Linux-Wireless.net




  • Wireless HOWTO

    HowTo

    Install-HOWTO

    MailingList


    Security


    Sniffers

    Standards

    Encryption

    Drivers


    AP

    WPA


    SOHO AP

    Bridge

    HotSpots

    Commercial-Antenna

    Your-Own-Cantenna

    Connectors/Cables



  • Wireless Security


    • Do NOT use clear text passwd or send/receive sensitive documents

    • Use Encrypted connection to your "wireless router"
      • Use TKIP compatible routers and access points
      • Use ssh/ssl for all activity
      • use X.509 certificates
      • Change your keys regularly, each time you login, or per packet

    • Anybody with wireless sniffers can sniff ALL of your wireless data
      • they can sniff from the other building
      • they can sniff from the floor above or below you
      • they can sniff from down the road

    • Do NOT use WEP encryption since WEP has been cracked back in Feb 2001
      • only use WEP for quick-n-dirty setup wifi testing
      • use WPA2 for final production wifi network

    • Wireless network is insecure and should be OUTSIDE your firewall

    Alpahbet Soup

      GPO.gov FCC Part 15
      GPO.gov FCC Part 97

      Wikipedia.org Wi-Fi Alliance = Wi-Fi.org

      Wi Fi
      WLAN wireless LAN
      WLAN Channels
      IEE 802.11

      Decibel

      LTE 300 Mbit/s -- Long Term Evolution
      5G xxx Mbit/s
      4G 100 Mbit/s
      3G 200 Kbit/s

      802.11a 54 Mbit/s -- 50' -- 5.0Ghz
      802.11b 11 Mbit/s -- 150' -- 2.4Ghz
      802.11g 54 Mbit/s -- 50' -- 2.4Ghz
      802.11n 300 Mbit/sec -- 175' -- 2.4/5.0 Ghz

    • wifi Mode
      • iwconfig wlan0 mode ad-hoc == NO Access Point in wifi network
      • iwconfig wlan0 mode managed == connected to Access point
      • iwconfig wlan0 mode repeater
      • iwconfig wlan0 mode bridge

      SSID == enable == broadcast and displays wifi network name
      SSID == disable == user must know the wifi network name to connect

      iBSS independent Basic Service Set == adhoc mode

      CCMP = CTR mode w/ CBC Mac Protocol
      EAP = Extensible Authentication Protocol
      LEAP = Light weight Ext Auth Protocol
      PEAP = Protected Ext Auth Protocol
      TKIP = Temporary Key Integration Protocol

      WEP = Wired Equivalent Privacy
      • less than or 5 ascii characters ( 10 hex char ) is WEP40 ( 64-bit ) WEP key
      • less than or 13 ascii characters ( 26 hex char ) is WEP104 ( 128-bit ) WEP key

      • linux# iwconfig wlan0 key s:12345 enc on
      • FreeBSD# ifconfig wlan0 key 12345 enc on

      WEP2
      WPA = WiFi Protected Access
      WPA-PSK = aka WPA Personal == Pre-Shared Key of up to 63 character passphrase
      WPA-EAP = aka WPA Enterprise == uses Extensible Authentication Protocol
      WPA2 = aka RSN = since 2006 -- requires AES + CCMP

    • Secure Wifi to Insecure Wifi in decending order
      • WPA2 + EAS = most secure
      • WPA + EAS
      • WPA + TKIP/AES
      • WPA + TKIP
      • WEP
      • none == open == least secure


  • Linux-Consulting.com


  • ISO9660.net


  • Unix-Consulting.org


  • Hardware Products/Solutions

    NetworkNightmare.net
    gigEnn.org

    Custom-Chassis.net
    Custom-1U.net
    ITX-Blades.net
    1URaid.org


  • Infrastructure Consulting

    IPv6Cloud.org

    Linux-Backup.org
    CJK-Howto.net


  • Security Consulting

    Linux-Security.net
    Bandwidth-Hogs.net
    Encrypted-Email.net

    DDoS-Mitigator.net
    DDoS-Simulator.net
    IPtables-BlackList.net
    i-Sniff.net
    Linux-Wireless.net

  • Legalese

    Contact

    Legal


  • Copyright © 1994-2016 Linux-Consulting All Rights Reserved. Updated: Fri Jun 10 08:17:07 2016 PDT