8 INTRODUCTION Wireless technologies are a reality that grows every day at a fast pace and gain ing ever

more adherents. They, in turn, ranging from those residential users eve n those who make use of this technology on your desktop. Wireless networks vary in their structural model. Can be implemented in a more complex, based stations interconnected by one or several access points, or more simply, where stations c an communicate with each other, a model point-to-point. According to the means o f network configuration, this one still belongs to a technological standard that differs from other wireless networks, ie, they are technologies that can vary w ith the amplitude of the signal, the speed of the transfer medium and even the s ame level of security that compose it. Based on the concept of wireless technolo gies, this project will describe a brief history of wireless communication, the transmission medium, the structure of a WLAN and finally will describe a project of setting up a wireless point-to-point . 9 1 BRIEF HISTORY OF WIRELESS COMMUNICATION The idea of wireless is the result of a series of developments in science, in fi elds like mathematics and physics. In the mid-nineteenth century, from the theor ies of two English physicists Michael Faraday and James Clerk Maxwell, Heinrich Hertz built a transmitter arrestor, a device that generated radio waves from an electric spark. This discovery contributed to the study of this important medium . Another step should be to highlight the invention of wireless telegraphy in 19 01 by Italian physicist Guglielmo Marconi, who transmitted information from one ship to the shore by means of Morse code. In the early twentieth century, advanc es in vacuum tube, developed by Professor John Ambrose Fleming and English by Am erican physicist Lee De Forest made it possible to modulate and amplify wireless signals for sending voice transmissions. The extent and clarity of voice transm issions increased as if made new progress in technology. During the First World War, there were many interceptions of communications, which generated interest i n developing new forms of communications that could be safer. But it was during the Second World War that the use of wireless networks was really widespread and very useful for the cir10 war stances. The information was transmitted securely via radio wave. In the late 1960s began operating a wireless network called ALOHA, developed at the Uni versity of Hawaii, who initiated the modern digital communication. During the la st century, advances in wireless technology have made possible the creation of r adio, television, mobile telephony and satellite communications. All kind of inf ormation can now be sent to all over the world. Currently, much attention has be en focused on the communication satellite, wireless and cellular technology. 1.1 11 2 MEANS OF WIRELESS TRANSMISSION The means of transmission of a wireless network is the air, which is characteriz ed by the total absence of wires or cables. This transmission is via electromagn etic waves. A great feature of this means is that the signal is spread equally i

n all directions, unless restricted, and continues to propagate indefinitely. As the distance from source increases, the energy is spread over a larger area, ma king the signal weaker. On the path of electromagnetic signal, it is affected by natural disturbances that can interfere with the signal. 2.1 Electromagnetic Spectrum When they move, the electrons create electromagnetic waves that can propagate th rough free space (including a vacuum). These waves were predicted by the English physicist James Clerk Maxwell and produced in 1865 and first observed by German physicist Heinrich Hertz in 1887. The number of oscillations per second of an e lectromagnetic wave is called the frequency, f, and is measured in Hz (in honor of Heinrich Hertz). The distance between two points maximum (or minimum) in a ro w is called the wavelength, which is universally known by the Greek letter lambd a. 12 When installing an antenna, with the appropriate size in an electrical circui t, electromagnetic waves can be efficiently transmitted and received by a receiv er located at a distance quite reasonable. All wireless communication is based o n this principle. The electromagnetic spectrum is the splitting of electromagnet ic waves according to frequency range and the physical characteristics inherent in each track. Figure 1 shows the electromagnetic spectrum. Figure 1 - Representation of the electromagnetic spectrum. In wireless networks, transmit information, waves. The higher the aves like ultraviolet radio, microwave and infrared rays are most often used to provided that the frequency modulated, amplitude or phase frequency, the higher the rate of data transmission, but w light, X-ray and gamma ray, although owned-

13 go higher frequencies, and modulation are difficult to produce and are more h armful to living things. The use of frequencies within the electromagnetic spect rum is subject to agreements and national and international conventions. The reg ulatory agency in Brazil's Anatel. 2.1.1 Radio Transmission In addition to its uses for public transmission of radio and television and a pr ivate communication with devices like mobile phones, electromagnetic radiation c an be used to transmit computer data. Informally, it says that a network that us es electromagnetic radio waves operate at radio frequency, and transmissions are called RF transmissions. The properties of radio waves depends on frequency. At low frequencies, radio waves pass through obstacles, but power drops sharply as the distance from source increases. High frequencies, radio waves tend to trave l in straight lines and hit the barriers. They are also absorbed by the rain. In all frequency radio waves are subject to interference from motors and other ele ctrical equipment. Because of the ability that the radios have to travel long di stances, interference with users is a problem. Therefore, all governments exerci se tight control over radio transmitters, giving only one exception to the frequ encies of lower order. 14 3 WLAN (Wireless Local Area Network) Today's society is such that one side of organizations need to anticipate custom

er needs and know them well. From another, it must quickly in making internal de cisions. Within this context, wireless networks have come to help balance these needs. Every day, there is greater need for professionals to work beyond the fou r walls of the office, getting closer to the customers, being where the work and competitiveness require that they are, seeking to increase productivity. The in formation is of technological or marketing, must be consulted and updated freque ntly. It is within this context that the wireless communication has found fertil e ground for the growth that has gained in recent years. Wireless networks are c haracterized primarily by its physical medium of communication, air and radio wa ves through the wireless networks diminish distances enabling devices interconne cted to communicate and making this technology a means of earning money. This ty pe of network is deployed in different situations: when you can not install a la ndline (wired) and when there is need to create an infrastructure network tempor ary, and when they want to extend an existing network. Examples of these situati ons, it may be mentioned15 nar creating an infrastructure network in a building tombado1; in a meeting o r conference with limited or even the customer service in restaurants, hotels, e tc.. When it comes to wireless networks, it is understood that this course is a network like a conventional Ethernet network, ie it has the same features as a n ormal network. Well, a wireless network has exactly the same functionality that has an Ethernet network. The main difference is that all tasks that carries an E thernet network are also performed here without the need for wires. It seems, at first glance that is simple, but how, for example, make the network secure enou gh so that no unauthorized user takes possession of information that is not your property and then make them public? Since it is difficult to monitor such activ ity in conventional networks, so as to make the network secure? There are of cou rse different way of doing this, this project will be presented end of course no t the solution of how to do this, but will show the current technologies that ac count for this type of activity and others that also perform various other tasks . Now thinking about these and other issues that the IEEE (Institute of Electric al and Electronics Engineers), the world's largest professional organization in the area, has a group of standardization that develops standards in the areas of electrical engineering and computer science. These patterns are nothing more th an previous studies about a particular concept which then acquired a wireless te chnology standard, ie€of equipment can be configured for a specific means of act ion and thus to be classified as a pattern for a given task. 1 The term refers to the fallen monuments that were considered by the World Herita ge Site, a building must be preserved and which can not be done installations in order to attack it. 16 Currently, the best known type or standard in wireless networking is the 802. 11 standard. This in turn is the standard recognized by IEEE as the standard for wireless LANs (Local Area Networks). Likewise, there are other standards that m eet other needs and purposes. The WPANs (Wireless Personal Area Network) that pe rsonal networks are short range, the WMANs (Wireless Metropolitan Area Network) which are networks that serve metropolitan areas, the WWANs (Wireless Wide Area Network), which are in the same technological level that WMANs, and the differen ce is only in its service area. Again remember that this project will not make a pproaches to all types of wireless networks, but will focus on that which breaks down and is the most popular method of wireless communication. The 802.11 stand ard. Figure 2 shows the major wireless technologies that apply to different leve ls of technological expansion, then figure 3 shows how in practice a wireless ne twork. Each with its own special features, functionality and range of use. Figure 2 - WPAN, WLAN, and WMANs WWANs. The increasing level of wireless technol ogies.

17 Figure 3 - Example of a wireless network Wireless. 3.1 TOPOLOGY Wireless technology is a technology that is any device that has the ability to t ransmit data without the presence of wires. That is, a technology that ranges fr om a simple cell phone that transmits a file to another phone, even for large da ta transfers between stations that use routers and access points. The main advan tage of implementing a wireless network, it sure is the mobility it provides to its users ensuring speed, agility and performance activities that stations do. 18 The basic infrastructure of a wireless network based on an Access Point (Acce ss Point) and electronic interfaces present in the stations. Through these basic mechanisms are set the access modes and the components that define both the typ e of network as well as their modes of operation. The environment where some uni ts of these two types of mechanisms can be considered the environment as a cell of wireless communications known as BSS (Basic Service Set). This cell in isolat ion, can be considered as a region capable of meeting the network devices, or ev en a set of stations controlled by a single Access Point. The workstations (depe nding on how they are configured) can move from one cell to another, which gives the effect of roaming, ie it is the method by which the stations contained in a cell can move from one cell to another without that, this season to lose the ne twork connection. In other words, is to keep the station in an area larger than the coverage area of your Access Point. Several BSS are called ESS (Extended Ser vice Set) these give support to multiple APs. Thus, there is then what is called the DS (Distribution System) which is the system that makes communication betwe en the APs, ie, corresponds to the network backbone. 3.2 STRUCTURE The way and made to communicate and share a wireless network is set according to the architecture adopted. There are three ways of configuring a wireless networ k to ensure the control and management of a WLAN: infrastructure mode basic infr astructure mode and ad hoc mode or point-to point out. 19 3.2.1 Basic Infrastructure This is the most common mode of communication and which uses so-called access po ints, through the BSS method. The network based on basic infrastructure or can n ot connect a wireless network to conventional networks. The Access Point is resp onsible for the connection between the mobile stations and is also used for netw ork authentication, management and control of data flow. In the basic infrastruc ture so each client communicates directly with the access point, which is part o f the distribution system. In this case the access point not only provides commu nication with the conventional network also serves as a means of traffic between wireless clients. Therefore, any request for communication between stations in the BSS must pass through the Access Point. Communication between the station an d any other network client driven, which is connected to the AP, must pass throu gh the Access Point's cell BSS. 3.2.2 Network Infrastructure Are networks ESS - Extended Service Set,€which are actually the union of several

BSS networks connected through another network (an Ethernet network, for exampl e). The structure of this type of network is typically composed of a set of APs - access points (Access Points) interconnected, which allows the "migration" of a device between two network access points. Importantly, for plants that process is completely transparent, so the network is viewed as a single element. Each A P serves its cell BSS while the res20 sible for communication between different cells. These cells are directly con nected to other networks, since their APs are connected to these networks throug h a network device. We realized then that this structure allows the output very easily, for example, a station of a cell communication to a conventional network . Figure 4 is a representation of a wireless network infrastructure. Figure 4 - Example of a Wireless Network Infrastructure 21 3.2.3 Networks Ad Hoc or Peer-to-Point A mobile ad hoc network 2 is a network formed without any administrative tion center, which ensures that this type of configuration has the label of IBSS (Independent Basic Service Set), ie, consisting only of mobile nodes that use a wireless network interface for sending your information. Such we are able to ex change directly, information amongst themselves, and the services available in t he network are dependent on their storage resources and processing. In this type of setting all stations have the same BSSID - Basic Service Set Identifier, whi ch corresponds to an identifier of the wireless cell. The operation of a network that communication mode is extremely easy, but the coverage area is reduced, re quiring a range of one station reach the other for communication to occur. Figur e 5 is a representation of the ad hoc network. Figure 5 - Example of an ad hoc network 2 Ad-hoc is the English name given to the method of how the networks point-to-poin t. 22 3.3 COMMUNICATION After examining how the physical structure of a network and know its main compon ents, it remains to show how an Access Point acquires network access, act as equ ipment to make communication with the Access Point and therefore communicate wit h each other. And in Chapter 4 will show the project of implementing a wireless network. In view an outline of the system to be installed and configured just th en making the appropriate settings in the system and from there jump to another level more comprehensive configuration and maintenance of the network. Once an a ccess point is properly connected to conventional Ethernet network, it has been there a wireless network environment that extends to certain "edge", this bounda ry corresponds to a cell that is ready to receive a number of stations that conn ect to it and become a fully wireless network wireless, starting to provide serv ices and information. The station that wants to connect to the network, it will do so by two methods: One that uses criptografia3 and another that uses shared k eys. It is worth remembering also that these two methods can not be seen as safe when they act alone in the middle, but if they work in conjunction with other s ecurity protocols will be very useful in order to protect the network. These met hods in turn are the simplest that wireless technology has thus are totally inad

visable for networks that require a 3 This is a set of concepts and techniques designed to encode information so that only the sender and receiver can access it, preventing an attacker can interpret it. 23 stricter level in security control. Today, there are Hackers4 that can easily decipher the encrypted key that system through software. Thus, there are safer methods to protect the network than just this type of configuration. There are o ther methods of accessing the wireless network designed to protect the availabil ity of information on traffic passing through it and others who seek to protect the information itself. Thus, these methods are more focused on their own networ k security. Thus, then become real, no longer as simple forms of network access, but become real security protocols. 3.3.1 Protocols The protocols used by 802.11 vary according to the specificity of each medium. P rotocols are access rules that vary from the rate of data transmission, even mor e stringent levels of security. The pattern of WLANs has a multitude of protocol s that meet various levels. 4 Individuals who design and modify software and hardware of computers, is develop ing new features, or adapting old ones. 24 Standard 802.11 The 802.11 standard is a protocol specifying basic wireless local area networks, WLANs. It is a standard that specifies operations in the frequency range of 2.4 GHz with data transmission rates ranging from 1 Mbps and 2 and was established on June 26 in 1997 when the IEEE announced the rectification of the Protocol for 802.11 WLANs. The 802.11 standard specifies three physical layers (PHY) and onl y one MAC sublayer (Medium Access Control): • Frequency Hopping Spread Spectrum Radio PHY: This layer provides operations for 1 Mbps, 2 Mbps optional. Version 1 Mbps using two levels of modulation GFSK (Gaussian Frequency Shift Keying) and 2 Mbps uses four levels of the same modulation. • Direct Sequence Spread Spectru m Radio PHY: This layer provides operations for both speeds of 1 Mbps and 2. Ver sion 1 Mbps using DBPSK modulation (Differential Binary Phase Shift Keying), whi le 2 Mbps using DBPSK modulation (Differential Quadrature Phase Shift Keying). • Infrared PHY: This layer provides a transaction Mbps, 2 Mbps optional. Version 1 Mbps modulation uses 16-PPM (Pulse Position Modulation with 16 positions), and version 2 Mbps using 4-PPM modulation. The physical layer is divided into two s ub-layers: sub-layer of the physical medium dependent (PMD): This layer deals wi th the characteristics of wireless medium and defines the methods for transmitti ng and receiving through this medium. 25 Sub-layer convergence procedure of the physical environment (PLCP): This laye r specifies the method of mapping the data units of the protocol sub-layer (MAC MPDUs) in the format compatible with the PMD sublayer. The MAC sub-layer defines the medium access mechanism. The Distributed Coordination Function (DCF, Distri buted Coordination Function) is the fundamental mechanism for access and is base d on CSMA / CA (Carrier Sense Multiple Access / Collision Avoidance). The retran smission of collided packets is done following the rules of backbone exponential ly. The IEEE 802.11 standard also defines an optional feature, called Centralize d Coordination Function (PCF-Point Coordination Function), which, unlike the DCF , MAC is a scheme where a centralized Access Point elects, in accordance with it

s rules, a wireless terminal for that it can transmit its packet. The main chara cteristics of these two functions are: DCF: It is a mandatory component in all p roducts compatible with the IEEE 802.11 and provides a best effort type service. It is suitable for transmission of data that are not sensitive to network delay , for example, email and ftp. In this role, the terminals perform this algorithm distributed and must compete among themselves to gain access to the middle of e ach packet transmission (Contention Mode). This process attempts to ensure fair access to the channel for all stations. PAT: It is an optional service and is re commended for data transmission with high sensitivity to network delay and traff ic for high demand, for example, audio and video in real time. In this case, the AP, that this algorithm performs centralized 26 has control of the canal and passes this control to wireless terminals when d ue (Contention-free mode). These two coordination functions can also be used tog ether in case of transmission of data packets of various types. The popularity o f IEEE 802.11 market is due mainly to the DCF, as the PCF, by its complexity and inefficiency for data transmission without time requirements, it is rarely impl emented in current products. In addition, the PCF may cause unpredictable delays and durations of transmission. Similar to the success of Ethernet, the IEEE 802 .11 DCF is often used for wireless networks, although its current form is not ef fective for multimedia applications. A station may have to wait an arbitrarily l ong time to send a package, which for real time applications like voice and vide o, is unacceptable. To minimize this problem, the 802.11e version of the protoco l is being developed. In IEEE 802.11e, MAC layer enhancements are being made to improve the Quality of Service (QOS) via a CSMA with priority and advanced polli ng techniques. Standard 802.11b 802.11b was the first wireless standard used in large scale. It marked the popul arization of technology. Of course there have been several previous standards, b ut most owners and mutually incompatible. Enabled cards from different manufactu rers to become compliant and costs fall, thanks to increased demand and competit ion. 27 In 802.11b networks,€the theoretical speed is only 11Mbps and supports up to 32 users per access point. The physical layer of 802.11b uses Direct Sequence sp read spectrum (DSSS - Direct Sequence Spread Spectrum) that uses open relay (bro adcast) radio and operates in the 2.4GHz frequency. The rate of 11 Mbps can be r educed up to 5.5 Mbps and can reach only 1 Megabit, depending on environmental c onditions in which the waves are propagating (walls, fences, windows, etc.). For this reason its main drawback is interference in both the transmission and rece ption of signals, because the frequency in which it operates is equivalent to eq uipment such as mobile phones, microwave ovens and Bluetooth devices. As wireles s networks have a very large overhead because of signal modulation, checking and retransmission of data transfer rates in practice are around 750 KB / s, less t han two thirds of the maximum. On Windows you can use the utility that came with your network adapter to verify the signal quality in each part of the environme nt where the network should be available. On Linux this is done by programs like KWiFiManager. 802.11a standard After the 802.11b standard, the next standard for wireless networks has been rec ognized by IEEE 802.11a (which actually began to be developed before the 802.11b , but was terminated after), which uses a frequency of 5 GHz providing a theoret ical speed of 54 Mbps, to a smaller area of expertise. In general, 802.11a cards are also compatible with 802.11b, allowing them to be used in both types of net works. An important observation to be made is that

28 802.11a and 802.11b cards to the mix, the speed is capped at the bottom and t he whole network is operating at 11 Mbps. The baud rate includes all signs of mo dulation, packet headers, error correction, etc.. The actual speed of 802.11a is 24-27 Mbps, slightly more than four times faster than 802.11b. Another advantag e is that 802.11a allows a total of eight simultaneous channels, compared with o nly three channels in 802.11b. This allows more access points are used in the sa me environment, without loss of performance. Furthermore, by using a higher freq uency, 802.11a transmitters also have a shorter range, theoretically half the ra nge of 802.11b transmitters, which makes it necessary to use more access points to cover the same area, which contributes to increase costs further. Both the 80 2.11a, 802.11b as they became obsolete with the introduction of 802.11g. 802.11g Standard The standard for wireless networks today is 802.11g. It uses the same frequency band of 802.11b: 2.4 GHz This allows the two patterns are intercompatíveis. The idea is that you can add cards and access points to 802.11g and 802.11b network already exists, keeping the old components, just as today we are free to add Gig abit Ethernet cards and switches to an existing network of 100 Mbps . Neverthele ss, the transmission speed in 802.11g is 54 Mbps, as in 802.11a networks. Ie, 80 2.11g combines the best of both worlds. For the network actually works at 54 Mbp s, it is necessary that the access point and 29 all cards are 802.11g. By including a single 802.11b card on the network, the whole network is operating at 11 Mbps. The 802.11g cards are not compatible wit h 802.11a, but the two types of cards can talk to 11 Mbps using the 801.11b stan dard, which becomes a common denominator. There are also dual-band plates, which transmit simultaneously on two different channels, doubling the transmission ra te (and also the level of interference with other nearby networks), reaching spe eds of 108 Mbps. However, in order to reach the maximum speed should be used onl y dual-band plates, or else it will be capped below. Standard 802.11n Still awaiting approval of the IEEE, the 802.11n promises to be much better in t erms of resources than the other standards and is scheduled for early 2007. 802. 11n will also offer transfer rates greater than 100 Mbps (are planned over 500 M bps) at ranges of 2.4 Ghz and 5Ghz. In addition, the new standard ensures greate r efficiency in signal propagation and extensive backwards compatibility with ot her protocols. Currently, two standards were proposed 802.11n. Each of them, sup ported by its own group of key industry companies, is competing to become the fi nal specification. Figure 6 shows a proposed equipment for 802.11n. 30 Figure 6 - Equipment capable of transmitting wireless data transmission rates up to 500 Mbps 3.4 SAFETY Basically,€the term security in wireless networks have exactly the same goal as the wired networks is: Maintain the integrity of data and information which in t urn can be manipulated or lost by unauthorized users. The basic difference is in how security measures are adopted. Based on this, the best measure of security to be adopted is one that exactly fits the entire system to protect it, or is ad opting the standard that best fits the needs and ensure that the method adopted for sure keep the data integrity. Adopting the "best market" may not be the best option for certain environments. In other words, the network administrator must

make a good security design, analyzing all the possible equipment that can be u sed and then yes to adopt the higher standard of security for your network. 31 The way to connect to wireless network is also one of the ways to restrict ac cess to the network making it more secure. The methods for authentication and en cryption are an example. It is through the authentication of users the network b ecomes more restricted and gaining control of users who use and encryption, whic h guarantees the integrity of information exchanged through since being associat ed with other security standards. The 802.11 standard defines two ways of authen tication and security standards one of which is the default authentication simpl er systems, where any station can access the network simply by requesting an aut horization to drive the transmitting data, known as Open System Authentication f ocused to networks that do not really need security for the authenticity of devi ces. This type of network best suited to environments such as airports, train st ations, buses, subways, hotels, malls and other public places. The method of use r authentication is done through a mechanism where the unit requesting and authe nticating unit share a secret key authentication, this method is known as Shared Key The way authentication is done in the following way: The station you want a ccess the network must send the Access Point (AP) a request to access it. The AP responds to this request with a text containing 128 bytes of information. stati on should recognize that the text that appears encrypted, ie it responds to the AP the correct information for authentication. When the AP receives this informa tion, it compares the response of the station with the correct answer, if you ar e certain that the station is free to access the network. Each Access Point avai lable on the market today have adapted to these two authentication methods. 32 Of course, for each user type, have certain types of configurations taking in to account the particular purpose that each one has. Thus, there are other secur ity settings that are made to the AP that operates according to the needs of the medium. The SSID is an alphanumeric code feature on all equipment available in the market, by default this code has already been completed which makes access t o network more dynamic especially for those who are more laymen in the matter, a nd make access faster and without complication. This is a configuration model is not desirable for private environments, since this code is now easier to be dis covered through identification algorithms, even if it is done in exchange for th at alphanumeric code. If your network uses only this method of setting surely it will not be safe. For this it is necessary to use protocols that besides this t ype of system uses encryption as a means of ensuring network integrity. 3.4.1 WEP Protocol The protocol WEP (wired equivalent privacy) protects the data link layer of data during transmission from a client with the APs. In other words, WEP only contro ls part of the wireless network, then the party will have wired their safety by other means. 33 Figure 7 - Diagram of a network protected with WEP: Only part of the wireless ne twork is protected Authentication Form Authentication ensures that only customers in the ne twork can access it, ie, it verifies the identity of the customer and evaluates whether this season or customer can not access the network. As for privacy, this service evaluates whether the data can be viewed by customers who have authoriz ation. And finally, data integrity, is a question that ensures that the transmit ted data is not modified in the way of back and forth between clients and APs. A uthentication in WEP security protocol defines two ways to validate a client who wants to access the network.€The first involves the use of encryption based on RC4 algorithm created by Ron Rivest where the client using a cryptographic key (

WEP key) that is shared with Access Point, encrypts the challenge and returns th e result to the Access Point. This, decrypts the result computed by the client a nd only allow access to the network if the value found is the same that was sent initially to check whether the requesting station has knowledge of the secret k ey. Importantly, the technique of cryptographic 34 assemble photographs described above is rudimentary and does not provide mutu al authentication. Therefore, the client does not authenticate the Access Point and then there is no security if the client station will be communicating with a legitimate network access point. It is also known that the authentication done by only one party is considered as a weak and suffering from constant attacks. T he other form of authentication uses the method known as Closed System Authentic ation (Shared Key) and the Open System Authentication (Open System). It is vital to know what level of data transmission equipment that that transmitter's signa l support network for this kind of method. Well, there are patterns of 64 and 12 8 bits. The 64-bit is more common and is present in any currently marketed produ ct. The 128-bit is not supported by all products and it is still necessary to en able it to be made the transmission. Plus, all other equipment must support 128bit standard, otherwise it will be outside the network. The basic difference fro m the standard 64-bit and 128-bit standard is precisely the size of the Shared K ey in bits (40 or 104). Logically, the larger the key size, the greater the leve l of security adopted. Figure 8 shows how is the authentication of users cryptog raphically or not. 35 Figure 8 - Structure of the mode of authentication for wireless networks wire. A station that makes a request for access to the network using Shared Key system , it is simply answered an SSID (Service Set Identifier), which allows free acce ss to the network. In the open system, a client is authenticated even if he simp ly respond with an empty string. For the SSID, this authentication is known as N ULL Authentication. In practice, both the cryptographic method and the methods a s Open System and Closed System Authentication are extremely vulnerable to attac k, and if not improved, practically invite attacks on the network. The 802.11b s tandard also supports service privacy through the use of encryption techniques f or the wireless interface. This technique of WEP encryption for privacy also use s the RC4 algorithm to generate a random data pseudoseqüência. Through this tech nique, WEP can prevent the discovery of data transmitted over the wireless netwo rk. WEP is applied across the network traffic to protect the TCP / IP (Transmiss ion Control Protocol / Internet Protocol), IPX (Internet Packet Exchange), HTTP (Hyper Text Transfer Proto36 col.) Supports WEP encryption keys of 40 bits to 104 bits. The WEP key of 104 bits, for example, 24 bits for the initialization vector (IV) becomes a key 128 -bit RC4. In general, increasing the size of the encryption key increases the se curity level. Some research has shown that key size greater than 80 bits, makes breaking the code becomes virtually impossible. However, most WLANs rely on cryp tographic keys of up to 40 bits. Integrity The IEEE 802.11b standard also specifies a way to ensure integrity of data trans mitted between clients and APs. This security service is designed to reject any mail that has been altered during transmission. This technique uses a simple CRC (Cyclic Redundancy Check). The CRC or frame check sequence is calculated on eac h packet to be transmitted. The entire package is then encrypted using an RC4 ke y to generate the cipher text of the message. At the receiver, the decryption is

done and the CRC is then recalculated in the received message. Then, the calcul ated CRC is compared with the CRC of the original message. If the CRCs calculate d are different, indicate that the message had violated his integrity and the re ceiver will discard it. Unfortunately, as in the service of privacy, integrity i s vulnerable to certain attacks, regardless of the size of chave.Um important as pect that is not often taken into account concerns regarding the management of e ncryption keys, or That is, how long you should use the same encryption key in a WLAN. 37 The outcome of the lack of concern for management of cryptographic key can ca use numerous vulnerabilities WLANs. These vulnerabilities include WEP keys that are almost never changed or are maintained with the default value or are weak ke ys (only zeros, only one, based on weak passwords or other similar standard triv ial). Another problem is the difficulty of constantly changing this WEP key in a large WLAN environment. In a large environment that can be 15,000 APs, changing the WEP keys becomes a challenge. Problems with WEP Some security problems of WEP protocol that make it a protocol that can not be c onsidered completely safe: passive attacks to decrypt network traffic based on s tatistical analysis; active attacks to insert new traffic from unauthorized mobi le stations, among others, with it the following faults can be found in WEP: • U se of static WEP keys - Many wireless users using an identical key for a long ti me, is a risk factor. If a computer like a laptop was stolen, the key could beco me compromised leaving all computers that share the same key also compromised. • IV (Initialization Vector) - The WEP IV is 24 bits in the field with empty part of the message sent. This field of 24 bits, used to start the key generation al gorithm for RC4 is considered small for encryption. The reuse the same IV produc es an identical key to data protection and small size ensures that it will repea t 38 with a relatively high frequency in a busy network. Moreover, the 802.11 stan dard does not specify how the IVs are set or changed, then the same brand of wir eless devices can generate all the same sequence of IV and others may have a con stant IV. As a result, attackers can record network traffic, determine the key a nd use it to decode the data. • Prior Knowledge - What a curious fact to know th at the IV of each key has 24 bits, combined with the weakness of RC4 key, leads to an attack that recovers the key after intercepting and analyzing a small amou nt of packet traffic. • Integrity Not Encrypted - The WEP does not provide integ rity protection encrypted. However, the 802.11 MAC protocol uses a CRC unencrypt ed to check the integrity of the packets with the correct checksum (checksum). T his combination is dangerous and often leads to unintentional attacks "side chan nel". There is also an active attack that allows an attacker to decrypt any pack age by a systematic modification of packets and their CRCs sent to the AP. These types of attacks are usually sudden and it is risky to design cryptographic pro tocols that do not contain integrity protection encrypted, because of the possib ility of interaction with other levels of protocol that may allow release of inf ormation about the ciphertext. 39 3.4.2 Protocol WPA The WPA security protocol, or (Wi-Fi Protected Access) is the security protocol link layer for the IEEE 802.11 standard. It is also known as "WEP improved." Wit h the increasing number of wireless networks especially for home users, institut ions, universities and companies also increased the concern about the safety of such networks. One advantage of WPA over WEP is to improve data encryption by us ing a temporary key protocol (TKIP) that enables the creation of keys per packet , and have error detecting function called Michael, an initialization vector 48 bits instead of 24 as in WEP and a key distribution mechanism. Moreover, another

advantage is the improvement in the process of authenticating users. This authe ntication uses the 802.11xe EAP (Extensible Authentication Protocol), which thro ugh a central authentication server authenticates each user before that have acc ess to the network. Authentication Authentication is mandatory. The authentication with WPA is a combination of ope n system and 802.1X authentication, which uses two phases: The first phase uses open system authentication and instructs the wireless client that it can send fr ames to the wireless AP. The second stage uses to perform an 802.1X authenticati on at the user level. TKIP, Protocol temporal key integrity, changes the unicast encryption key and for each table and each change is synchronized between the w ireless client and wireless AP. For the global encryption key, WPA includes a 40 being wireless and the wireless AP. For the global encryption key,€WPA includ es a facility for the wireless AP to advertise changes to the connected wireless clients. For WPA, encryption using TKIP is required. TKIP replaces WEP with a n ew encryption algorithm, stronger than WEP, which can be performed using the cal culation facilities present on existing wireless hardware. TKIP also provides: T he verification of the security configuration after the determination of encrypt ion keys. The synchronized changing of the unicast encryption key for each table . The determination of an initial unicast encryption key unique to each key auth entication précompartilhada. With 802.11 and WEP, data integrity is provided by an ICV of 32 bits, appended to the 802.11 payload and encrypted with WEP. Althou gh the ICV is encrypted, you can use cryptanalysis to change bits in the encrypt ed payload and update the encrypted ICV without being detected by the receiver. With WPA, a method known as Michael specifies a new algorithm that calculates a MIC (message integrity code) with the calculation facilities available on existi ng wireless hardware. The code MIC is placed between the data portion of the 802 .11 frame and the 4-byte ICV. The MIC field is encrypted together with the frame data and the ICV. Michael The method also offers protection against reproductio n. A new frame counter in the 802.11 is used to prevent replay attacks. WPA defi nes the use of AES as an optional additional replacement for WEP encryption. How does adding AES support through a firmware update may not be possible for exist ing wireless equipment. Support for AES in network adapters and wireless APs is not required. To support 41 the gradual transition from a wireless network based on WEP to WPA, it is pos sible for a wireless AP supports WEP and WPA clients at the same time. During th e association, the wireless AP determines which clients use WEP and which use WP A. The disadvantage to supporting a combination of WEP and WPA clients is that t he global encryption key is not dynamic. All other security enhancements in WPA clients are preserved. 3.4.3 RADIUS Protocol The RADIUS protocol (Remote Authentication Dial-In User Service) was developed b y Livingston, later became part of the company and Lucent Technologies today is part of the evolving standards in the IETF (Internet Engineering Task Force). Th e protocol can be used in an integrated manner the various departments in ensuri ng security and restricting access to a network. The RADIUS protocol is used to provide services remotely in a secure way. Many corporations offer their employe es, customers, partners and services remotely, some of these services can be acc essed via a public network, such as the Internet. This fact makes clear that the private network of a company or a laboratory can be accessed by anyone through a public network. Precisely in this context arises the question of authenticatio n. 42 Authentication

Authentication aims to ensure that access to a network and its services, is made by legitimate users, or when referring to any one company, only employees, cust omers and authorized partners must have the same access to services available in your private network by preventing unauthorized access. When a user tries to ac cess a network protected by an authentication system, the system validates your identity before allowing access. Being an identity with access allowed, the syst em generates an authorization for the user. From that moment on, the user will h ave guaranteed access for a certain period of time established by the authentica tion system. Thus, when the validity of his permit running out a new authenticat ion process is required. This view allows us to have a general idea of how the a uthentication process occurs in a system of this nature. However, there are diff erent authentication systems and how they are implementing this process, to ensu re the security of a private network, can vary. The first step is accomplished b y the user to access remotely is sent a message containing your username and pas sword for the RADIUS client. When you receive the user's client generates a RADI US request containing the user data, forwarding it to the RADIUS server. A reply message is expected for some time, but if someone arrives, the client may send a new request to the same server or a RADIUS server alternative.€When you receiv e a request to first server action is to validate the RADIUS client which sent t he request message, thus avoiding 43 as a "fake" client can perform any operation. Since this is a valid client, t he data for the user, sent in the request will be checked. Not just your usernam e and password, but also the gate through which the user contacted the RADIUS cl ient will be validated. After validating the information about the user, the RAD IUS server sends a response to the client, denying access if the information is not valid, or allowing access to the network otherwise. When the server allows a ccess, it forwards the response sent from the client, the rights and permissions relating to the type and level of access allowed to the user in question. Problems with the RADIUS protocol Some features of the configuration of the RADIUS protocol can be a major problem for his performance. Especially the choice of an appropriate time for the inter val between attempts to communication, the RADIUS client and RADIUS server. When busy, the server simply does not report this condition to the client, leaving i t to behave the same way for "smart" looking for a pre-established time, retryin g the communication. Otherwise, if the client repeatedly retransmit its message, the RADIUS server may become overloaded. 44 45 4 PROJECT CONFIGURATION OF A NETWORK POINT-A-POINT Tackling will be a solution to this session connections wireless point-to-peer ( Ad Hoc model). As we saw earlier, this type of structure does not use an access point. Therefore, in this case, you must configure a client to assume the initia l part of the responsibilities of an access point, such as issuing warning messa ges (beacons) the name of the ad hoc network to other clients of the wireless ne twork. 4.1 MATERIAL USED 1. Desktop with Windows XP SP2. 2. Notebook with Windows XP SP2. 3. Wireless USB Adapter. 4. PCMCIA Wireless Adapter. 4.2

CLIENT'S INITIAL SETUP As written previously, will require that the client do the initial role of the a ccess point. In this case, our initial client will be the desktop. For this we u se the Wireless USB adapter. After the adapter is installed, the icon of Figure 9 will automatically appear at the bottom of the screen beside the clock. Figure 9 - Icon adapter installed. 46 Then, the icon will access the option: "Open Network Connections." A window w ill appear with all network connections on your computer. After this, go to "Pro perties" option of the connection on the wireless card. Figure 10 is a represent ation of this step. Figure 10 - Representation of the configuration process of the initial client. Within the configuration properties of the wireless adapter will be made to conf igure IP addressing peer-to-point as shown in Figure 11. In the "General" tab, s elect "TCP / IP" and go to "Properties." In the example, the following settings were used: Address: Mask: 47 Figure 11 - Setting the properties of the TCP / IP wireless adapter. Click the "OK" and back to the Properties window, select the tab "Wireless Netwo rks", as shown in figure 12. It will now be added the first client. 48 Figure 12 - Tab "Wireless" connection property of the wireless network adapter w ireless. Click the Add button. The next window refers to the following settings: • • • • • • • SSID: Network Name Network Authentication: Open (a) Data Encryption: WEP N etwork key: password (2222222222222) Confirm network key: repetition of the fiel d Network key. Uncheck "The key is provided automatically." Check "This is a com puter-to-computer (ad hoc) are unused wireless access points." 49 The configuration is as shown in figure 13: Figure 13 - Representation of the client configuration of the network point-to-p oint. 4.3 ADDING A NETWORK CUSTOMERS Once the initial configuration of the client, we will now add another client to a wireless network. Will be added to the notebook using the wireless PCMCIA adap ter. First will set the network adapter to a second client the same IP network f rom the desktop. The process is the same, the icon next to the clock click on "O pen Network Connections." Figure 14 demonstrates the process. 50 Figure 14 - Representation of the case: "Open Network Connections." In the Properties interface wireless access settings of TCP / IP. They should st

ay this way,€according to Figure 15: IP Address: Mask: 255.255.255. 0. Gateway: DNS: (DNS of an ISP any). Figure 15 - Setting the properties of the TCP / IP. 51 Pressing 'OK, back to the previous window select the tab "Wireless Networks". Now to add the second client network, as shown in Figure 16. Figure 16 - Tab 'Wireless Networks' ownership of the wireless network connection . By clicking the Add button, a window opens next regards the client settings must be equal to the first client. Confirm and presto, the connection will be done a utomatically. Right on the icon next to the clock you can access the "View Avail able Wireless Networks." There is listed the ad hoc network we just created, as shown in Figure 17. 52 Figure 17 - Client ready to be connected to the ad hoc network. 53 5 CONCLUSION Wireless networks in recent years have gained ground in the market for local are a networks, bringing mobility, agility and confidence. The trend is that wireles s local area networks, will grow even more, providing greater speed in data tran smission and greater security for those who use it. This thesis presented the te chnology of wireless local area networks, specifically the 802.11 standard and i ts sides. Since its creation, great advances have been made. However, as we have a wireless network is not completely reliable because it is not immune to attac k by malicious persons. It was also possible to present a project on setting up a wireless point-to-point, where lay people can come into contact both in knowle dge of technology and in its use. 54 REFERENCES Tanenbaum, Andrew S. Computer Networks: Translation of the Third Edition. 3rd ed . Rio de Janeiro: Campus, 1997. SOARES, Luiz Fernando Gomes; LEMOS, Guido; Bedspreads, Sérgio.Redes Computer: Fr om LANs, WANs and MANs to ATM networks. 2. ed. Rio de Janeiro: Campus, 1995. AMARAL, Bruno Marques. Wireless Network Security. Available at: <http://cbpfinde x.cbpf.br/publication_pdfs/nt00204.2006_01_30_22_51_07.pdf>. Accessed 16 nov. 20 06. DUNCAN, Isabella Baker. Modeling and Analysis of IEEE 802.11 protocol. Federal U niversity of Rio de Janeiro. Rio de Janeiro - RJ. June 2006. Available at <http: //www.land.ufrj.br/laboratory/repository/upfiles/mastersthesis/dissertacao_isabe la. Pdf>. Accessed 20 nov. 2006. PINHEIRO, José Mauricio dos Santos. Issues for Building a Secure Wireless Networ k. Available at: <http://www.projetoderedes.com.br>. Accessed 22 nov. 2006.

55 SCHWEITZER, Christiane; Sakuragui, Ron R. CARVALHO, Tereza Cristina Venturini, Y eda Regina. TECHNOLOGIES FOR WIRELESS NETWORKS: WPANs, WLANs And WMANs. Universi ty of São Paulo. PCS-LARC. São Paulo - SP. Available at: <http://www.linorg.cirp .usp.br/SSI/SSI2005/Microcursos/MC04.pdf>. Accessed 21 nov. 2006. SILVA, J. Adailton S. The Wireless Network Technologies. Available at: <http://w ww.rnp.br/newsgen/9805/wireless.html>. Accessed on 01 dec. 2006. Tocchetto, Philip. Setting up an Ad-Hoc wireless connection in Windows XP Availa ble at: <http://www.rnp.br/newsgen/9805/wireless.html>. Accessed on 01 dec. 2006 .