CompTIA Network+ N10-008 – Wireless Networks

  1. Wireless Networking (WLAN)

Wireless Networks or W lands. Wireless networks are great because they extend your physical network into the wireless domain. It can allow your users to roam wherever they want inside a coverage area. So if you think about a college, for instance, you might have the entire campus with numerous buildings, the outdoor spaces, and everywhere covered by this wireless network. And you can just just take your laptop, open it up at a picnic table and gain access to the network. The popularity of wireless networks keeps over and over again.

Back in the late nineties, there were just a few places that had wireless networks. Nowadays, we expect wireless networks everywhere. Anytime you go to a coffee shop or a restaurant, you’re usually going to expect to be able to pull out your phone and find a wireless network. They are convenient to use and they expand your network throughout a room, a floor, a building, or an outdoor space. Wireless networks are here to stay. Now, when we look at wireless networks, the most common types are what we refer to as 800 and 211. And so I want you to write that down on your note sheet. 800 and 211 are the standards for wireless networking, and there are several standards underneath them that we’re going to talk about in the upcoming lectures, such as 8211 A, B, GN, and AC. and we’ll get to those in a future lesson.

Now there are other wireless options that exist out there but most of those are going to be used for personal area networks. When dealing with a local area network, you’ll almost always be dealing with WiFi, or 800 and 211. Now for those personal area networks, we have things like Bluetooth, Infrared, Near Field Communications, Ant Plus, and Zwave, many of which we talked about already in our Internet of Things lecture. When you’re dealing with wireless networks, there are two modes that they can operate in. The first is ad hoc. With ad hoc, each wireless device is going to communicate directly with the other without the need for a centralised access point. This is like a peer-to-peer connection, if you remember from our old discussions of peer-to-peer versus client-server. Now, this will work well if you’re going to do something like gaming or a simple file transfer. But to be able to connect and be able to get out to the Internet or to a larger network, ad hoc just isn’t going to do it for you. And that’s why we use infrastructure mode. Now, infrastructure mode is when you communicate through a centralised access point or router. So in this case, it looks more like a star diagram.

All the devices are connecting back to the access point, and then from there they gain access to your network or the Internet. This is the traditional WiFi that you would get in a coffee shop, your home, or your office because everything will put you back in this infrastructure mode where we have other infrastructure supporting it, such as the router, the access point, and then switches and routers going out to the network. Now, if you’re using that infrastructure mode, we have to have something to bring those devices into our network, and that’s where a wireless access point, or WAP, is going to come in. You’ll hear this referred to as an “AP” for access point or a “WAP” for wireless access point. This is going to expand your wired network into the wired list domain. It is not going to interconnect with different networks, though, because it is not a router. Everything that connects to that access point is treated as if it were connected to a hub. It’s all going to be the same collision domain and the same broadcast domain.

The advantage of using an access point is that it allows you to connect your wired network to this wireless domain and thus expand your access. Now, when you do this, you can have one or multiple access points. For example, on the screen, you’ll see that circular device. That’s actually the access point that I use in my building. Because our building is so large, we actually have to have multiple access points working together so that we don’t have a drop in coverage as we walk through the building. And so we’re on three different floors of the building, and each one of those has one of those access points to give us full coverage. We’ll talk about how they can work together in a separate lecture later on. But for right now, just remember that wireless access points extend your wired network into the wireless spectrum, acting like a hub and a media converter, taking those ones and zeros off the copper wire and putting them into radio frequency. Next, we have what is referred to as a wireless router. Now, what’s the difference between a wireless router and an access point? Well, a wireless router is going to act as a gateway device and a base station for your wireless networks to communicate with. The big difference here is that, as a wireless router, there’s additional capability inside that device.

Most people, if they go to the store to buy a wireless device, are going to buy what they refer to as a “wireless router,” which is really a combination of several devices. On the screen, for example, you can see the Quantum Gateway wireless router from Verizon Wireless. If you have Verizon FiOS in your house, this is what you’d be using. Now, this one singular device has an access point built into it, but it also has a router built into it, and it also has a four-port switch built into it; you can see those four yellow ports on the right image. It also has a firewall built into it, and it also has the fibre cable or DSL modem built into it. And in this case, it’s a fibre modem. We take all of those devices, smash them into one single device, and turn that into a wireless router.

  1. WLAN Service Sets

Wireless network server sets So in the last lesson we talked about, there’s an ad hoc mode and an infrastructure mode. Let’s dig just a little bit deeper into both of those concepts. First, we have ad hoc mode. And when we use ad hoc mode, we are actually using what’s called the Independent Basic Server Set, or IBSS. Now, you’ll notice in the diagram that I have a wired network on the first floor, and I have two devices connecting wirelessly to each other on the second floor. Notice those two devices on the second floor are not talking to anybody on the first floor. They are separate, and they’re only talking in a peer-to-peer configuration. They have no access to the Internet and no access to the local area network. This is where devices have no access points.

They are only operating in ad hoc mode. Next, we have the first infrastructure mode, which we call BSS, or Basic Server Set. Notice that my second-floor devices are connecting wirelessly to that wireless access point. And the device on the first floor is also connecting wirelessly to the wireless access point. And then there is a hard line of cable between the access point and the switch. Now, this is how we’re going to connect in a small home office environment in your house. If you have WiFi, this is what you’re doing. You have one access point that’s connected to the network, and that’s how it makes its connection to the Internet. This is our first infrastructure mode. The second one we have is called ESS, or extended server set. Notice here that because the building is so large, I actually have two different wireless access points, one on the first floor and one on the second floor. Both of those access points are hardwired back with Cat 5 or Cat 5e cables to the switch on the first floor. But they’re providing service wirelessly to their designated floor. Now they’re working in conjunction with each other, and they even have the same name. So if you came to my house, for instance, we have a network called Deon, and we have several access points spread throughout my house operating in Extended Server Set mode.

And the reason why is that we want to have good coverage for everyone in the house, no matter where they’re standing. That’s the way that you can use ESS. This is using multiple access points to give you good coverage across the entire building. If you go to work or you go to a college campus, They use this all the time. And the reason why is that a single access point can only cover maybe 100 or 150 meters. But with multiple access points, I can cover an entire college campus as long as they all work together. The end user just sees one network as they roam around. Next, we have what’s called a mesh topology. And we mentioned this all the way back in our topology lessons and it may not use a centralised control mechanism, but instead will combine numerous different ways of doing wireless networks.

You can combine the use of microwave, cellular, WiFi, and others to make one coherent network. So in this example, for instance, I have my laptop connected wirelessly to a wireless access point. It then connects to a satellite. That satellite could then travel to a ground station, which would then connect to a switch and connect to another machine. Or if I look at the bottom part of the diagram, where the internet is, it’s connecting wired through a router to a wireless access point, where that is then going to a TV and a laptop. All of this can make one big mesh topology network as I connect the different devices together using WiFi, microwave, cellular, and others. Now, if we want to take it a step further, you can see this next diagram here, and I showed this in a smaller version back in the mesh topology days. But you can see we have 800 and 211 WiFi zones, high-frequency antennas, and high-gain antennas covering vast distances. We have satellite, we have microwave, and we might have Yimax. All of this can come together to create a perfect mesh that covers a wide range. As I mentioned before, this is very popular to use in disaster recovery situations when landlines have gone down and we need to start building up frequencies to be able to use in a quick manner. Next, let’s talk about access point placement because careful planning of where you’re going to put your access point is really important to ensure that you don’t have interference and network outage issues. This will become very clear to you during the troubleshooting section as well. Your coverage needs to overlap between those access points.

So, for example, on the diagram, let’s say we want to COVID all of this office building with WiFi. Well, the way wireless radios work is that wherever you put the centre access point, everything else is going to go out in a circular pattern around it. And so in this building, I need to have four different access points to COVID the entire building, and I don’t want to have drops as I walk from one room to another. So I have to have overlap, and we want to have overlap between the coverage zones but not in the frequencies because, if you know anything about radio frequencies, if we’re both transmitting on the same frequencies, that’s going to cause collisions and drop the signals. So when I’m using the 2.4 GHz spectrum, which is used by wireless B, G, and N, we want to make sure that we have overlapping coverage of 10% to 15%. So as I blow up this diagram here, you can see that I have four wireless access points, and they are operating on channels 1, 6, and 11. This is going to make sure that no two circles are touching the same channel frequency. So you’ll see that channel six on the left is touching channels one and eleven, and channel six on the right is touching channels one and eleven. I can’t have channel six and seven overlap because it will cause problems in my network and drop coverage.

Now when we move on to the newer spectrum of 5 GHz used by wireless N and wireless AC, you want to have overlap there as well. But because of the way that there’s bleed over, we want to make sure that there are no identical channels sitting next to each other. They need to be separated by at least two cells. And we designate these cells as a honeycomb pattern with the 5 GHz spectrum, as opposed to the circle that we use with 2.4 GHz. So if you look on my screen here, you can see I have channel 36 in the upper left corner. So to get there, you’ll have to go through channels 52 and 54, and then finally, you get to channel 36 again. So we have this honeycomb pattern and keep that separation because that’s going to give us better coverage. Now, when you go through and do your site survey, this is when you go through your building and figure out where you have good coverage and where you have bad coverage. And you can actually produce a heat map with those coverage zones and overlay it on your floor plan.

So in this example, here’s a building that we’ve done a wireless survey on to determine our coverage areas; where it’s blue, that’s where the access point is. And so blue is a really strong signal; green is a good signal. Yellow is getting a little weaker, and red is a bad signal. So there are a couple of offices there in the middle of the diagram that have red coverage. If I wanted to improve that, I would move another access point into that region. But overall, this has pretty good coverage except for that stairwell area in the centre of the screen. Now you’ll notice outside the building we do hovered as well, and that’s a good thing. We don’t want a lot of signal bleed going outside our building. Now what’s the bad thing in here? Well, if you look in the bottom centre of the diagram, we have green, yellow, and orange in the parking lot, which means if I drove into this parking lot, I could connect to your building’s wireless network.

That’s not necessarily very good. So, if I were doing this for security reasons, I would probably move the middle access point closer to the centre of the building, which will help alleviate some of those red spots in the building while also pulling some of that coverage away from the parking lot. We’ll talk more about that when we talk about wireless security. What is another way to get additional coverage besides implementing an ESS or extended server set model? Well, if you don’t want to put up a full access point, you can use a range extender. Now, a range extender is a specialised device that will help you overcome those distance limitations. And it will amplify your signal by extending the reachability of a wireless signal. They’re very small devices. For example, the network equipment shown on the screen has two antennas. One of those is for listening, and one of those is for sending. So if you have a large house and your router is down in your basement, your wireless access point is down in your basement. For instance, you might put one of these on your stairs so it can get the signal from the basement and rebroadcast it upstairs. Essentially, this is a wireless repeater. Just like we would use an active hub to repeat our signal, we can use wireless range extenders to repeat our wireless signal and give us additional range.

  1. Wireless Antennas

Wireless antennas. Now, depending on your coverage area, you must choose the type of antenna you want to use in your home or small office. You’re probably using just a standard fixed antenna on your wireless access point. But when you start designing things for an enterprise network, you can start choosing the right antenna for the right job. There are different factors that will determine the effectiveness of your antenna, including the distance you want to cover, the pattern of the wireless coverage you need, the environment (whether it’s inside or outside), and if you want to avoid interference with other access points.

All of these things will go into your decision-making when determining the right antenna to use. Now, the most commonly used antenna is the omnidirectional antenna. And the way it works is that it’s either built in or has a fixed antenna on your wireless access point. It’s going to radiate power equally in every single direction. So if you’re using an omnidirectional antenna, the best place to place your access point is usually right in the centre of the room. So if you go to a college classroom, for example, and you look up in the centre of the classroom, you may see a wireless antenna that’s omnidirectional sitting on the ceiling, providing full coverage to that entire classroom in your home. If you have Verizon, Comcast, or another cable service provider that gives you one of those all-in-one wireless routers, they have omnidirectional antennas that go out in every single direction. The next one we have is what’s called a unidirectional antenna.

And this uni represents one. So all of the power is being focused in one particular direction. And the most common unidirectional antenna that you’re going to hear about on the network plus exam is what’s referred to as a “yogi antenna.” Yagi and I’ve had one here displayed for you on the screen. Now, the most common use of a yogi antenna is when you want to put out power over a longer distance and connect two buildings or two sites. So we might put a wireless access point on the top of two buildings and point them at each other, and that yogi antenna that’s being pointed at each other will be able to maintain that connection. Now, in the example here, I have two buildings, and you can see that a strong blue radio wave is going between the two. There are no waves or not many waves going out the other side away from that direction because, with Yogi, we’re putting almost all of our power straight out the end of that antenna. Now, where else might you find directional antennas? Well, if I were trying to provide a wireless network in a building and on the inside of the building, I could use unidirectional antennas to shape the direction that I wanted the power to go. So, instead of going out in all directions equally, I can focus it in one direction and ensure that my wireless signals do not bleed into the parking lot, but only go inside the building. Going back to that heat map we had in the previous lesson, you can see where that can become really important.

  1. Wireless Frequencies

Wireless frequencies. Now, we’ve talked about antennas, and we’ve talked about some of the basics of wireless. But let’s dig in a little bit deeper into the specific frequencies that are being used in this wireless spectrum. First, I want to talk about spread-spectrum wireless transmissions, and there are three main ways that we can do this. The first is DSS, or direct sequence spread spectrum. The next is frequency-hopping spread spectrum, or FHSS. And the third is OFDM, or orthogonal frequency division multiplexing. Now, in today’s networks, we don’t really use frequency hopping. Instead, we use direct sequencing or orthogonal frequency division. And we’ll talk about that as we go through each of these in the next couple of slides. Direct sequence spread spectrum, or DSS, is going to modulate your data over an entire range of frequencies using a series of signals known as chips. These are more susceptible to electrical interference and environmental interference, and that is going to cause us to have slower bandwidth. Now it also uses the entire frequency range of the spectrum to transmit its signal.

And so, for example, if I’m using channel one, channel six, or channel eleven, you could see here on the screen that I’m using large portions of that frequency band. If I use channels 1, 6, and 11, there are non-overlapping channels to prevent interference. But I’m also giving up channels two, three, four, and five; channels seven, eight, nine, and ten; and et cetera. You can see there’s a lot of wasted space here by using DSS. Now on the other hand, frequency hopping spread spectrum is going to allow devices to hop between predetermined frequencies and so it makes it harder to guess where the frequency actually is, depending on the algorithm it’s being used. Frequency hopping is used as a security measure in some networks, but we’re not going to use it in our commercial-grade wireless networks because it slows down the ability and reduces the amount of spectrum you can use.

So your bandwidth goes way down, even though it does give you increased security. The next and most common one we use nowadays is called orthogonal frequency division multiplexing, or DM. Now this is going to use a slow modulation rate with simultaneous transmissions over 52 different data streams. By doing these small little chunks, we’re able to actually take out larger chunks of the spectrum and give us more bandwidth. This gives us higher data rates while resisting interference because these data streams are small little chunks. So if we compare the OFDM used by wireless G and N, where we have these 22 MHz spectrum chunks for channels 1, 6, and 11, versus something in wireless N in the 5 GHz spectrum, where we can now take a 40 MHz chunk, that’s going to give us additional ability and additional bandwidth, increasing our speeds in wireless N and wireless AC.

Before we go any further, I’d like to point out that for the exam. You don’t need to dig deep into DSS, frequency hopping, or orthogonal division. You do need to understand that if you see those three terms, they are referring to something in the wireless networking world, and you’ll be okay on test day with that amount of information. Just recognizing that those three terms relate to wireless networking is about as in-depth as you need for this exam. Next, let’s talk about frequencies and channels. We’ve already touched on this a little bit as we’ve talked about 2.4. These are the two different spectrums that are being used by wireless networks today. The 2.4 GHz band is actually between 2.4 and 2.5 GHz, but for the exam and anything else you discuss in real life, saying 2.4 GHz is sufficient. The same thing holds true with 5 GHz. Technically, it’s actually 5.75 to 5.87 GHz, but everyone just calls it 5. That is what they’ll call it on the exam as well. Each band has specific frequencies and channels to avoid overlapping with other signals.

So if we’re dealing with 2.4 GHz, for instance, the three channels you must memorise to prevent interference are channels 1, 6, and 11. Those three channels are utterly important. Anytime someone’s talking about “I want to prevent wireless interference; what channels should I use?” The answer is 1, 6, and 11 if they’re on a wireless B, wireless G, or wireless N network in the 2 GHz space. Next, I have a nice little summary chart for you, and this is one of those that I would print out and memorise at least the first three columns. You need to know the standard, you need to know the band, and you need to know the maximum bandwidth. So when we started out with wireless way back in the early 90s, we had the 800 and 211 standards. It was not commercially viable and did not make it into the market, but it did operate at the 2 and 4 GHz spectrum and at about one to two megabits per second. For your chart, I wouldn’t even bother writing that one down. Let’s begin with a BGN and an AC. Those five lines of the chart and the first three columns are going to be essential to your success in wireless networking questions on exam day.

Wireless A, or 8211 A, operated in the 5 GHz spectrum, which was an expensive radio to build and manufacture at that time, but it did give us good speed. It was operating at 54 megabits per second, which was really good in the late 90s. But unfortunately, because of the high cost, only business users really used it, and we couldn’t get it into commercial markets. So they decided they had to make something cheaper and easier. And so they went with Wireless B, which operates in the 2.4 GHz spectrum, which is commonly used by a lot of household devices, including security cameras, walkie-talkies, baby monitors, microwaves, and more. This made it very cheap and easy and led to the widespread adoption of WiFi throughout homes, businesses, and schools. Now, because it was using this cheaper chipset and the way the frequencies worked out, it actually slowed down the network to eleven megabits per second, which today sounds extremely slow. But back in the late 90s, we weren’t doing a lot of streaming video, and eleven megabits per second was actually pretty good. Over time, we wanted more speed. As a result, wireless G emerged in the 2.4 GHz spectrum. It operated at 54 megabits per second, but that was kind of the maximum capability of that spectrum. Wireless N was the next step. Now, Wireless N started introducing the 5 GHz spectrum again.

And from here, they were able to get up to 300 megabits per second or more. Really, really fast networks But the problem was that a lot of people had already invested in wireless B and wireless G access points. As a result, if you purchased a wireless N that only operated at 5 GHz, it would not work with your old equipment. As a result, they began implementing dual-band radios in wireless N as a transition. So you could support 2.4 GHz for backwards compatibility, which was a slower standard. Obviously, it would drop back down to 54 megabits per second. Or it can operate in the new wireless only mode and operate at 5, giving you increased speeds. Nowadays, the most modern WiFi we have is what’s referred to as “wireless AC.” And wireless AC operates exclusively in 5 GHz mode. It does not support backwards compatibility, and it will operate at up to three gigabits per second or more. These are fast networks and good networks. So for the exam, I want you to remember a BGN and AC. Remember that it supports 2.4 GHz whether it’s an ABG or an N. If it’s an or AC, it supports 5.Those are the important things. And you also need to know those speeds, right? So keep those in mind as well. But by being able to tell those frequencies, you’re going to get questions like, “Which of these frequencies doesn’t support 5?” The answer might be B or G. Right?

Or which of these doesn’t support 2.4? The answer would be a Those kinds of things are questions you’re going to see on the exam. So keep that in mind as you’re studying. Next, let’s talk about radio frequency interference. Now, radio frequency interference is caused when there are similar frequencies to wireless LANs in the area. Microwave ovens, baby monitors, cordless phones, and other wireless devices that operate in this crowded 2.4-GHz spectrum space have already been mentioned. You also have physical things that can block your wireless signals, like walls, refrigerators, and cabinets. And then you have signal strength issues. If your signal is too weak, it can’t make it around corners, and it can’t make it through these walls, so it’s going to get blocked. All of these will lead to interference, which will slow down the ability of your network. As your signal decreases or interference increases, it causes additional retransmissions because of TCP. And when it retransmits, that is additional network baggage that’s being taken up and bandwidth that’s being taken up in retransmission, which slows down the network even more.

So you want to make sure you have a good signal throughout your entire structure to increase the efficiency of your network. Finally, let’s talk about how we actually will send data on one of these wireless networks with Ethernet. We talked about the fact that we use Csmacd, which is carrier sense multiple access collision detection. Well, with wireless networks, we’re going to use something called collision avoidance. Now, it starts out the same in both networks. We listen for transmissions, and if we think the line, or in our case, the frequency, is clear, we would then send a message, right? Well, that’s where we stop with Ethernet. We would just send the message, and if there was a collision, we would retransmit. with wireless, though, to prevent collisions ahead of time. And this is where avoidance comes in. We listen, and then we send out a packet that says “Ready to Send” or “Request to Send,” which is RTS. And the other network devices will then acknowledge I understand you want to send something. Once I see that acknowledgement, I will go ahead and send because I think that it is clear to do so. Now, if we don’t receive this clear request to send an acknowledgement, then I’m not going to start sending. Instead, I’m going to choose a random back-off timer. I’ll wait 30 milliseconds, and then I’ll send another request to send. But until I receive a “clear to send message,” I will not send my message because I don’t want collisions, because it takes up more bandwidth and it starts taking up more additional retransmissions, and it becomes a negative spiral. So remember, collision detection is for wired networks, and collision avoidance is for wireless networks.

  1. Wireless Security

Next, we geofencing. cing.Geofencing uses GPS and RFIdefine real-real world boundaries for devices. ices. Now, these barriers can be active or passive, such Asif I have a barrier set up in the city so that whenever the cell phone goes outside that range, it sends a text message back to me. Or it can be a passive one where it just logs that information and I can check it later. Now, some of those active bearers can actually be used as part of authentication. This is one of those things that, for instance, if I was in a location, say a Starbucks, and they’re using geofencing, when I try to connect to their WiFi, it will verify that I am inside their Starbucks and not several hundred feet away. That would be a way to use Geofencing. Now, your device can send alerts if it leaves the area. And your authentication can be used to determine access based on your location.

And that can be done by city, state building or country. For example, if you’re offering access to people so they can use your network and somebody is connecting from Russia even though you’re sitting in Washington, DC, You can block that based on their GPS address, which indicates that they are in Russia, because they have no need to use your coffee shop’s local network. If you are in Washington, DC, As a result, we can create geoblocks based on their location. Next, we have disabling your SSID broadcast, which is another minor security use that can help protect your networks a little bit. Now, according to the exam, just like Mac filtering, this is a good thing to do in the real world, though it doesn’t take very long to find a hidden SSID. Now, what is an SSID? It is your server’s set identifier. It’s what your wireless network is called. So, for example, if you come to my office, we have a server-set ID set for deon training. If you come to my house, my server setID is set to Dion, and I can go. When you go to your wireless networks and search for a network, all those listed names are server-side broadcasts. You can turn that off so that it’s hidden, and the user will have to manually type in the name to connect to your network.

The problem is that, again, using wireless penetration testing techniques, it is very easy to find these and still connect to them. So if all you’re doing is disabling your broadcast, it’s not very secure. But if you do this in combination with Mac filtering and a long, strong password, we’re now starting to layer the security to give us a better benefit. Next, we have something bad, and it’s called a rogue access point. Now, what is a rogue access point? Well, it’s when a malicious user sets up an access point to lure legitimate users to connect to it. That way, they can act as a middleman and steal the data. So in this case, I have this blue laptop, which belongs to somebody at the coffee shop who wants to be able to connect to Starbucks’ network, but I’m the bad guy, and I’ve set up this rogue access point called Starbucks that is actually putting out more power. So when their device tried to look for Starbucks, it connected to me. And then all their traffic is going through my access point and my laptop before going to the Internet, allowing me to capture all their data, their user names, their passwords, and everything else. This is why you need to be very careful when connecting to public WiFi, because you don’t know if you’re connecting to the real Starbucks network, the real Panera network, the real hotel WiFi, or some malicious user here. And finally, unsecured wireless networks Hackers love unsecured wireless networks because they give us a great platform to launch our attacks from.

This could include places like coffee shops or your home network. And there are two techniques that hackers use, although most of this is now turning into a digital thing as opposed to a physical thing. In the old days, people used to drive around to perform reconnaissance, and it was called war driving. I might have my partner drive the car while I go around scanning for any networks that don’t have a password and marking down their location so I know where I can run my attacks from. Now, in addition to that, some people would do what’s called “war chalking.” And so outside of the building or on a telephone post, you could take chalk and write symbols to show what those networks are. There’s an example of some of those symbols here on the screen. You don’t need to memorise these for the exam, but understand the concept of what war driving is and war chalking is, which is notating. Those networks you found during wartime driving are covered by the exam objectives, and you should be able to answer some questions on them if you get them to come to test day again. This is something that hackers enjoy doing: telling their friends about the networks they discovered so that they can use them as part of their attack measures in those networks.