Main / LogFriday17
Diary of Friday, 17th February 2006
by E.C. Ezin, from Benin
The agenda today is made of security, mesh networks and of course, lab session. The first lecture on Wireless networking security given by Rob explored problems in the field with a list of existing solutions. Let say the panorama in the field.
There are many reasons to consider security in a wireless network as a big challenge. Indeed, a wireless network is a shared medium operating like a network hub in which every computer user connected can see the traffic of every other user. Users are relatively anonymous since, MAC (Medium Access Control) addresses are not anymore the best way for device identification. Moreover, multipath effects, high gain antennas can make impossible to know if a malicious wireless user is on the wireless network. Other problems may be generated by unintential users, war drivers, rogue access points. It is 10:10 am. Coffee break ! coffee break. Carlos as always, switched off the light to invite participants to the coffee break party. The same lecture will continue.
By installing a high powered AP (Access Point) that uses the same ESSID (Extended Service Set Identification) as an existing network, a malicious person can trick people into using their equipment and manipulate all data that pass through it. Eavedropper can deal with wireless networks by using passive monitoring tools e.g. Kismet, Etherpeg, etc. to log all network data from a long distance away without ever making their presence known. We cannot complete the list without underlining virus infected computers.
Do not be afraid !!!. A problem without solution becomes a research topic. Anyway you have to protect your wireless network by turning off beacons, by applying a MAC filter to an AP to control which devices may be permitted to associate, by using a WEP (Wired Equivalent Privacy) encryption that provides encryption at layer two, by using WPA (Wi-Fi Protected Access) encryption the future and possible standard for protected Wi-Fi access, by using good end-to-end security softwares such as SSH (Secure Shell), SSL (Secure Socket Layer), IPSEC (Internet Protocol Security), OPENVPN (Open Virtual Private Network), PPTP (Point to Point Tuneling Protocol).
The main problem with encryption at layer two is the possibility of MITM (Man In The Middle) attacks. As you can see, there are many attempts to handle wireless security problem. Even free tools are available to show information about wireless networks. Among them network ESSID scanners (e.g. Net Stumbler for Windows OS, Mini Stumbler for Pocket PC, Wellenreiter for Linux), wireless protocol analyzers (e.g. AiroPeek? for Windows OS, Kismet and Ethereal for many plateforms), etc.
In the lab session, we used ntop (New Technology Option Pack) in Windows or Linux environment according to the choice of the group. In short, tools help to know what is happening on the wireless network. The strong end-to-end encryption helps to prevent others from using these tools to attack networks. Afterall, who can say OK, my wireless network is secure!!! ? Maybe Tomas and Rob's wireless network.
In the afternoon, Tomas' talk was about Mesh networks with a very well defined agenda. A mesh network is a network (of course!!!) that employs one of the two connection arrangements namely full mesh topology or partially mesh topology. In a full mesh topology, each node is connected directly to each of the others while in the partially mesh topology, nodes are connected to only some, not all of the other nodes. The MANET (Mobile Ad'hoc Network) is a self-configuring network of mobile routers connected by wireless links.
Motivations to pay more attention to mesh networks are many due to their simplicity, robustness, flexibility, low-cost characteristic, etc. Elements of mesh routing node discovery, border discovery, link metrics, route calculation, IP address management, etc. are presented.
There is two types of mesh routing protocols : the pro-active and the reactive. The pro-active checks link state and updates routing table. It required high complexity and CPU load. Some pro-active routing protocols are OLSR (Optimized Link State Routing), TBRPF (topology Broadcast based on Reverse-Path Forwarding), HSLS (Hazy Sighted Link State), Mobile Mesh or MMRP (Mobile Mesh Routing Protocol), OSPF (Open Shortest Path First). The second class that the reactive of protocols contains essentially the AODV (Ad hoc On Demand Distance Vector) protocol that is in the process of being standardized. More details about each protocol are given by the lecturer.
Some routing metrics are presented namely Hop count, RTT (Round Trip Time), Pkt Pair (Pe-hop Packet-pair Delay), ETX (Expected Transmision Count). About mesh hardwares, some examples are Metrix Mark I, Meshnode, Linksys WRT54G? , Mesh AP, etc. Among mesh software packages available, we have olsrd, Mesh Linux, Zebra/Quagga, Cuwin, , Open WRT, Freifunk Firmware, etc. Ouf! the list is long in the field. The lecturer Tomas gave four concrete examples of mesh networks. Once again, coffee break!! coffee break of course with the mobile lecturer of the group - Carlo!. Maybe he is the only one who knows detail and location of each material in this laboratory.
During the lab session, participants have to do Exercises on mesh networks and security. Only two groups tried to face the problem concretely. Most participants have their batterie low, let say empty. Almost three fifth of us remained till 7 pm. There is no more dB as gain on the receiving antenna. I hope the weekend will help participants to acquire some hundred of dB as power to face the last week in a more secure mesh network./.