may even consider changing the IP
addressing.

2. Disable Peer-to-Peer Networks

Go for the infrastructure mode on all access points and do not allow the ad-
hoc mode that would permit intruders to enter your network through a
legitimate user of your network.

3. Do not broadcast your router’s network ID

In technical terms, this is called disabling SSID (Service Set Identifier)

broadcast. A wireless hotspot access point will regularly – as often as ten
times per second- broadcast a beacon signal that announces its presence. It
is possible to find information such as strength of the signal, the access
point’s functional capabilities and the SSID from the beacon. Therefore it is
advisable for any private Wi-Fi hotspot to disable this beacon. This way, only
those who already know the SSID can connect with the hotspot.

This method is not completely foolproof, as it is still possible for seasoned

hackers to detect such closed networks. However this way you will at least
be doing what best you can do.

4. Identify and approve all your authorized users in advance

This is made possible by turning on the Media Access Control (MAC)

addressing filter in your router. This is a standard procedure with most Wi-Fi
gateways. Each connectible device (laptops, PDAs, computers, Wi-Fi cards
etc) has a unique MAC address. By pre-defining which MAC addresses can
access your network, you can prevent intruders from connecting with your
resources.

This again is not foolproof, as it is still possible for hackers to intercept the
wireless data packets as they travel from your network to an authorized
user. And with these data packets, the hacker also gets the SSID and the
 26

MAC address of the authorized user. The hacker can then easily use this
MAC address to help his system look like an accepted user.

5. Use wireless data encryption

Use either WEP (Wired Equivalent Privacy) or WPA (Wi-Fi Protected Access)
encryption. It has been found that WEP is relatively easy to crack however
some protection is still better than none at all. WPA and its more recent
version WPA2 are safer bets, as they require all the devices including the
source as well as the clients be set to its code.

Regardless of which encryption you use, it is more important to change your

encryption as often as possible.

6. Check router logs regularly for unauthorized users

Wi-Fi gateways usually show the MAC addresses of current users on a status
screen. Many gateways can also keep a log of the users. Scout around
regularly for anything that looks suspicious, like an unauthorized user
staying connected for long- and not connected because he happens to pass
by. Change the encryption if you spot anything that maybe suspicious.

You can also install a packet sniffer like Ethereal that not only shows if
unauthorized users are accessing your information but also shows what
information they are getting.

7. Set up a strong firewall

The steps we discussed so far can only prevent a wireless user from
accessing the information in your network. In other words, WEP and WPA
encryption protect only data in the air. They do not take care of a hacker
breaking into your hotspot from the wired end.

Standard home networking routers have built-in firewalls and they usually
monitor incoming traffic. Typically, they block all incoming ports. There are
also Stateful Packet Inspection (SPI) firewalls that can report attacks,
intrusions and all suspicious activities.

The standard firewalls can take care of your requirements in most cases.
However if you are part of peer-to-peer file sharing networks, you need to
take special precautions. TCP ports 135, 137, 138, 139 and 445 are best
 27

blocked from external access. You would also do well to disable NetBIOS
over TCP/IP. Personal firewalls are also worth considering.

8. Use passwords for your computers and files

This aspect is typically ignored in home networks, but can easily add more
security. You may choose to password to your computer or special files or
areas. It makes sense to choose passwords that are not easy to guess.

Make sure to preserve sensitive or confidential files in folders that are set to
authorized access. All the new operating systems like Windows 2000,
Windows XP and Mac OS X have built-in password capability.

9. Segment the wired and wireless networks

Designate your wireless access points as separate subnets with firewalls in

between them and the main network. Also make sure that your community
names are not easy to guess, as these get broadcasted with network
management tools like SNMP>

10. Switch off your connectible devices when you are not using them

The logic is simple. No one can access your laptop or computer when it is
switched off. If you have multiple users to your network, you may need to
leave the wired connection on even when you are not using them. But you
can still switch off your own PC or laptop.

Piggybacking:- Piggybacking refers to access to a wireless Internet

connection by bringing one's own computer within the range of another's
wireless connection, and using that service without the subscriber's explicit
permission or knowledge.
During the early popular adoption of 802.11, providing open access points
for anyone within range to use was encouraged to cultivate wireless
community networks, particularly since people on average use only a
fraction of their downstream bandwidth at any given time.
Recreational logging and mapping of other people's access points has
become known as wardriving. Indeed, many access points are intentionally
installed without security turned on so that they can be used as a free
service. Providing access to one's Internet connection in this fashion may
 28

breach the Terms of Service or contract with the ISP. These activities do not
result in sanctions in most jurisdictions; however, legislation and case law
differ considerably across the world. A proposal to leave graffiti describing
available services was called warchalking. A Florida court case determined
that owner laziness was not to be a valid excuse.

Getting the signal through:

Sometimes, a wireless network’s coverage may fail to reach a particular part
of the home or office, or otherwise be unreliable in its availability in
particular spots. There are many possible causes for this, including hard-to-
determine interference from other electronic equipment and obvious
obstructions, like brick walls.

Such wireless blackspots can be dealt with in numerous ways. Obviously,

cables can be strung to provide network access but that rather defeats the
point. If there’s a nearby three-pin plug socket, a neater option is to
consider a network connection over the mains-power supply.
 29

Operating System
Support
Wi-Fi operating system support usually consists of two pieces: driver level
support, and configuration and management support.
Driver support is usually provided by multiple manufacturers of the chip set
hardware or end manufacturers. Also available are Unix clones such as Linux
and FreeBSD, sometimes through open source projects.
Configuration and management support consists of software to enumerate,
join, and check the status of available Wi-Fi networks. This also includes
support for various encryption methods. These systems are often provided
by the operating system backed by a standard driver model. In most cases,
drivers emulate an Ethernet device and use the configuration and
management utilities built into the operating system. In cases where built in
configuration and management support is non-existent or inadequate;
hardware manufacturers may include their own software to handle the
respective tasks.
 30

Wireless Electronic
Devices & Health
The World Health Organization has acknowledged that electromagnetic
fields (EMFs) are influencing the environment (but not people), and that
some people are worried about possible effects. In response to public
concern, the World Health Organization established the International EMF
Project in 1996 to assess the scientific evidence of possible health effects of
EMF in the frequency range from 0 to 300 GHz. They have stated that
although extensive research has been conducted into possible health effects
of exposure to many parts of the frequency spectrum, all reviews conducted
so far have indicated that exposures are below the limits recommended in
the ICNIRP (1998) EMF guidelines, covering the full frequency range from 0–
300 GHz, and do not produce any known adverse health effect.
International guidelines on exposure levels to microwave frequency EMFs
such as ICNIRP limit the power levels of wireless devices and it is uncommon
for wireless devices to exceed the guidelines. These guidelines only take into
account thermal effects, as nonthermal effects have not been conclusively
demonstrated. The official stance of the Health Protection Agency is that
“There is no consistent evidence to date that Wi-Fi and WLANs adversely
affect the health of the general population.” And also that “...it is a sensible
precautionary approach...to keep the situation under ongoing review...”
 31

How to Use

Basic Requirements:
1) A Computer System working as Server.

2) Proper Operating System.

3) Internet Connection.

4) Ethernet Port.

5) USB Connection (Optional)

6) Wi-Fi Router.

7) A Client Device with Wi-Fi Support.

 32

Server Configuration:
1) Processor : Intel Core i7 – 965 3.0 GHz

2) Motherboard : Gigabyte EX58-UD5

3) Memory : 1GB X 3, Kingston HyperX DDR3-1375

4) Graphics Card : Zotac GeForce GTX 280

5) Monitor : LG L246W 24-Inch LED Monitor

6) Hard Disk : Seagate Barracuda 7200.11 – 1 TB SATA

7) Optical Drive : Sony BlueRay Combo Drive

8) Keyboard : Razer Tarantula

9) Mouse : Razer Deathadder

10) Speakers : Razer Mako – 5.1

11) PC Case : Thermaltake M9 VI1000BWS

12) Power Supply : Tagan BZ800

13) Wi-Fi Router : Cisco Linksys E3000

 33

Client Device: MacBook Pro & HTC HD2

Apple Macbook Pro

HTC HD2

Operating System: Windows Se7en Professional

Internet Connection: BSNL BGN 900 2 MBPS

 34

Client Configuration:
Apple Macbook Pro 2.4 GHz:
1) Processor : Intel Core i5 2.4GHz

2) L3 Cache : 3 MB Shared

3) Memory : 4 GB DDR3-1066

4) Graphics Card : NVIDIA GeForce GT 330M & Intel HD

Graphics5 Automatic Switching

5) Monitor : 15.4-inch LED Glossy Backlight Display

6) Hard Disk : 320 GB Serial ATA

7) Optical Drive : Matsushita 8x Super Drive

8) Keyboard : Razer Lycosa

9) Mouse : Razer Oruchi

10) Speakers : Stereo speakers with subwoofers

HTC HD2:
1) Huge 4.3" 65K-color WVGA glass-covered capacitive touch screen
2) Multi-touch input
3) Windows Mobile 6.5 Professional OS with Sense UI
4) Qualcomm Snapdragon QSD8250 1 GHz CPU and 448MB RAM
5) Wi-Fi connectivity
6) 5 MP autofocus camera with dual LED flash and touch focus
7) MS Office Mobile document editor
8) Standard microUSB port and Bluetooth v2.0 with A2DP
9) Built-in GPS receiver with A-GPS support
 35

Wi-Fi Hotspots:
If you want to take advantage of public WiFi hotspots or start a wireless
network in your home, the first thing you need to do is make sure your
computer has the correct speed. Most new laptops and many new desktop
computers are built with wireless transmitters. If your laptop does not work,
you can buy a wireless adapter that plugs into the PC card or USB port.
Desktop computers can use USB adapters, or you can buy an adapter that
plugs into the PCI slot inside the computer. Many of these cards can use
more than one 802.11 standard.

Once you have installed your wireless adapter and drivers that can run, your
computer must be able to automatically discover existing networks. This
means that when you turn your computer into a WiFi hotspot, the computer
informs you that the network exists and asks if you want to connect. If you
have an older computer, you May need to use a program to detect and
connect to a wireless network.

Being able to connect to the Internet in public hotspots is extremely

convenient. The wireless home networking is useful too. They allow you to
connect multiple computers and move them from place to place without
disconnecting and reconnecting cables. In the next section we will see how
to create a wireless network in your home.
 36

Building a Wireless
Network
If you have multiple computers networked in your home, you can create a
wireless network with a wireless access point. If you have multiple
computers that are not networked, or if you want to replace your Ethernet
network, you need a wireless router. It is a single unit that contains:

A wireless router allows you to use wireless signals or Ethernet cables to

connect your computer to another computer, printer and internet. Most
routers provide coverage for approximately 100 feet (30.5 meters) in all
directions, although walls and doors can block the signal. If your house is
very large, you can buy inexpensive range extension or repeaters to increase
the number of your router.

As with wireless adapters, many routers can use more than one 802.11
standard. 802.11b routers are slightly cheaper, but because the standard is
older, they are slower than 802.11a, 802.11g and 802.11n routers. Most
people choose the option of standard 802.11g for its speed and reliability.
 37

Setting up Router: With its aesthetically pleasing and sleek plate-shaped

chassis, the Linksys E3000 shares the same profile as the previous model,
the Linksys WRT610N. All of its antennas are hidden within the chassis,
making it more compact than other routers that have the same footprint.
The flat E3000 stays stable on any surface and it's also wall mountable.

Cisco Linksys E3000 Router

The router comes with four LAN ports and one WAN port on the back. All
are Gigabit capable, meaning they support throughput up to 1,000Mbps.
Also on the back you'll find a power switch and a USB 2.0 port that can host
a USB external storage device for the router's NAS function. Unfortunately,
the E3000's USB port can't be used to host a printer, which is a little
disappointing.
On the front, the router has an array of sleek-looking blue LEDs to show the
status of the ports, the NAS function, the Internet connection, and the
wireless connection. In the middle of these lights is the Wi-Fi Protected
Setup button that initiates the 2-minute window time for hooking up a WPS-
enabled wireless device to a wireless network.
The E3000 comes with the same setup procedure as the Valet Plus, which is
as easy as it gets. The only difference is that the E3000's software comes on
a CD; the Valet Plus includes it in a USB thumb drive. The rest is the same.
To get the router to work, insert the Cisco Connect software CD into a
computer's CD drive and follow the instructions. During your initial install,
you'll be guided through the necessary steps including plugging in the
 38

hardware and powering it on, configuring the router to connect to the

Internet, creating a wireless network name (aka SSID), encrypting the
wireless connection, and picking a password (or the encryption key).
The network's name is picked at random but it's always something short and
catchy such as "LoudMonkey" or "RubySpruce." You can change this name if
you want, however, you won't even need to memorize it. When you want to
add another computer to the network, just insert the CD and the Cisco
Connect software will take care of the rest. At most, you just have to
interact with the application via two or three mouse clicks.
The whole setup process took less then 5 minutes in our trial. The Cisco
Connect software works with both Macs and PCs.
If you have computers that don't have an optical drive, such as Netbooks,
you can make a copy of the Cisco Connect software on a thumb drive and
use it via a USB port. For other devices, such as a wireless printer, the Cisco
Connect software shows the wireless network information together with the
encryption key for you to enter them manually. You can also use the Wi-Fi
Protected Setup function to connect those that are WPS-enabled.
The nice thing about the Cisco Connect software is that it runs directly from
the CD (or the thumb drive). This means you don't have to clutter your
computer with an extra software installation. This also means you'll need to
keep the software in a safe place for future usage.

The Cisco Connect software makes it easy for home users to set up and
manage the router and the wireless network but doesn't provide access to
many advanced features. It also would stop working with the router if you
have used the Web interface to change certain settings.
 39

Though this new setup method is great for novices on a home network,
experienced users may want to skip it entirely and stick with the router's
Web interface by pointing a browser to its default IP address: 192.168.1.1.
The Web interface allows for much further customization and access to the
routers other advanced functions, such as its network storage capability.
The Web interface is also the only way you can use the E3000 in situations
where no Internet connection is needed; for example, when you want to set
up an isolated network. The Cisco Connect software will not finish the initial
setup process when it can't detect a connection to the Internet.
Note that if you use the software, the default log-in password, which is
"admin," changes to something random. If you later use the Web interface
to alter the password or change other major settings, the Cisco Connect
software will stop working with the router. This means, in most cases, you'll
need to use either the Cisco Connect software or the Web interface to
manage the router, but not both.

Features: The Cisco Linksys E3000 is a true dual-band router, meaning it

has two separate access points, one for the ever-popular 2.4Ghz band and
the other for the 5Ghz band, which can work simultaneously. It can also
create an additional separate wireless Guest network.

The good: The Cisco Linksys High Performance Wireless-N Router E3000
delivers most of what you'd expect from a high-end router, including true
dual-band, Gigabit Ethernet, fast throughput, a long range, NAS
functionality, a nice set of networking features, and a good Web interface. It
also has an aesthetically pleasing compact design and an intuitive software
application to help home users set up and manage their home wireless
network with ease.

The bad: The Cisco Linksys E3000's built-in network storage function lacks
speed, and its guest networking feature is limited. It doesn't support USB
printers and its Media Server doesn't work well with large video files. The
included desktop application can't be used together with the router's Web
interface, and neither provides the complete control over the router's
features and functions.
 40

The bottom line: The Cisco Linksys E3000 is the first advanced router that's
also easy to use for novices. It provides great wireless performance and a
good set of useful networking features. Its mediocre NAS performance and
limited guest networking feature, however, make it significantly less than
perfect.

Other Settings: When you connect your router, it should start working to
its default settings. Most routers allow you to use a web interface to change
your settings. You can choose:

* Name of the network, known as its Service Set Identifier (SSID) - default
setting is usually the manufacturer’s name.

* The channel that the router uses - Most routers use channel 6 by default.
If you live in an apartment and your neighbors are also using channel 6, May
you interference. Switching to another channel should eliminate the
problem.

* Your router’s security settings - Many routers use a standard, publicly

available on the sign, so it’s a good idea to put your own username and
password.

Security is an important part of a wireless network at home, as well as public

WiFi hotspots. If you have configured your router to create a hotspot,
anyone who has a wireless card will be able to use your signal. Most people
prefer to keep foreigners from their networks, though. This requires taking a
few precautions.

It is also important to ensure that your security measures are up to date.

Wired equivalency evaluations Privacy (WEP) security was once the standard
for WAN security. The idea behind WEP was to provide a platform for
wireless security that would allow any secure wireless network as a
traditional wired network. But hackers have discovered vulnerabilities in
WEP approach, and today it’s easy to find programs that can compromise a
WEP security operation WAN.
 41

To keep your network private, you can use one of the following ways:

* Wi-Fi Protected Access (WPA) is a step up from WEP and is now part of the
802.11i wireless network security protocol. It uses Temporal Key Integrity
Protocol (TKIP) encryption. As with WEP, WPA security for signature with a
password, most public hotspots are open or use WPA or WEP 128-bit
technology, although some still use the approach more vulnerable WEP.

* MAC (Media Access Control) address filtering is a little different from WEP
or WPA. It is not a password to authenticate users - it uses physical
computer hardware. Each computer has its own unique MAC address. MAC
address filtering allows only machines with MAC addresses for network
access. You must specify which addresses are allowed when you set up your
router. This method is very safe, but if you buy a new computer or if your
visitors will use your home network, you must add the new machines’ MAC
addresses to the list of addresses. The system is not infallible. A skilled
attacker can spoof a MAC address - ie copy the MAC address is known to
trick the computer network that he uses on the network belongs.

Wireless networks are easy and inexpensive to implement, and most

routers’ Web interfaces are virtually self-explanatory
 42

FAQ:
Frequently Asked
Questions
What is Wi-Fi?
A way to get Internet access, the term Wi-Fi is a play upon the decades-old
term HiFi that describes the type of output generated by quality musical
hardware, Wi-Fi stands for Wireless Fidelity and is used to define any of the
wireless technology in the IEEE 802.11 specification - including (but not
necessarily limited to) the wireless protocols 802.11a, 802.11b, and 802.11g.
The Wi-Fi Alliance is the body responsible for promoting the term and its
association with various wireless technology Standards.

What is a Wi-Fi Hotspot?

A Wi-Fi hotspot is defined as any location in which 802.11 (wireless)
technologies both exists and is available for use to consumers. In some cases
the wireless access is free, and in others, wireless carriers charge for Wi-Fi
usage. Generally, the most common usage of Wi-Fi technology is for laptop
users to gain Internet access in locations such as airports, coffee shops, and
so on, where Wi-Fi technology can be used to help consumers in their
pursuit of work-based or recreational Internet usage.

How Can I Use Wi-Fi?

You must be using a computer or PDA that has Wi-Fi connectivity already
working. Most portable computers can add Wi-Fi using an adapter that plugs
into a PC card slot or USB port.
Will I need to have an account with a Wi-Fi service provider?
Generally, no, you should be able to sign up with the provider at the
location. Many providers will display instructions when browser software
 43

opens on a Wi-Fi-enabled computer. If you don't have an account, simply

start your computer and make sure your Wi-Fi card is plugged on. Then,
open a browser.

Is Wi-Fi the same as Bluetooth?

No. While both are wireless technology terms, Bluetooth technology lives
under the IEEE protocol 802.15.1, while Wi-Fi falls under the 802.11
specification. What this means for consumers is that appliances using Wi-Fi
technology and those using Bluetooth technology are not interoperable.
Bluetooth and Wi-Fi are different in several ways, and are not necessarily in
competition. Wi-Fi technology boasts faster data transfer speeds and range,
making it a good replacement for Ethernet (802.3) systems, while Bluetooth
requires less power and is therefore more prominent in small appliances,
such as PDAs.
 44

Conclusion:
Wi-Fi is wireless technology which enables connection
between two or more devices wirelessly for data sharing
purposes. It is wireless networking which is based on IEEE
802.11 standards. it is now being used by millions of people
using various devices such as personal computers, laptops,
PDAs', printers, camera, games, mp3 players etc, more and
more gadgets are coming with built in feature of this
amazing wireless technology.