WIRELESS LOCAL AREA NETWORK SECURITY
project report helper|
Active In SP
Joined: Sep 2010
25-09-2010, 10:39 AM
WIRELESS LOCAL AREA NETWORK SECURITY
WLAN SECRITY.docx (Size: 129.67 KB / Downloads: 112)
AJAY N. MALALIKAR
Security aspect is very important feature in our day to day life, but more concerned when it comes to data transfer especially in multinationals. Now a days the technology of data transfer is so much developed that takes place through air, what we call it Wireless LAN (WLAN). But it is very challenging task to transfer your confidential data with full security over WLAN. Many new technologies have been developed regularly to give maximum security to ones data. But the pilfers, in computer world called as Hackers leave no way to penetrate into your system the crack the information
Active In SP
Joined: Feb 2011
19-03-2011, 03:04 PM
wlan.doc (Size: 87.5 KB / Downloads: 48)
F or some time now, companies and individuals have interconnected computers with local area networks (LANs). (Note- because of the many acronyms, there is a list at the end of the paper.) This allowed the ability to access and share data, applications and other services not resident on any one computer. The LAN user has at their disposal much more information, data and applications than they could otherwise store by themselves. In the past all local area networks were wired together and in a fixed location as in figure 1 below.
W hy would anyone want a wireless LAN? There are many reasons. An increasing number of LAN users are becoming mobile. These mobile users require that they are connected to the network regardless of where they are because they want simultaneous access to the network. This makes the use of cables, or wired LANs, impractical if not impossible. Wireless LANs are very easy to install. There is no requirement for wiring every workstation and every room. This ease of installation makes wireless LANs inherently flexible. If a workstation must be moved, it can be done easily and without additional wiring, cable drops or reconfiguration of the network. Another advantage is its portability. If a company moves to a new location, the wireless system is much easier to move than ripping up all of the cables that a wired system would have snaked throughout the building. Most of these advantages also translate into monetary savings. Ad Hoc networks are easily set up in a wireless environment. Ad Hoc networks will be discussed later. Figure 2 is an example of a wireless LAN._
2 Physical Media
T here are three media that can be used for transmission over wireless LANs. Infrared, radio frequency and microwave. In 1985 the United States released the industrial, scientific, and medical (ISM) frequency bands. These bands are 902 - 928MHz, 2.4 - 2.4853 GHz, and 5.725 - 5.85 GHz and do not require licensing by the Federal Communications Commission (FCC). This prompted most of the wireless LAN products to operate within ISM bands. The FCC did put restrictions on the ISM bands however. In the U.S. radio frequency (RF) systems must implement spread spectrum technology. RF systems must confine the emitted spectrum to a band. RF is also limited to one watt of power. Microwave systems are considered very low power systems and must operate at 500 milliwatts or less.
I nfrared systems are simple in design and therefore inexpensive. They use the same signal frequencies used on fiber optic links. IR systems detect only the amplitude of the signal and so interference is greatly reduced. These systems are not bandwidth limited and thus can achieve transmission speeds greater than the other systems. Infrared transmission operates in the light spectrum and does not require a license from the FCC to operate, another attractive feature. There are two conventional ways to set up an IR LAN. The infrared transmissions can be aimed. This gives a good range of a couple of kilometer and can be used outdoors. It also offers the highest bandwidth and throughput. The other way is to transmit omni-directionally and bounce the signals off of everything in every direction. This reduces coverage to 30 - 60 feet, but it is area coverage. IR technology was initially very popular because it delivered high data rates and relatively cheap price. The drawbacks to IR systems are that the transmission spectrum is shared with the sun and other things such as fluorescent lights. If there is enough interference from other sources it can render the LAN useless. IR systems require an unobstructed line of sight (LOS). IR signals cannot penetrate opaque objects. This means that walls, dividers, curtains, or even fog can obstruct the signal. InfraLAN is an example of wireless LANs using infrared technology.
M icrowave (MW) systems operate at less than 500 mill watts of power in compliance with FCC regulations. MW systems are by far the fewest on the market. They use narrow-band transmission with single frequency modulation and are set up mostly in the 5.8GHz band. The big advantage to MW systems is higher throughput achieved because they do not have the overhead involved with spread spectrum systems. RadioLAN is an example of systems with microwave technology.
R adio frequency systems must use spread spectrum technology in the United States. This spread spectrum technology currently comes in two types: direct sequence spread spectrum (DSSS) and frequency hopping spread spectrum (FHSS). There is a lot of overhead involved with spread spectrum and so most of the DSSS and FHSS systems have historically had lower data rates than IR or MW.
2.3.1 Direct Sequence Spread Spectrum (DSSS)
W ith direct sequence spread spectrum the transmission signal is spread over an allowed band (for example 25MHz). A random binary string is used to modulate the transmitted signal. This random string is called the spreading code. The data bits are mapped to into a pattern of "chips" and mapped back into a bit at the destination. The number of chips that represent a bit is the spreading ratio. The higher the spreading ratio, the more the signal is resistant to interference. The lower the spreading ratio, the more bandwitdh is available to the user. The FCC dictates that the spreading ratio must be more than ten. Most products have a spreading ratio of less than 20 and the new IEEE 802.11 standard requires a spreading ratio of eleven. The transmitter and the receiver must be synchronized with the same spreading code. If orthogonal spreading codes are used then more than one LAN can share the same band. However, because DSSS systems use wide sub-channels, the number of co-located LANs is limited by the size of those sub-channels. Recovery is faster in DSSS systems because of the ability to spread the signal over a wider band. Current DSSS products include Digital's RoamAbout and NCR's WaveLAN.
2.3.2 Frequency Hopping Spread Spectrum (FHSS)
T his technique splits the band into many small subchannels (1MHz). The signal then hops from subchannel to subchannel transmitting short bursts of data on each channel for a set period of time, called dwell time. The hopping sequence must be synchronzied at the sender and the receiver or information is lost. The FCC requires that the band is split into at least 75 subchannels and that the dwell time is no longer than 400ms. Frequency hopping is less suceptible to interference because the frequency is constantly shifting. This makes frequency hopping systems extremely difficult to intercept. This feature gives FH systems a high degree of security. In order to jam a frequency hopping system the whole band must be jammed. These features are very attractive to agencies invovled with law enforcement or the military. Many FHSS LANs can be co-located if an orthagonal hopping sequence is used. Because the subchannels are smaller than in DSSS, the number of co-located LANs can be greater with FHSS systems. Most new products in wireless LAN technology are currently being developed with FHSS technology. Some examples are WaveAccess's Jaguar, Proxim RangeLAN2, and BreezeCom's BreezeNet Pro.
I nterference caused by signals bouncing off of walls and other barriers and arriving at the receiver at different times is called multipath interference. Multipath interference affects IR, RF, and MW systems. FHSS inherently solves the multipath problem by simply hopping to other frequencies. Other systems use anti-multipath algorithms to avoid this interference. A subset of multipath is Rayleigh fading. This occurs when the difference in path length is arriving from different directions and is a multiple of half the wavelength. Rayleigh fading has the effect of completely cancelling out the signal. IR is not effected by Rayleigh fading because the wavelengths used in IR are so small. Figure 3 shows the problem of multipath fading.
3 Medium Access Layer
W ith more and more companies and individuals requiring portable and mobile computing the need for wireless local area networks continues to rise throughout the world. Because of this growth, IEEE formed a working group to develop a Medium Access Control (MAC) and Physical Layer (PHY) standard for wireless connectivity for stationary, portable, and mobile computers within a local area. This working group is IEEE 802.11. Because 802.11 will eventually become the standard for wireless networking.
E ach computer, mobile, portable or fixed, is referred to as a station in 802.11. The difference between a portable and mobile station is that a portable station moves from point to point but is only used at a fixed point. Mobile stations access the LAN during movement. When two or more stations come together to communicate with each other they form a Basic Service Set (BSS). The minimum BSS consists of two stations. 802.11 LANs use the BSS as the standard building block.
A BSS which stands alone and is not connected to a base is called an Independent Basic Service Set (IBSS) or is referred to as an Ad-Hoc Network. An ad-hoc network is a network where stations communicate only peer to peer. There is no base and no one gives permission to talk. Mostly these networks are spontaneous and can be set up rapidly. Ad-Hoc or IBSS networks are characteristically limited both temporally and spatially.
W hen BSS's are interconnected the network becomes one with infrastructure. 802.11 infrastructure has several elements. Two or more BSS's are interconnected using a Distribution System or DS. This concept of DS increases network coverage. Each BSS becomes a component of an extended, larger network. Entry to the DS is accomplished with the use of Access Points (AP). An access point is a station, thus addressable. So data moves between the BSS and the DS with the help of these access points.
C reating large and complex networks using BSS's and DS's leads us to the next level of hierarchy, the Extended Service Set or ESS. The beauty of the ESS is the entire network looks like an independent basic service set to the Logical Link Control layer (LLC). This means that stations within the ESS can communicate or even move between BSS's transparently to the LLC.
Active In SP
Joined: Feb 2012
13-03-2012, 11:28 AM
to get information about the topic"local area network" full report ppt and related topic refer the link bellow
Joined: Apr 2012
15-06-2012, 05:50 PM
LOCAL AREA NETWORK
LOCAL AREA NETWORK.docx (Size: 228.17 KB / Downloads: 25)
BACKGROUND OF THE STUDY
To understand VLANs it is first necessary to have an understanding of LANs. A Local Area Network (LAN) constitutes a number of systems in a network where they communicate. LAN operates at the Data Link layer of the OSI Model. LAN is a connection of a network within a limited geographical area, it has some basic components such as Switches, Bridges, Hubs and Routers. Today, LANs are defined as a single broadcast domain. This means that if a user broadcasts information on his/her LAN, the broadcast will be received by every other user on the LAN. Broadcast are prevented from leaving a LAN by using a router. As the network expands, more routers are needed to separate users into broadcast domain and provide connectivity to the LANs .One draw back to this design is that routers add latency, which essentially delays the transmission of data compared to a bridge or a switch. Due to the process involved in routing data from one LAN to another as requires the router to use more data packets to determine destination and route the data to the appropriate end node, a VLAN was developed as an alternative solution to using routers to contain broadcast traffic. Routers in VLAN topologies provide broadcast filtering, security address summarisation and traffic flow managemen, despite improvement in equipments performance and media capabilities, network design is becoming more difficult.
STATEMENT OF THE PROBLEM
It has been observed that the mode of resource distribution and information dissemination in the School of Postgraduate studies federal university of technology, Yola is not using the modern methods of data communication. This in essence causes distortion and may even lead to loss of vital resources and data/information within the School. Lack of networked personal computers in the School (postgraduate studies) leads to delay in organising data/information, poor access to numerous resources and improper security.
AIMS AND OBJECTIVE
To design VLAN for the School of Postgraduate Studies, Federal University of Technology, Yola for easy information dissemination and acquisition. This will enable the network (VLAN) to perform the following functions;
a. To separate groups of users who need special security or network function.
b. To identify group of devices whose data should be given much priority handling.
c. To reduce hardware requirements, as networks can be logically instead of physically separated.
SIGNIFICANCE OF THE STUDY
The significance of this research work is based on the fact that information system management is of paramount important to any organisation. This research work will help to create awareness of the use of modern network(VLAN) in organisation/institution; when its being deployed will provide much security, flexity and network management.
DEFINATION OF TECHNICAL TERMS
1. BRIDGES: Bridges are simpler and less expensive then, bridges make a simple do/don’t decision on which packet to send across two segments they connect. Filtering is done based on the destination address of the packet. If a packets destination is a station on the same segment where it originated, it is not forwarded. if it is destined for a station on another LAN.
2. BROADCAST DOMAIN: Is a network (portion of a network) that will receive a broadcast packet from any node located within the network.
3. FILTERING: Is the act of determining the correct action to either pass the packet to other segment or not, by checking the bridge table information.
4. HUB: a connectivity device that retransmit incoming data signal to its multiple ports. Typically, hubs contain one uplink port, which is used to connect to a networks background.
5. PACKET: A message or part of a message packaged as a fixed –size segment of data for transmission through a computer network.
6. ROUTERS: routers are more complex and more expensive than bridges. They use information within each packet to route it from one LAN to another, and communication with each other and share information that allow them to determine the best route through a complex network of many LANs.