https://urgentcomm.com/wp-content/themes/ucm_child/assets/images/logo/footer-new-logo.png
  • Home
  • News
  • Multimedia
    • Back
    • Multimedia
    • Video
    • Podcasts
    • Galleries
    • IWCE’s Video Showcase
    • Product Guides
  • Commentary
    • Back
    • Commentary
    • Urgent Matters
    • View From The Top
    • All Things IWCE
    • Legal Matters
  • Resources
    • Back
    • Resources
    • Webinars
    • White Papers
    • Reprints & Reuse
  • IWCE
    • Back
    • IWCE
    • Conference
    • Special Events
    • Exhibitor Listings
    • Premier Partners
    • Floor Plan
    • Exhibiting Information
    • Register for IWCE
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Terms of Service
    • Privacy Statement
    • Cookie Policy
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • Mission Critical Technologies
    • TU-Auto
  • In the field
    • Back
    • In the field
    • Broadband Push-to-X
    • Internet of Things
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Call Center/Command
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Network Tech
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Operations
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Regulations
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • Organizations
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
Urgent Communications
  • NEWSLETTER
  • Home
  • News
  • Multimedia
    • Back
    • Video
    • Podcasts
    • Omdia Crit Comms Circle Podcast
    • Galleries
    • IWCE’s Video Showcase
    • Product Guides
  • Commentary
    • Back
    • All Things IWCE
    • Urgent Matters
    • View From The Top
    • Legal Matters
  • Resources
    • Back
    • Webinars
    • White Papers
    • Reprints & Reuse
    • UC eZines
    • Sponsored content
  • IWCE
    • Back
    • Conference
    • Why Attend
    • Exhibitor Listing
    • Floor Plan
    • Exhibiting Information
    • Join the Event Mailing List
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Cookie Policy
    • Terms of Service
    • Privacy Statement
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • TU-Auto
  • newsletter
  • In the field
    • Back
    • Internet of Things
    • Broadband Push-to-X
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Cybersecurity
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
acc.com

content


802.11x

802.11x

For most businesses, installing a wireless local area network (WLAN) is about like trying to answer the have you stopped beating your wife? question.
  • Written by Urgent Communications Administrator
  • 1st January 2003

For most businesses, installing a wireless local area network (WLAN) is about like trying to answer the “have you stopped beating your wife?” question. You’re wrong whatever you do. The freedom and convenience offered by wireless make it a technology everyone wants. But, it’s this very freedom that make it vulnerable to attack from the outside.

Today, wireless networking means using a version of the 802.11 standard as defined by the Institute of Electrical and Electronics Engineers (IEEE). Within this standard are a number of versions ranging from “a” to “i,” frequencies from 2.4-Ghz to 5-Ghz and per-channel transmission rates from 11-Mbps to 54-Mbps.

The speed, freedom and easy set-up of 802.11 have even police and fire departments across the country taking a serious look at using the technology. But is 802.11 secure enough for such sensitive agencies or even for the average company?

It’s a question worth asking since attacks on public and private networks are at an all-time high. Worldwide, the number of reported network vulnerabilities were up nearly 125 percent from the year 2000 to the year 2001. The actual number of new remote access Trojan horses released through the Internet have grown from 12 a day in 1999 to more than 135 a day. Web defacements have jumped more than 30 fold in the same two-and-a-half-year period — from 15 a day to more than 470 a day.

Heavy cost

The cost of these malicious attacks is also astonishing. For example, it took only four days for the Melissa virus (released in 1998) to generate more than $400 million in losses for corporations and individuals. In the following year, the LoveLetter virus caused between $8 billion and $15 billion in damages and lost productivity in just five hours.

According to experts, such attacks will not only continue, but will certainly worsen. Paraphrasing an old proverb, Gene Hodges, president of Network Associates, noted, “for the next five years, it’s fair to say that there is nothing sure but death, taxes and escalating [security] attack rates.”

Generally, wireless is seen as the most insecure type of data network. Most believe that wired Ethernet networks are reasonably secure, those based on fiber optics are very secure and all types of wireless networks are about as secure as the revolving door at Macy’s department store during a sale.

Breaking into wireless networks has become so easy that it’s evolved into a game. “Warchalking,” “war driving,” and, even, “war flying” are all being used to detect open wireless networks. What’s more alarming is that those who detect them, make a point of telling others.

War driving is the practice of driving a car in business areas and using a laptop equipped with an 802.11b network interface card (NIC) to detect wireless access points. It doesn’t take long to find open networks.

“I would say that 90 percent of all rogue installations — which means they are not sponsored by an IT department — are vulnerable,” said Dan McDonald, vice president of Nokia. “You can grab access points by just driving by with a wireless scanner. I was able to connect to about a hundred different networks in the train station in Tokyo by just having a computer with 802.11b enabled.”

Taking this game to new heights, a group from the Bay Area Wireless Users Group, reportedly, flew over San Diego in a small plane and, in a short time, picked up more than 400 access points.

After identifying “free” access points, warchalkers write symbols on nearby walls that tell anyone who wants to know the Service Set Identifier (SSID) — essentially, the password, WLAN version, and the bandwidth.

Securing the system

Whether an 802.11 wireless system can be secured is a matter of heated debate.

“There are technologies that make WLANs secure and prevent unauthorized access and eavesdropping,” said McDonald. “One example is virtual private networking (VPN) technology, which gives you strong authentication and encryption.”

Wired Equivalent Privacy (WEP) is one tool that has been hailed as the “big gun” in securing 802.11x wireless networks.

But, Bruce Schneier, founder and CEO of Counterpane Internet Security and a recognized expert in the field, says: “It ain’t so.”

In his words, “WEP is not only insecure, it is robustly insecure. The people who designed the protocol did a horrible job of securing it. It [wireless] has great performance, works well, and I can use my computer in the lobby of a hotel, but it’s not secure.”

As usual, the real answer to the question about the effectiveness of WEP and the overall security of 802.11x, lies somewhere in the middle. Wireless is not perfect, but, if it is implemented and monitored correctly, it can be adequate in most cases. Sure, it can be hacked, but it will take someone a bit more determined and knowledgeable than the average warchalker or a fun-loving geek out for a weekend lark to impress his friends to break-in.

Other things that can be done to help secure a wireless network include disabling SSID broadcasting, changing the access point’s default settings, adding an additional firewall between the access point and the network, and using a directional antenna.

In some cases the answer to security may be as simple as enforcing in-house policy, noted John Weinschenk, vice president of Enterprise Service Group for Verisign, Inc.

“One of the biggest risks with wireless is that companies usually deny that its being adopted within their own walls. People are bringing their own wireless LANs to work and plugging them into the conference room Ethernet jacks, even though the company tells them not to do it.”

New weapons in security war

The newest hope for security rests with Wi-Fi Protected Access (WPA). Look for this new IEEE standard to begin showing up in Wi-Fi-certified products in the first quarter of 2003.

WPA enables 802.11i-based Temporal Key Integrity Protocol (TKIP) encryption, which overcomes the problem of a static key used in WEP.

It also adds 802.11x/Extensible Authentication Protocol (EAP) that can prevent the so-called man-in-the-middle attacks. In those types of attacks, an intruder masquerades as a host and attempts to capture passwords.

Supporters claim the encryption and authentication levels that it provides should be acceptable for most enterprises.

Because securing wireless networks is so important, work on new security precautions has spawned an industry of its own.

For example, Symbol Technologies, Inc. has joined with Intersil Corp., Intermec Technologies Corp., Microsoft Corp. and Cisco Systems Inc., to form a consortium to develop Simple Secure Network (SSN). SSN periodically changes the encryption key.

Additionally, the 802.11i protocol, which the IEEE has been working on for more than a year, promises to plug the security holes of WEP by adding several encryption and authentication methods.

Changing times

In the end, nothing is truly secure. No matter what precautions you take, there will always be someone who can hack into your system, wired or wireless, if they really want to do it.

But, there are degrees of safety and, for now, wireless systems based on 802.11x protocols are more vulnerable than a wired system.

Police and fire departments in metropolitan are, generally, not using wireless for data transmission.

Although the main reason is the concern for security, another reason is that it is simply not fast enough.

The current speed of 11-Mbps, and even the 54-Mbps promised by 802.11i, cannot deliver the performance needed to handle the volume of information that must be transmitted on a regular basis.

But, as Bob Dylan told us, “the times they are a changin’.” Security is getting better by the day and speeds are increasing.

Because of the freedom it offers, there is little doubt that wireless is the wave of the future and one day will be the most widely used method of data transmission.

But until that day about all we can do is to be constantly on the alert.

“Usability and features always fight against security, and security loses,” warned Schneier. “There will be vulnerabilities, but you should try to be secure anyway. Detection and response is the answer — doing things so even if your front line breaks, you can be secure.”

The ABCs of 802.11

802.11a

As with 802.11b, this standard is commonly known as Wi-Fi. This is a physical layer standard for WLANs operating in the 5-GHz radio band with eight available radio channels specified. The maximum link rate is 54-Mbps per channel, but expect the actual data throughput to be about half of this speed.

Also the data rate decreases as the distance between the user and the radio access point increases. It is not backward-compatible with 802.11b, so the old network must be replaced with 802.11a equipment. Available now.

802.11b

Also known as Wi-Fi, this is the most popular standard for wireless networking. This physical layer standard for WLANs operates in the 2.4-GHz radio band and specifies three available radio channels. The maximum link rate is 11-Mbps per channel, but it is shared by all users of the same radio channel, including cordless phones, micro-wave ovens and many Bluetooth products, so expect throughput of about half the speed. As with 802.11a, the data rate decreases as the distance between the user and the radio access point increases. Available now.

802.11d

This is supplementary to the Media Access Control (MAC) layer in 802.11 and is being promoted to encourage the worldwide use of 802.11 WLANs. Since the 802.11 standards cannot legally operate in some countries, 802.11d adds features and restrictions to allow WLANs to operate within the rules of these countries.

When: Work is ongoing, but see 802.11h for a timeline on 5-GHz WLANs in Europe.

802.11e

This protocol is supplementary to the MAC layer to provide QOS support for data, voice and video applications for 802.11a, 802.11b and 802.11g. Available sometime in 2003.

802.11f

Described as a “recommended practice” document, it is designed to achieve radio access point interoperability within a multi-vendor WLAN network. It defines the registration of access points within a network and the interchange of information between access points when a user is handed over from one access point to another. Available early 2003.

802.11g

This is a physical layer standard for WLANs operating in the 2.4-GHz and 5-GHz radio band. It specifies three available radio channels and a maximum link rate of 54-Mbps per channel. The 802.11g standard uses orthogonal frequency-division multiplexing (OFDM) modulation but, for backward compatibility with 11b, it also supports complementary code keying (CCK) modulation and, as an option for faster link rates, allows packet binary convolutional coding (PBCC) modulation. Available now.

802.11h

This version of 802.11 is supplementary to the MAC layer and offered to comply with European regulations for 5-GHz WLANs. These regulations call for products to have transmission power control (TPC), which limits power to the minimum needed, and dynamic frequency selection (DFS) which selects the radio channel at the access point to minimize interference with other systems. Available in the first half of 2003.

802.11i

The main feature of 802.11i is improved security. It provides an alternative to Wired Equivalent Privacy (WEP) with new encryption methods and authentication procedures which include firmware up-grades using the Temporal Key Integrity Protocol (TKIP), ilicon with Advanced Encryption Standard (AES, an iterated block cipher) and TKIP backwards compatibility. Available now.

Tags: content

Most Recent


  • 802.11x
    Newscan: Securing the Internet of Things is quite a challenge
    Also: EWA requests dismissal of 900 MHz applications; TIA names tech and policy priorities for 2014; IJIS Institute names Shumate Award winner; App makes bus waits more tolerable; a Blackberry comeback may be in the offing.
  • 802.11x
    Newscan: FCC certifies Carlson Wireless's white-space radio
    Also: Congress looks to revamp telecom law; Obama to place some restraints on surveillance; IEEE to study spectrum-occupancy sensing for white-spaces broadband; Major Swedish transport operator opts for Sepura TETRA radios; RFMD to partner on $70 million next-generation power grid project; NENA opens registratiuon for "911 Goes to Washington."
  • 802.11x
    Newscan: A look at the critical job of 911 dispatchers
    Also: NYC launches website for tracking 911 response times; Oregon implements 911 on pre-paid cell phones; LightSquared wants to keep spectrum assets; Harris receives multiple government orders; FCC extends rebanding financial reconciliation deadline; Zetron gear at core of communications system upgrade; Ritron debuts wireless access control system; EWA seeks policy review of VHF vehicular repeater system deployments.
  • 802.11x
    Newscan: Average peak data rates of 144 MB/s average realized in tests with CAT 4 LTE device
    Also: Verizon, T-Mobile to swap unused spectrum to improve coverage; Internet giants oppose surveillance--but only when the government does it; FCC Chairman says incentive auction will be delayed until middle of 2015; FCC chair announces staff appointments; Alcatel-Lucent names Tim Krause as chief marketing officer; New Jersey county deploys TriTech CAD system; Toronto airport deploys 26-position Zetron console system;

Leave a comment Cancel reply

To leave a comment login with your Urgent Comms account:

Log in with your Urgent Comms account

Or alternatively provide your name, email address below:

Your email address will not be published. Required fields are marked *

Related Content

  • RugGear: Contributing to the future of mission-critical broadband communication review and market vision
  • Photo gallery: 2014 Communications Marketing Conference (CMC) in Tucson
  • 802.11x
    Top 5 Stories - Week of Sept. 22
  • 802.11x
    RCA plans to expand this year's Technical Symposium

Commentary


How 5G is making cities safer, smarter, and more efficient

26th January 2023

3GPP moves Release 18 freeze date to March 2024

18th January 2023

Do smart cities make safer cities?

  • 1
6th January 2023
view all

Events


UC Ezines


IWCE 2019 Wrap Up

13th May 2019
view all

Twitter


UrgentComm

Phishers trick Microsoft into granting them ‘verified’ Cloud Partner status dlvr.it/Shqngn

2nd February 2023
UrgentComm

Shapeshifting robot can morph from a liquid to a solid dlvr.it/Shqk9K

2nd February 2023
UrgentComm

Automakers against stampede to BEV dominance dlvr.it/ShpX08

2nd February 2023
UrgentComm

FCC nominee Gigi Sohn headed for third Senate hearing dlvr.it/ShpDcZ

1st February 2023
UrgentComm

Sign up to learn how to successfully manage your Motorola ASTRO® 25 System: spr.ly/60143j8fp https://t.co/XcxiUwzN27

1st February 2023
UrgentComm

Hytera parent cites financial health, but unable to make royalty payment to Motorola Solutions dlvr.it/ShlrlM

1st February 2023
UrgentComm

NATE: Todd Schlekeway highlights organization’s safety, legislative initiatives dlvr.it/ShljHj

1st February 2023
UrgentComm

Cybercrime ecosystem spawns lucrative underground Gig Economy dlvr.it/ShkKbf

31st January 2023

Newsletter

Sign up for UrgentComm’s newsletters to receive regular news and information updates about Communications and Technology.

Expert Commentary

Learn from experts about the latest technology in automation, machine-learning, big data and cybersecurity.

Business Media

Find the latest videos and media from the market leaders.

Media Kit and Advertising

Want to reach our digital and print audiences? Learn more here.

DISCOVER MORE FROM INFORMA TECH

  • American City & County
  • IWCE
  • Light Reading
  • IOT World Today
  • Mission Critical Technologies
  • TU-Auto

WORKING WITH US

  • About Us
  • Contact Us
  • Events
  • Careers

FOLLOW Urgent Comms ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2023 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.