Networking Fundamentals, 3rd Edition page 462

Copyright Goodheart-Willcox Co., Inc. 462 Networking Fundamentals Wireless Access Point Authentication Wireless device authentication can be achieved in more than one way. A wireless access point (WAP) is the fi rst authentication mechanism. However, not all wireless access points implement authentication based on username and password. Typically, a WAP is set by default to allow anyone with the same brand of wireless network device to connect automatically to the WAP, and thus to the wired network. Wireless networks use a service set identifi er (SSID) to identify the wireless net- work. Th e SSID is similar to a workgroup name. Multiple wireless networks can coex- ist within range of each other and operate independently by using diff erent SSIDs. All wireless devices have a default SSID. To increase security, the SSID should be changed when the WAP is installed. In order to connect to a WAP, users must have the correct SSID otherwise, they will receive an error message or connect to the wrong WAP. Tech Tip Devices must be using the same security settings in order to connect. If a device is using WPA, it cannot communicate with one using WPA2. This is called a security type mismatch. 5.4 NET 5.4 NET Tech Tip If a WAP has more sophisticated options, such as a username and password feature, it is referred to as a wireless gateway or router. Media Access Control (MAC) Filter A media access control (MAC) fi lter is a feature that allows or restricts WAP ac- cess based on the MAC address of a wireless network card. To set up a MAC fi lter, an administrator creates an access control list (ACL). Th e ACL contains a list of MAC addresses belonging to authorized wireless network devices. Th e ACL is stored in the WAP. When a wireless network device attempts to access the network through the WAP, the WAP checks the ACL to see if the wireless network device is authorized to access the network. Wired Equivalent Privacy (WEP) Wired Equivalent Privacy (WEP) was the fi rst attempt to encrypt data transferred across a wireless network. It was part of the original IEEE 802.11 wireless standard. Not long after WEP was implemented, it was discovered that there were fl aws in the encryption method. Th e WEP algorithm was not as complex as it was fi rst thought to be. A determined hacker could crack the encryption in several hours. In fact, several tools are available on the Internet that can be used to crack WEP encryption keys. WEP-secured networks can use open-system or shared-key authentication. Open-system authentication is arranged in a way that clients do not need to provide credentials to an access point during authentication. With shared-key authentica- tion, a client sends a request to the access point, which replies with a clear-text chal- lenge. Th e client then encrypts the clear-text and sends it back to the access point. If the decrypted response matches the original clear text, the client is connected. While WEP might be adequate for a low-risk network, such as a home network that does not participate in fi nancial transactions, it is inadequate for high-risk 4.2 NET 4.3 NET

Previous Page Next Page

Networking Fundamentals, 3rd Edition Page 462 (484 of 720)

Resources and Downloads

Help