From a technology Wi-Fi certainly be seen as a further evolution dell'affermata Ethernet technology to carry voice and video data, in a perfect marriage with the Internet Protocol (IP). A Wireless Ethernet words that you add the other elements of this evolution-such as 10/100 Ethernet, the Gigabit Ethernet, the Long-Reach Ethernet as an extension of how to access the network through radio waves instead of, or rather, to complement wired access. From a technological point of view it is therefore appropriate to consider the Wi-Fi not as a subject in itself, but in the broader perspective of dell'internetworking and then a further issue that becomes part of a network infrastructure, enriching it with new features and services. L and functional characteristics, the performance levels and the relatively simple solutions offered by WLAN (wireless LAN) are the basis not only of their progressive and rapid spread, but also the significant changes in the way work, and spend part of our leisure time. As regards employment in the professional, simplifying and making more pervasive network access to corporate resources and shared, the Wi-Fi provides a vital contribution to mobility, improving cost structure and productivity levels of individual users.

The security in Wi-Fi

The notorious security issues can be summarized in two fundamental issues: • the confidentiality of connections, given the possibility that anyone in range can receive radio waves and intercept the packages submitted; • authentication connections because, lacking A physical connection, anyone in the area of coverage can groped to activate a link. Certainly, the relative weight of these two components varies depending on the context of use that makes Wi-Fi and (unfortunately) there is no single golden rule to be applied. Instead, what followed certainly was the general principle of maintaining control, preventing unauthorized installations and activating the mechanisms of adequate security at the levels of risk associated with that if it will. To understand how this principle can descend very different choices, such applications are very different between them such as the use of Wi-Fi in the medical / hospital to access lane to the clinical data of patients, rather than the home for consulting the weather or the reservation of seats to the cinema, or the update in real-time data warehouse in a field of automation of logistics. Turning then to examine more closely the technology is perhaps appropriate to focus on the factors that make up the security of wireless networks, these considerations contestualizzando to 802.11.

802.11 Safety dell'802 .11 therefore gravitates around authentication and encryption. Both implementations can be compromised with ease and with software freely available on the network In Wireless, associate all'accesspoint is the choice with which dell'accesspoint connect with a degree of superficiality can we think that is the equivalent of connecting the cable from the PC to the switch in traditional networks. L 'authentication in a Wi-Fi system is based on two models, to open authentication and the shared key. In the first any client may be associated with an access point, the only difference with the SSID (Service Set Identifier), which should not be mistaken for a measure of security in traveling in the clear.

Any use of WEP (see below) means that, after the association is not possible to send and receive data if you do not know the key shared by client and accesspoint. In the model shared key instead of the association all'accesspoint is already directly linked to cross-client and accesspoint of the same key. To join the client sends a request for an association to which the access point responds with a challenge by sending a clear text that the client must resubmit encrypted with the shared key. By deciphering what finally received and winning back the challenge from the access point is able to establish with certainty that the client is actually in possession of the default key el'associazione is then allowed.

Confidentiality of data in wireless deals instead the WEP, which also provides that AP and client devices share the same key to encrypt the data. The encryption algorithm used is RC4, and according to the standard encryption keys must have a length of 40-bit. In fact, almost all the key vendor to implement even longer than, 128-bit, which improves the level security, even if it was proved that a sufficient network traffic using tools freely available on the Internet and a sampling frames for about fifteen minutes to go back to the original encryption key, even if the keys to 128 bit. We can therefore say that the whole framework of security dell'802 .11 is based on the shared encryption key used for the authentication phase, both for encryption to ensure confidentiality of data in transit. In this regard, a further appropriate consideration to the management of keys.

Wep
The WEP key should be - it is said - and accesspoint shared between devices that are connected, however, the 802.11 standard does not provide any method of distribution of the key. The manual includes a variety of distribution problems. At the large numbers of devices, the administrator must take care to manually enter the key. In case of loss or theft of one of the devices, covering the other key must be changed at all, besides the fact that an administrator is able to establish that it was necessary rekeying on all the machines because one of them is in the hands of strangers, depends on the goodwill of users to report the incident promptly. It has also already referred to the fact that there are free tools available on the network to decrypt the encryption keys, this means that, when a key is (easily seen) compromised, nothing is known of the administrator about the compromised system that impacts the entire wireless infrastructure.

Additional considerations
Additional security considerations that should be done, are those relating to interference. Other radio or not, such as microwave ovens, make similar frequency and cause interference with Wi-Fi devices, the risk of interruption of service. Even the so-called rogue access point (that those accesspoint that due to cost and ease of installation are used without the knowledge of network administrators from employees who give themselves the freedom of movement), pose a serious problem: an implementation Such totally left to the individual not only does not give any guarantee of security (much discussed is the topic of the installation defaults, which prefer the immediacy of the installation at the expense of safety), but could even create a hole in corporate security policies drastically lowering the level. These two considerations rather than a technology, relate to the organization: it is very important that a security policy establishes specific areas where wireless coverage is guaranteed, which is prohibited, and what should be the minimum standards of safety that should be used in wireless. In short, we can say that for a company using the level of security offered by current wireless standards, is not enough. You then make the necessary extensions to the standard as a guarantee of safety, have obviously thought about this many, if not all, of the hardware vendor for WLAN. It was thought for example to exploit the framework of authentication of IPSec VPN; all'Extensible Authentication Protocol (EAP) used in conjunction with 802.1x, which allows you to make a 3-level authentication framework using more sophisticated authentication and background as RADIUS, NT domain, Active Directory, LDAP, using both static password that session password (OTP) or digital certificates, others have vendor-specific solutions that with the use of special client implement protocols more robust encryption such as AES, or ensure authentication more sophisticated than the standard, then other solutions take into account the mere use of SSL, IPSec using the client already embedded in operating systems or in some applications, read the encrypted tunneling perform exactly the task of crossing into a security network that is not considered safe. This way, already undertaken by the vendor, however, solve the problem only in part, because only viable as long as it remains in environments based on a single technology vendor, not the interoperability of course, guaranteed to outside parties. Paradoxically, we can perhaps say that the proprietary extensions introduce a further level of complexity and diversity and complexity and security are an oxymoron.

What to do??
What, at this point, actually walked the streets for those who want a wireless LAN by an adequate level of safety? Proprietary extensions and VPN, and then two. Or three, maybe. The consortium wi-fi (http://wi-fi.org) is an independent body that is responsible to verify the interoperability of equipment from different vendors, and the result is very simple: the presence of wi-fi sticker equates to "interoperability tested and guaranteed."

Among the other activities of the consortium's wi-fi was to ask exactly the problem of security on the basis of the considerations summarized here, and then addressing this issue with a standard. As a result, the WPA (Wi-Fi Protected Access), which although not an IEEE standard, is based on the future 802.11i standard.

WPA
At the time when the article is written this standard is still being developed, and while - to find a solution in the short term - some of the participants in the consortium wi-fi have decided, together with members of the Working IEEE 802.11i, developed specifically for the Wi-Fi Protected Access. The WPA therefore incorporates some significant technologies to improve the level of security of wireless networks, including: • Management of authentication using EAP/802.1x, which opens new horizons of authentication devices and users, thanks opening to authentication systems already established (such as RADIUS, to say a) • Temporary Key Integrity Protocol (TKIP), through which it is possible that the WEP encryption process with a key dynamic that since that cancels the risk that an attacker can sample a sufficient number of packages and then go back to the key if it is static for all sessions and for their full duration. • Message Integrity Check (MIC), substantial improvements to guarantee the integrity of packages. A fundamental feature of WPA is that, except in special cases, you can implement it on equipment already in place, using a simple software upgrade.

Conclusion considerations ..

L ungi from wanting to determine which is the absolute best method to raise the security level of WLAN, in some cases, WEP is sufficient (for example for an occasional home use), while in a hot-spot in the IPSec VPN load the user is probably the most recommended, and, pending the release of the 802.11i standard, for a business use WPA is, after all, as a good compromise.

((Types WLAN))

	Ad-Hoc allows you to make a connection between two or more computers directly without the need of an Access Point, it behaves like a P2P network to be a little more clear ... and I was among the least used and even unknown. In every computer is listed in the terms of wireless connections and can be used to connect two home computers even if it is always preferable to an access point
Access Point Without doubt, the most common type has many variations .. just think that you can plug in an access poin to a server or directly to the Internet (and you can do through the router via DSL or Ethernet input), as access poin you can have services router and DHCP for network configuration proria ... The editors of ScritchWorld is equipped with a wireless router DHCP D-Link and two Access Point D-Link.Il rest of the network is configured with two switches that bring together the two servers (Windows and Linux) with the rest of the Mac and Win, all (.. assured us) is compatible and running ...
	Extension Point If the wiring is your problem that is the only solution if you need to communicate to a computer or part of a network with the rest and you are physically unable (buildings, inability to perform the work, or too far removed from the core network ), as you can imagine this would have a decrease in performance compared with a direct connection, but it is a minimal price to pay compared to the great benefits ... To do this, the process is very simple especially if you use the Access Point capacity pre-installed as the D-Link (mentioned for the excellent price-quality ratio), in most cases and models you set the MAC address of the AP in a way that the two are clearly identified.
Roaming This is a very special connection to Wireless and especially the one on the computer ... Since the very nature of wireless is unstable, with a roaming cossessione or hand over (ie the ability to cover the signal between two acces poit without continuous fall of connection) is very difficult if not impossible to economic levels as its laptops tend to be associated with access poin with the strongest signal without any decision to the PA. One possibility is to confuse the portable setting for all the AP: - Same channel operation - Same name AP - Same name SSID (name of the WLAN) - Same type same password key and we are deceiving Virtually the laptop or any other device that will see the same Access Point although in substance at the time of transition between one and another will have a "shot" even if not perceived by the computer with a possible exception if we are in the process of downloading a file. A major upgrade can be found HERE

REFERENCES (in English): Security of the WEP Algorithm: http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html Your 802.11 Wireless Network Has No Clothes: http://www.cs.umd . edu / ~ waa / wireless.pdf Weaknesses in the Key Scheduling Algorithm of RC4: http://www.cs.umd.edu/ ~ waa/class-pubs/rc4_ksaproc.ps Using the Fluhrer, maintaining, and Shamir Attack to Break Wired Equivalent Privacy (WEP): http://www.cs.rice.edu/ ~ astubble / wep / wep_attack.pdf