CompTIA Security_ Deluxe Study Guide_ SY0-201 - Emmett Dulaney [110]
802.11g The 802.11g standard provides for bandwidths of up to 54Mbps in the 2.4GHz frequency spectrum. While able to obtain faster speeds, it also suffers from the same interference problems inherent with 802.11b—having to share the spectrum with other devices using that frequency.
802.11n The 802.11n standard provides for bandwidths of up to 300Mbps in the 5GHz frequency spectrum (it can also communicate at 2.4GHz for compatibility). The advantage of this standard is that it offers higher speed and a frequency that does not have as much interference.
Three technologies are used to communicate in the 802.11 standard and provide backward compatibility with 802.11b:
Direct-sequence spread spectrum Direct-sequence spread spectrum (DSSS) accomplishes communication by adding the data that is to be transmitted to a higher-speed transmission.
The higher-speed transmission contains redundant information to ensure data accuracy. Each packet can then be reconstructed in the event of a disruption.
Frequency-hopping spread spectrum Frequency-hopping spread spectrum (FHSS) accomplishes communication by hopping the transmission over a range of predefined frequencies. The changing or hopping is synchronized between both ends and appears to be a single transmission channel to both ends.
Orthogonal frequency division multiplexing Orthogonal frequency division multiplexing (OFDM) accomplishes communication by breaking the data into subsignals and transmitting them simultaneously. These transmissions occur on different frequencies or subbands.
The mathematics and theories of these transmission technologies are beyond the scope of this book.
WEP/WAP
Wireless systems frequently use the Wireless Application Protocol (WAP) for network communications. Wired Equivalent Privacy (WEP) is intended to provide the equivalent security of a wired network protocol. The following sections briefly discuss these two terms and provide you with an understanding of their relative capabilities.
Wireless Application Protocol
The Wireless Application Protocol (WAP) is the technology designed for use with wireless devices. WAP has become a standard adopted by many manufacturers, including Motorola and Nokia. WAP functions are equivalent to TCP/IP functions in that they’re trying to serve the same purpose for wireless devices. WAP uses a smaller version of HTML called Wireless Markup Language (WML), which is used for Internet displays. WAP-enabled devices can also respond to scripts using an environment called WMLScript. This scripting language is similar to Java, which is a programming language.
The ability to accept web pages and scripts produces the opportunity for malicious code and viruses to be transported to WAP-enabled devices. No doubt this will create a new set of problems, and antivirus software will be needed to deal with them.
WAP systems communicate using a WAP gateway system, as depicted in Figure 4.17. The gateway converts information back and forth between HTTP and WAP as well as encodes and decodes between the security protocols. This structure provides a reasonable assurance that WAP-enabled devices can be secured. If the interconnection between the WAP server and the Internet isn’t encrypted, packets between the devices may be intercepted, creating a potential vulnerability. This vulnerability is called a gap in the WAP.
Wired Equivalent Privacy
Wired Equivalent Privacy (WEP) is a security standard for wireless devices. WEP encrypts data to provide data security. The protocol has always been under scrutiny for not being as secure as initially intended.
FIGURE 4.17 A WAP gateway enabling a connection to WAP devices by the Internet
WEP is vulnerable due to weaknesses in the way the encryption algorithms are employed. These weaknesses allow the algorithm to potentially be cracked in as few as five minutes using available PC software. This makes WEP one of the more vulnerable