Page 191 - StudyBook.pdf
P. 191

Communication Security: Wireless • Chapter 4  175

                 for wireless networks because it relies on the fact that every workstation can hear
                 all the other workstations on a cable segment to determine if there is a collision.
                    In wireless networks, usually only the AP can hear every workstation that is
                 communicating with it (for example, workstations A and B may be able to commu-
                 nicate with the same AP, but may be too far apart from each other to hear their
                 respective transmissions).Additionally, wireless networks do not use full-duplex
                 communication, which is another way of protecting data against corruption and
                 loss as a result of collisions.



                 NOTE
                      APs are also referred to as wireless access points. This is a more precise
                      term that differentiates them from other network access points (such as
                      dial-in remote access points) but in this chapter, we will use the acronym
                      AP to avoid confusion with the Wireless Application Protocol (also
                      known as WAP).




                    CSMA/CA solves the problem of potential collisions on the wireless network
                 by taking a more active approach than CSMA/CD, which kicks in only after a col-
                 lision has been detected. Using CSMA/CA, a wireless workstation first trys to
                 detect if any other device is communicating on the network. If it senses it is clear
                 to send, it initiates communication.The receiving device sends an acknowledgment
                 (ACK) packet to the transmitting device indicating successful reception. If the
                 transmitting device does not receive an ACK, it assumes a collision has occurred
                 and retransmits the data. However, it should be noted that many collisions can
                 occur and that these collisions can be used to compromise the confidentiality of
                 Wired Equivalent Privacy (WEP) encrypted data.
                    CSMA/CA is only one way in which wireless networks differ from wired net-
                 works in their implementation at the MAC layer. For example, the IEEE standard
                 for 802.11 at the MAC layer defines additional functionality, such as virtual colli-
                 sion detection (VCD), roaming, power saving, asynchronous data transfer, and
                 encryption.
                    The fact that the WEP protocol is defined at the MAC layer is particularly
                 noteworthy and has significant consequences for the security of wireless networks.
                 This means that data at the higher levels of the OSI model, particularly
                 Transmission Control Protocol/Internet Protocol (TCP/IP) data, is also encrypted.
                 Because much of the TCP/IP communications that occur between hosts contain a



                                                                              www.syngress.com
   186   187   188   189   190   191   192   193   194   195   196