The document discusses intrusion detection systems (IDS) in wireless networks. It describes how Wi-Fi networks work and their security vulnerabilities like unencrypted networks and rogue access points. It then explains how the research implements a network detection system to identify unauthorized access points using multiple clients. The clients report detected network information to a central server, which uses geometry to triangulate the location of any rogue access points based on the common networks detected and signal strengths reported by each client.
A VPN creates a secure connection over a public network like the Internet by using encryption, authentication, and tunneling. It allows remote users to securely access a private network. There are different VPN protocols like PPTP, L2TP, and IPsec that use encryption, encapsulation, and authentication to securely tunnel network traffic over the public Internet. VPNs can be used for remote access VPNs, intranet VPNs between offices, or extranet VPNs for partners and suppliers.
IP Address is a unique identification given to Host, network device, server for data communication. IP
Address stand for Internet Protocol address, it is an addressing scheme used to identify a system on a
network. It is a unique address that certain electronic devices currently use to communicate with each
other on a network using internet protocol.
Wireless networks come in many different forms, cover various distances, and provide a range of low to
high bandwidth depending on the type installed. Wireless LAN – Wireless LAN enable Laptop users to
access the Network of a company.
Group 5:
Reymart John Aguho
Lawrence Valdez
Trishia Mae Salazar
Gayle Allyson Guitones
Dempster Winston Corpuz
Matthew Erickson Quinto
Marc Vincent Maneja
The document outlines 19 potential project titles for a Cisco summer internship in 2011. The projects cover a wide range of topics including network performance testing, automation, monitoring, management, and security tools.
The document discusses the characteristics and security issues of wireless LANs (WLANs). It describes the advantages and disadvantages of WLANs, as well as their design goals and transmission technologies. It then discusses some specific wireless security issues for WLANs, including interception of radio signals, reliance on shared public infrastructure, and risks from rogue access points and war driving. Finally, it provides an overview of the IEEE 802.11 standard for WLANs, including its network architectures, transmission methods like CSMA/CA, frame types, and security features.
The document discusses wireless local area networks (WLANs), including how they work as an extension or alternative to wired LANs using radio waves, the components needed like access points and clients, common configurations including peer-to-peer and using multiple access points, standards like 802.11, encryption methods, advantages like mobility and ease of installation, disadvantages such as security issues, and applications in various industries.
This document provides an overview of virtual private networks (VPNs). It discusses the history of VPNs and how they arose from the need for secure remote access and communication between corporate networks without needing expensive dedicated private lines. The document defines key VPN terms and concepts, describes the main types of VPN topologies, and examines the components, benefits, and quality of service aspects of VPNs. It aims to serve as an introduction to VPNs, their implementation, and applications in business networks.
A VPN creates a secure connection over a public network like the Internet by using encryption, authentication, and tunneling. It allows remote users to securely access a private network. There are different VPN protocols like PPTP, L2TP, and IPsec that use encryption, encapsulation, and authentication to securely tunnel network traffic over the public Internet. VPNs can be used for remote access VPNs, intranet VPNs between offices, or extranet VPNs for partners and suppliers.
IP Address is a unique identification given to Host, network device, server for data communication. IP
Address stand for Internet Protocol address, it is an addressing scheme used to identify a system on a
network. It is a unique address that certain electronic devices currently use to communicate with each
other on a network using internet protocol.
Wireless networks come in many different forms, cover various distances, and provide a range of low to
high bandwidth depending on the type installed. Wireless LAN – Wireless LAN enable Laptop users to
access the Network of a company.
Group 5:
Reymart John Aguho
Lawrence Valdez
Trishia Mae Salazar
Gayle Allyson Guitones
Dempster Winston Corpuz
Matthew Erickson Quinto
Marc Vincent Maneja
The document outlines 19 potential project titles for a Cisco summer internship in 2011. The projects cover a wide range of topics including network performance testing, automation, monitoring, management, and security tools.
The document discusses the characteristics and security issues of wireless LANs (WLANs). It describes the advantages and disadvantages of WLANs, as well as their design goals and transmission technologies. It then discusses some specific wireless security issues for WLANs, including interception of radio signals, reliance on shared public infrastructure, and risks from rogue access points and war driving. Finally, it provides an overview of the IEEE 802.11 standard for WLANs, including its network architectures, transmission methods like CSMA/CA, frame types, and security features.
The document discusses wireless local area networks (WLANs), including how they work as an extension or alternative to wired LANs using radio waves, the components needed like access points and clients, common configurations including peer-to-peer and using multiple access points, standards like 802.11, encryption methods, advantages like mobility and ease of installation, disadvantages such as security issues, and applications in various industries.
This document provides an overview of virtual private networks (VPNs). It discusses the history of VPNs and how they arose from the need for secure remote access and communication between corporate networks without needing expensive dedicated private lines. The document defines key VPN terms and concepts, describes the main types of VPN topologies, and examines the components, benefits, and quality of service aspects of VPNs. It aims to serve as an introduction to VPNs, their implementation, and applications in business networks.
Adhoc mobile wireless network enhancement based on cisco devicesIJCNCJournal
This document discusses enhancing the performance of ad hoc wireless networks using Cisco devices. It proposes using Cisco routers and access points to create a three-layer ad hoc network with endpoints, intermediate coordinators, and a core router layer for improved processing, reliability, cost, power consumption, and accessibility. It then outlines various protocols and configurations that could be implemented using Cisco devices, including NAT, ACLs, DHCP, and wireless security settings. Diagrams and tables show an example network topology and device IP addresses and configurations.
The document describes Cisco Network Academy's CCNA curriculum and Packet Tracer software. The CCNA curriculum validates skills in installing, configuring and troubleshooting medium-sized networks including WAN connections and basic security threats. Packet Tracer is a network simulation program used in the CCNA program to allow students to experiment with networks and troubleshoot issues. It supports simulation of network protocols, devices, and allows creation of network topologies to model real world networks.
Mobile IPv6 enables IPv6 nodes to move between IP subnets while away from their home network. It uses binding updates sent to a home agent to register the mobile node's current location. The home agent tunnels packets to the mobile node's present location. Major differences from MIPv4 include no foreign agent, support on every mobile node, and use of IPv6 features like autoconfiguration and routing headers for route optimization. Quality of service is supported through flow labels and traffic class fields.
The document discusses public and private IP addresses. It explains that IP is the communication protocol that defines the rules for computers to communicate over the internet using IP addresses. Each computer and packet of data must have a unique IP address. Private IP addresses are used for internal networks and cannot access the public internet directly, requiring a router. Static IP addresses assign computers a fixed IP address that never changes each time they connect.
This document provides an overview of network addressing concepts including:
1. It describes IP addresses and subnet masks, and how they are used to identify networks and hosts.
2. It outlines the different classes of IP addresses (A, B, C, D, E) and their address ranges.
3. It explains how devices obtain IP addresses through static assignment or dynamic assignment via DHCP.
4. It discusses network address translation (NAT) and how it allows private IP addresses to access the public internet through an ISR router.
Mobile IP enables hosts to stay connected to the Internet regardless of location by allowing them to change their point of attachment between networks without changing their IP address. It uses a home agent and foreign agent to tunnel packets to a mobile node's care-of address when it is away from its home network. The registration process involves a mobile node registering its care-of address with its home agent when it moves to a new network. Security features like authentication and replay protection are included to protect the registration process.
A virtual private network gives secure access to LAN resources over a shared network infrastructure such as the internet. It can be conceptualized as creating a tunnel from one location to another, with Encrypted data traveling through the tunnel before being decrypted at its destination.
This document discusses security considerations for wireless LANs. It outlines common wireless LAN components like access points and antennas. It describes how wireless LANs can be configured in ad hoc networks or connect to wired LANs via an access point. The document discusses security threats from lack of encryption, rogue access points, and unauthorized network access. It provides recommendations for best practices like separating guest and internal networks, detecting rogue access points, using strong encryption, and establishing security policies.
the TCP/IP protocol suite involves several methods that enables communication of which IP addressing is one of those pertinent subjects that must be considered if communication must be successful.
Mobile IPv6 aims to support mobility in IPv6 networks by allowing devices to maintain ongoing connections while moving between different networks. It operates in two modes: basic operation uses bidirectional tunneling between the mobile node and home agent, while route optimization establishes routes directly between the mobile node and correspondent nodes. Route optimization improves performance but introduces security challenges in authenticating binding updates. Evaluations found Mobile IPv6 reduces problems from triangular routing and ingress filtering compared to Mobile IPv4, but securing neighbor discovery and authorizing binding updates remain vulnerabilities.
This document provides an overview of VPN (virtual private network) technology. It discusses VPN tunneling which involves encapsulating data packets within other network protocols for secure transmission. There are two main types of VPN tunneling - voluntary and compulsory. It also outlines some popular VPN tunneling protocols like PPTP, L2TP, and IPsec. The document notes that while VPNs provide security and flexibility, they also have disadvantages related to performance, compatibility, and management that require planning.
This document discusses various components of backbone networks including bridges, routers, and gateways. It describes common backbone architectures like serial, distributed, and collapsed backbones. Key technologies discussed include Ethernet, FDDI, and ATM. The document provides details on improving backbone performance through techniques like upgrading network components, increasing circuit capacity, and reducing network demand. It recommends designing backbones that can be easily upgraded and moving to Ethernet as the standard technology for both LANs and backbones.
This document discusses IP mobility and the Mobile IP standard. It provides an overview of the key concepts in Mobile IP, including:
- Mobile IP uses two IP addresses for mobile nodes - a permanent "home address" and a temporary "care-of address" used when roaming away from home.
- Functional entities include the mobile node, home agent on the home network, and foreign agents on visited networks.
- The basic concept is that when away from home, the mobile node registers its care-of address with its home agent. Packets are then tunneled from the home agent to the mobile node's current location.
- Key mechanisms involve agent discovery, registration of the mobile node's
Mobile IP uses encapsulation and tunneling to forward data to mobile nodes. When a mobile node registers with its home agent while connected to a foreign network, the home agent intercepts datagrams for the mobile node and encapsulates them by adding a new IP header. This creates a tunnel to the mobile node's care-of address. Common encapsulation methods include IP-in-IP, minimal encapsulation, and GRE. Tunneling allows datagrams to be forwarded across networks while hiding the details of the encapsulated datagram. Loops can occur if the source IP matches the tunnel endpoint, so routers discard these datagrams.
Networking Concepts Lesson 10 part 1 - Network Admin & Support - Eric VanderburgEric Vanderburg
This document provides an overview of network administration and support topics including managing users and groups, best practices, passwords, computer accounts, user rights, groups, security features, and hardware and software firewalls. Key points covered include having separate administrator and standard user accounts, disabling guest accounts, auditing administrative access, regularly changing complex passwords, and using groups to manage permissions and security. Hardware firewalls filter packets between screened subnets and DMZs while software firewalls provide an extra layer of protection at the application level.
Ch7 ccna exploration 3 lan switching and wirelesskratos2424
This document contains 21 multiple choice questions about wireless networking concepts such as 802.11 standards, wireless security protocols, wireless network design processes, and functions of wireless access points. The questions cover topics like factors influencing adoption of 802.11 standards, statements about wireless security, methods for configuring a new wireless network, identifying settings used to configure the wireless network name, characteristics of wireless security, steps for addressing poor wireless performance in an area, common devices incorporated in wireless routers, wireless access methods, importance of security in wireless networks, compatibility of wireless standards, statements about wireless network security risks, the network design process of identifying access point locations, wireless security features like MAC address filtering, signals transmitted to discover available wireless networks, reasons
Wi-Fi is a wireless technology standard that allows electronic devices to connect to the internet or communicate with each other wirelessly. The presentation discusses Wi-Fi technologies like 802.11b, 802.11a, and 802.11g. It explains the basic components of a Wi-Fi network including access points, Wi-Fi cards, and security measures. It also covers Wi-Fi configurations, applications, security techniques and topologies like AP-based, peer-to-peer, and point-to-multipoint bridge.
Adhoc mobile wireless network enhancement based on cisco devicesIJCNCJournal
This document discusses enhancing the performance of ad hoc wireless networks using Cisco devices. It proposes using Cisco routers and access points to create a three-layer ad hoc network with endpoints, intermediate coordinators, and a core router layer for improved processing, reliability, cost, power consumption, and accessibility. It then outlines various protocols and configurations that could be implemented using Cisco devices, including NAT, ACLs, DHCP, and wireless security settings. Diagrams and tables show an example network topology and device IP addresses and configurations.
The document describes Cisco Network Academy's CCNA curriculum and Packet Tracer software. The CCNA curriculum validates skills in installing, configuring and troubleshooting medium-sized networks including WAN connections and basic security threats. Packet Tracer is a network simulation program used in the CCNA program to allow students to experiment with networks and troubleshoot issues. It supports simulation of network protocols, devices, and allows creation of network topologies to model real world networks.
Mobile IPv6 enables IPv6 nodes to move between IP subnets while away from their home network. It uses binding updates sent to a home agent to register the mobile node's current location. The home agent tunnels packets to the mobile node's present location. Major differences from MIPv4 include no foreign agent, support on every mobile node, and use of IPv6 features like autoconfiguration and routing headers for route optimization. Quality of service is supported through flow labels and traffic class fields.
The document discusses public and private IP addresses. It explains that IP is the communication protocol that defines the rules for computers to communicate over the internet using IP addresses. Each computer and packet of data must have a unique IP address. Private IP addresses are used for internal networks and cannot access the public internet directly, requiring a router. Static IP addresses assign computers a fixed IP address that never changes each time they connect.
This document provides an overview of network addressing concepts including:
1. It describes IP addresses and subnet masks, and how they are used to identify networks and hosts.
2. It outlines the different classes of IP addresses (A, B, C, D, E) and their address ranges.
3. It explains how devices obtain IP addresses through static assignment or dynamic assignment via DHCP.
4. It discusses network address translation (NAT) and how it allows private IP addresses to access the public internet through an ISR router.
Mobile IP enables hosts to stay connected to the Internet regardless of location by allowing them to change their point of attachment between networks without changing their IP address. It uses a home agent and foreign agent to tunnel packets to a mobile node's care-of address when it is away from its home network. The registration process involves a mobile node registering its care-of address with its home agent when it moves to a new network. Security features like authentication and replay protection are included to protect the registration process.
A virtual private network gives secure access to LAN resources over a shared network infrastructure such as the internet. It can be conceptualized as creating a tunnel from one location to another, with Encrypted data traveling through the tunnel before being decrypted at its destination.
This document discusses security considerations for wireless LANs. It outlines common wireless LAN components like access points and antennas. It describes how wireless LANs can be configured in ad hoc networks or connect to wired LANs via an access point. The document discusses security threats from lack of encryption, rogue access points, and unauthorized network access. It provides recommendations for best practices like separating guest and internal networks, detecting rogue access points, using strong encryption, and establishing security policies.
the TCP/IP protocol suite involves several methods that enables communication of which IP addressing is one of those pertinent subjects that must be considered if communication must be successful.
Mobile IPv6 aims to support mobility in IPv6 networks by allowing devices to maintain ongoing connections while moving between different networks. It operates in two modes: basic operation uses bidirectional tunneling between the mobile node and home agent, while route optimization establishes routes directly between the mobile node and correspondent nodes. Route optimization improves performance but introduces security challenges in authenticating binding updates. Evaluations found Mobile IPv6 reduces problems from triangular routing and ingress filtering compared to Mobile IPv4, but securing neighbor discovery and authorizing binding updates remain vulnerabilities.
This document provides an overview of VPN (virtual private network) technology. It discusses VPN tunneling which involves encapsulating data packets within other network protocols for secure transmission. There are two main types of VPN tunneling - voluntary and compulsory. It also outlines some popular VPN tunneling protocols like PPTP, L2TP, and IPsec. The document notes that while VPNs provide security and flexibility, they also have disadvantages related to performance, compatibility, and management that require planning.
This document discusses various components of backbone networks including bridges, routers, and gateways. It describes common backbone architectures like serial, distributed, and collapsed backbones. Key technologies discussed include Ethernet, FDDI, and ATM. The document provides details on improving backbone performance through techniques like upgrading network components, increasing circuit capacity, and reducing network demand. It recommends designing backbones that can be easily upgraded and moving to Ethernet as the standard technology for both LANs and backbones.
This document discusses IP mobility and the Mobile IP standard. It provides an overview of the key concepts in Mobile IP, including:
- Mobile IP uses two IP addresses for mobile nodes - a permanent "home address" and a temporary "care-of address" used when roaming away from home.
- Functional entities include the mobile node, home agent on the home network, and foreign agents on visited networks.
- The basic concept is that when away from home, the mobile node registers its care-of address with its home agent. Packets are then tunneled from the home agent to the mobile node's current location.
- Key mechanisms involve agent discovery, registration of the mobile node's
Mobile IP uses encapsulation and tunneling to forward data to mobile nodes. When a mobile node registers with its home agent while connected to a foreign network, the home agent intercepts datagrams for the mobile node and encapsulates them by adding a new IP header. This creates a tunnel to the mobile node's care-of address. Common encapsulation methods include IP-in-IP, minimal encapsulation, and GRE. Tunneling allows datagrams to be forwarded across networks while hiding the details of the encapsulated datagram. Loops can occur if the source IP matches the tunnel endpoint, so routers discard these datagrams.
Networking Concepts Lesson 10 part 1 - Network Admin & Support - Eric VanderburgEric Vanderburg
This document provides an overview of network administration and support topics including managing users and groups, best practices, passwords, computer accounts, user rights, groups, security features, and hardware and software firewalls. Key points covered include having separate administrator and standard user accounts, disabling guest accounts, auditing administrative access, regularly changing complex passwords, and using groups to manage permissions and security. Hardware firewalls filter packets between screened subnets and DMZs while software firewalls provide an extra layer of protection at the application level.
Ch7 ccna exploration 3 lan switching and wirelesskratos2424
This document contains 21 multiple choice questions about wireless networking concepts such as 802.11 standards, wireless security protocols, wireless network design processes, and functions of wireless access points. The questions cover topics like factors influencing adoption of 802.11 standards, statements about wireless security, methods for configuring a new wireless network, identifying settings used to configure the wireless network name, characteristics of wireless security, steps for addressing poor wireless performance in an area, common devices incorporated in wireless routers, wireless access methods, importance of security in wireless networks, compatibility of wireless standards, statements about wireless network security risks, the network design process of identifying access point locations, wireless security features like MAC address filtering, signals transmitted to discover available wireless networks, reasons
Wi-Fi is a wireless technology standard that allows electronic devices to connect to the internet or communicate with each other wirelessly. The presentation discusses Wi-Fi technologies like 802.11b, 802.11a, and 802.11g. It explains the basic components of a Wi-Fi network including access points, Wi-Fi cards, and security measures. It also covers Wi-Fi configurations, applications, security techniques and topologies like AP-based, peer-to-peer, and point-to-multipoint bridge.
Research Inventy : International Journal of Engineering and Scienceinventy
Research Inventy : International Journal of Engineering and Science is published by the group of young academic and industrial researchers with 12 Issues per year. It is an online as well as print version open access journal that provides rapid publication (monthly) of articles in all areas of the subject such as: civil, mechanical, chemical, electronic and computer engineering as well as production and information technology. The Journal welcomes the submission of manuscripts that meet the general criteria of significance and scientific excellence. Papers will be published by rapid process within 20 days after acceptance and peer review process takes only 7 days. All articles published in Research Inventy will be peer-reviewed.
Ccnav5.org ccna 3-chapter_4_v50_2014_exam_answersĐồng Quốc Vương
This document provides the questions and answers for the CCNA 3 Chapter 4 v5.0 2014 exam. It includes 23 multiple choice questions covering topics such as wireless network configuration, security, standards, and common issues. Answers are provided for each question to help students study for the CCNA 3 exam.
This document provides an overview of networks and network security. It defines what a network is and describes different network types including LANs, WANs, and topologies. It discusses how devices connect to networks, factors that influence connection speed, and examples of internet access providers. The document also summarizes network security measures like encryption, firewalls, and auditing security policies. It provides examples of how encryption works and describes federal regulations around health information privacy and security like HIPAA.
This document contains the answers to the CCNA 3 Chapter 7 exam. It lists 21 multiple choice questions about wireless networking concepts like wireless security, authentication methods, and common wireless standards. The answers provided are intended to help students studying for the CCNA 3 certification exam.
This is a ppt about the recent trends in tech and wireless communication. As the is good document to read we are requesting to study the wireless communal harmony and peace to you. Aster that I have a great day and I will be available from June to September to December to February to the same here to visit our frequently asked questions about HTML5.
And ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha Akshar cholk Thai ne na jato ko bhi 6 baje uthta hai ki nai dunia epaper ab naye shikhar ki aur batao ki nai dunia epaper ab naye shikhar ki aur batao ki nai dunia epaper ab naye shikhar ki aur batao ki nai dunia epaper ab naye shikhar ki aur batao ki nai dunia epaper ab naye shikhar ki aur batao ki nai dunia epaper ab naye shikhar ki aur batao ki nai dunia epaper ab naye shikhar ki aur batao ki nai dunia epaper ab naye shikhar ki aur batao ki nai dunia epaper ab naye shikhar ki aur batao ki nai dunia epaper ab naye shikhar ki aur batao ki nai dunia epaper ab naye shikhar ki aur batao ki nai dunia epaper ab naye shikhar ki aur batao ki nai dunia epaper ab naye shikhar ki aur batao ki nai dunia epaper ab naye shikhar ki aur batao ki nai dunia epaper ab naye shikhar ki aur batao ki nai dunia epaper ab naye shikhar ki aur batao ki nai dunia epaper ab naye 5.
The document provides an overview of computer networking basics including definitions, elements, and concepts. It discusses:
- The basic elements of computer networking including nodes, links, protocols, IP addresses, DNS, and firewalls.
- Network topologies like star, bus, ring, mesh and their advantages/disadvantages.
- Reference models including OSI model with its 7 layers and TCP/IP model with its 4 layers.
- Types of computer networks including LAN, MAN, WAN, VLAN, VPN, and PAN.
- Issues around networking standards and critiques of OSI and TCP/IP models.
Virtual private networks (VPNs) allow secure connections over public networks like the Internet instead of expensive leased lines. There are three main types of VPNs: trusted VPNs rely on a single provider's network for security; secure VPNs encrypt and authenticate all traffic between agreed parties; and hybrid VPNs combine secure VPN technologies running over trusted VPN technologies. VPNs use technologies like IPSec, SSL/TLS, and PPTP to provide critical functions of authentication, access control, confidentiality, and data integrity. They are commonly used by industries for remote access, site-to-site connectivity between offices, and access to networks for business partners and customers.
IDS, IPS, NAT and VPN
The document discusses and defines intrusion detection systems (IDS), intrusion prevention systems (IPS), network address translation (NAT), and virtual private networks (VPN). It explains that IDS monitor networks for suspicious activity, while IPS can also block threats. It describes static and dynamic NAT and port address translation (PAT). It also outlines remote access VPNs for connecting remote users, site-to-site VPNs for connecting office networks, and common VPN protocols like IPsec. The document provides an overview of these key network security concepts.
chapter-4-networking hjgjjgj did hfhhfhjAmitDeshai
This document provides an overview of networking concepts including client-server computing, networking basics, ports, sockets, TCP, UDP, proxy servers, internet addressing, and Java networking APIs. Some key points:
- A client-server model involves a client machine making requests to a server machine that provides a shared resource. Common server types include web, print, file, and compute servers.
- Network communication uses TCP or UDP protocols over IP addresses and port numbers to direct data between applications on different devices.
- Sockets provide an endpoint for inter-process communication and are identified by an IP address and port number combination.
- Java supports networking through classes like InetAddress, ServerSocket, Socket,
The document discusses two types of network architecture: peer-to-peer and client/server. It also provides details about routers, including that routers forward data packets between computer networks and connect devices like computers, tablets, and smartphones on a home network. Routers give each client device an IP address to help direct network traffic. Key router features discussed are wireless and wired throughput speeds, wireless range, number of ports, and wireless security options.
A wireless router allows devices to connect to a network wirelessly. It performs the functions of a router and wireless access point, connecting wired and wireless devices and providing Internet access. The router encodes and decodes signals to transmit data between connected devices and external networks. When setting up a wireless router, it is important to change default passwords, choose strong encryption like WPA2, and consider the router's range, speed and compatibility standards.
Wi-Fi technology refers to wireless local area network (WLAN) standards for devices to connect to the Internet wirelessly. The document discusses Wi-Fi standards including 802.11b, 802.11a, and 802.11g. It describes Wi-Fi network components, topologies, configurations, applications, security techniques and threats. Wi-Fi provides mobility and flexibility but has limitations such as potential interference, performance degradation, and limited range.
The document discusses different types of internetworking devices, specifically routers and gateways. Routers operate at the physical, data link and network layers and can connect heterogeneous networks using a common protocol. Gateways can connect networks using different protocols. Gateways act as entrances between networks and include functions like proxy servers, firewalls, and translating between communication protocols used by different networks or devices. Common gateways discussed include default gateways, application gateways, WAP gateways, and SMS gateways.
1) A VPN creates a secure connection over public networks to protect users' privacy and allow them to access blocked content. It works by extending a private network across the internet.
2) There are two main types of VPNs - remote access VPNs that allow users to remotely access a private network, and site-to-site VPNs that connect networks in different locations.
3) VPNs use encryption protocols like IPsec and SSL/TLS to securely tunnel traffic over the internet and authenticate users. This provides confidentiality, integrity, and sender authentication for VPN connections.
Wi-Fi technology uses radio waves to transmit and receive data wirelessly. It uses standards such as 802.11b, 802.11a, and 802.11g. A Wi-Fi network consists of access points that broadcast a wireless signal to connect devices like computers, phones and tablets. Security measures for Wi-Fi include encrypting data transmission and authenticating users and servers to prevent eavesdropping, spoofing and denial of service attacks. Common configurations and applications of Wi-Fi include home and office networks, as well as use by travelers.
This chapter discusses data communication networks and their components. It describes local area networks (LANs) that connect computers within an office and their typical components like switches, routers, and cables. Wide area networks (WANs) connect multiple LANs across large areas using technologies like leased lines, virtual private networks, and public switched data networks. The chapter also covers internet connectivity options like dial-up, DSL, and cable modems and how encryption works to secure network communications.
Wi-Fi (Wireless Fidelity) is a wireless networking technology that allows devices to connect to the internet and communicate with one another without being physically connected with wires. It utilizes radio waves to enable wireless internet access within a particular area. The document discusses key aspects of Wi-Fi including its components like access points and Wi-Fi cards, how a Wi-Fi network works by creating hotspots, different network topologies, configurations, security measures, advantages like mobility and convenience, disadvantages such as limited range and security issues, and the future of Wi-Fi with technologies like the Internet of Things and increasing speeds.
1. IDS IN WIRELESS NETWORKS
Mr. Deepak D. Kshirsagar
Research Scholar,
Department of Computer Science & Engineering,
Indian Institute of Technology Roorkee.
1
IIT Roorkee
2. Introduction
• Wi-Fi is a trademark of the Wi-Fi Alliance for certified
products based on the IEEE 802.11 standards (also called
WLAN and Wi-Fi).
• This certification warrants interoperability between different
wireless devices.
• But not every wireless Internet product has a Wi-Fi
certification, which may be because of certification costs
that must be paid for each certified device type.
• Wi-Fi is supported by most personal computer operating
systems, many game consoles, laptops, smart phones,
printers, and other peripherals.
2
3. Operational Advantage
• Typically reducing the costs of network deployment and
expansion. Spaces where cables cannot be run, such as
outdoor areas and historical buildings, can host wireless
LANs.
• Wireless network adapters are now built into most laptops.
• Wi-Fi has become widespread in corporate infrastructures.
• Different competitive brands of access points and client
network interfaces are inter-operable at a basic level of
service.
• Wi-Fi is a global set of standards. Unlike mobile telephones,
any standard Wi-Fi device will work anywhere in the world.
3
4. Operational Advantage
• Wi-Fi is widely available in more than 220,000 public
hotspots and tens of millions of homes and corporate and
university campuses worldwide.
• Wi-Fi Protected Access encryption (WPA and WPA2) is not
easily cracked if strong passwords are used.
• New protocols for Quality of Service (WMM) make Wi-Fi
more suitable for latency-sensitive applications (such as
voice and video), and power saving mechanisms (WMM
Power Save) improve battery operation.
4
5. Threats to Security
• The most common wireless encryption standard, Wired
Equivalent Privacy (WEP) has been shown to be easily
breakable even when correctly configured.
• Wi-Fi Access Points typically default to an "open"
(encryption-free) mode.
• But this default is without any wireless security enabled,
providing open wireless access to their LAN.
• Wi-Fi networks that are open (unencrypted) can be
monitored and used to read and copy data (including
personal information) transmitted over the network.
• Another security method is used to secure the data, such
as a VPN or a secure web page. (HTTPS/Secure Socket
Layer.)
5
6. Wireless AP Vs Ad-hoc Network
• An Ad-hoc network uses a connection between two or more
devices without using an access point: the devices
communicate directly.
• Used in situations, such as for a quick data exchange, or
for a Multiplayer LAN game, because it is easy to set up
and does not require an access point.
• Due to its peer-to-peer layout, Ad-hoc connections are
similar to Bluetooth ones, and are generally not
recommended for a permanent installation.
• Internet access via Ad-hoc networks, using features like
Windows Internet Connection Sharing, may work well with
a small number of devices that are close to each other, but
Ad-hoc networks don't scale well.
6
7. Wireless Access Point Vs Ad-hoc N/W
• Internet traffic will converge to the nodes with direct
internet connection, potentially congesting these nodes.
• For internet-enabled nodes, Access Points have a clear
advantage, being designed to handle this load.
7
8. Rogue Access Points
• These are unauthorized access point which provides us
connectivity with the internet and save our conversations.
• Through which important information can be retrieved like
credit card number used in online shopping or bank account
number and password.
• Here our Wi-Fi card can connect to an access point whose
SSId is “badguy” which is rogue access point as per our
knowledge and we should stop it from connecting.
• Our Research shows that, We report central server about
rogue access point and locate its position with respect to
our central server
8
10. Wireless Handshake Protocol : Connection Protocol
• Scanning
Active Scanning
STA sends out Probe request, AP replies with Probe
response.
Passive Scanning
STA listens to Beacon
• Authentication
Open
STA sends out Authentication frame, and AP replied with
Authentication frame.
10
11. Wireless Handshake Protocol : Connection Protocol
Shared-key
Based on WEP and requires that both stations
implement WEP; STA sends out Authentication frame,
and AP replied with Authentication frame with challenge
text (clear), then STA replies with Authentication frame
with encrypted challenge text.
Upon receiving this, AP decrypts the challenge text, if
the frame decrypts to the Challenge Text, the access
point will respond with Authentication frame with a
status code of successful.
802.1X - Used in WPA
11
12. Wireless Handshake Protocol : Connection Protocol
• Association
• Association is restricted to infrastructure mode and is
logically equivalent to plugging into a wired network.
• Binding them altogether, the handshaking between STA
and AP for an open-system authentication wireless LAN
network
12
13. Network Detection System
• We have implemented the research with
To get information about our wireless network
Data transfer between Server and Clients.
• We can divide this implementation into three sections
1. Detecting unauthorized access point (intruder).
2. Sending information to the central server.
3. Calculation of exact location of intruder at the central
server.
13
14. Query to retrieve SSIds
• we have used Windows Management Instrumentation
(WMI).
• Detected all the wireless networks in range.
• It will return the SSIds of all the Access Points in range.
• It will also return the signal strength received.
• We store all this information into a file using file handling.
14
15. Query to retrieve SSIds
• The query we use here to retrieve SSIds is
"SELECT * FROM MSNDis_80211_BSSIList"
Here MSNDis_80211_BSSIList is the name of table where
the list of SSIds in range is stored.
This table is present in windows XP by default.
• The query we use here to retrieve Signal Strength is
“SELECT * FROM MSNdis_80211_ReceivedSignalStrength”
Here MSNdis_80211_ReceivedSignalStrength is the name
of table where the list of Signal Strength is stored.
This table is present in windows XP by default.
15
16. Find networks that are common to all three clients
• First created a wireless ad-hoc network with four laptops.
Among them three are considered as clients and one is
considered as server.
• We run client program on our 3 clients and server program
on 1 laptop.
In client program we provide computer name of server
laptop.
Clients will connect to server one by one.
After connecting they will send their respective files
containing the network information.
16
18. • Now the server will have all three text files with it.
• It will parse all files and find networks that are common to
all three clients.
• Calculate actual distance of all clients from the access point
using the signal strengths.
• Move on to the geometry part.
18
20. • On server we will have a list of authorized access points.
• If detected networks are not in that list then they will be
considered as unauthorized access points.
• And all further calculations are done for unauthorized
access points.
20
23. Geometry
• Moving on to the geometry part we consider our server as
origin (point (0, 0)) of co-ordinate geometry.
• Now with respect to it we have to find out location of the
unauthorized access points
• Now, what we have is co-ordinates of our three laptops and
their distance from access point.
we draw 3 imaginary circles with origin as the co-ordinates
of clients and radius as their distance from access points.
These 3 circles will meet at a single point which will be the
location of access point that we want.
• The situation something like this
23
25. Geometry
• Here one thing is sure that access point will be on the
circumference of all three circles and three circles meet at a
single point.
That point will be the co-ordinates of location of access
point.
• We will solve the situation by solving equations of three
circles.
For example equation of circle with radius ‘r’ and centre
(a, b) is (x-a)2 + (y-b)2=r2
• Like this we will have three equations of three circles and
by solving them we will get a single point which is location
of the access point.
25
27. Geometry
• Here from figure, D=(x2+y2)1/2
• To find out the location of access point.
we assign co-ordinates to each client taking server as
origin.
In figure server is at (0,0), client1 is at (-4,10), client2 is at
(-10,-2), client3 is at (-2,4).
We take these points as an input from user.
27
28. Geometry
• Now we also have distance of each client from the
unauthorized access point detected which we have
calculated from the signal strength at each client.
• So we draw three virtual circles with origin at three clients
and radius as their distance from the access point.
• Now we have equations of three circles as:-
For CLIENT1 (x+4)2 + (y-10)2= D12
For CLIENT2 (x+10)2 + (y+2)2= D22
For CLIENT3 (x+2)2 + (y-4)2= D32
28
29. Geometry
• We have values of D1,D2,D3 from our program.
• Therefore we can solve these equations for (x,y) which is
the location of our unauthorized access point.
• From the value of x and y we can decide access point
reside in which quadrant.
29
30. Conclusions
• In a wireless network an important thing is to check
whether our communication is secure or not.
• Generally in public places we find wireless networks around
us which provide us connectivity.
But if the network (Access point) is not authorized then it
can trace all the communication done through it and we
can lose our confidential data.
Like online money transaction done by us can be traced
and our credit card information can be revealed.
• For this reason we must confirm that the network we are
using is authorized one.
30
31. Conclusions
• Our research finds out the SSId of all the networks in
range. Then it compares it with the list of authorized APs.
Using our three clients, find out the location of all
unauthorized access points in range of our clients.
• The system will be useful to detect an unauthorized
wireless access point present in wireless LAN.
• An access point is like a server through which all computers
present in wireless LAN are connected to the internet. It
acts like a router.
• The primary purpose of Wireless IDS is to prevent
unauthorized network access to local area networks and
other information assets by wireless devices.
31
32. References
1. C. Karlof, D. Wagner, “Secure routing in sensor networks: attacks
and countermeasures” IEEE Workshop on Sensor Network Protocols
and Applications, May 2003.
2. Anthony D. Wood , John A. Stankovic, “Denial of Service in Sensor
Networks,“ October 2002.
3. Benjamin J. Culpepper , H. Chris Tseng, Sinkhole “Intrusion
Indicators in DSR MANETs,” First International Conference on
Broadband Networks, October 2004.
4. Deng, H., Li, W. and Agrawal, D.P , “Routing security in wireless ad
hoc networks”, IEEE Communications Magazine.
5. Deng, J., Han, R. and Mishra, S., “INSENS: intrusion-tolerant
routing for wireless sensor networks” Elsevier Computer
Communications.
6. D.E. Denning, “An intrusion detection model,” IEEE Symposium on
Security and Privacy,.
32