Wednesday, 30 November 2016

Disabling SSID Broadcast will help?


First we will  talk about Wi-Fi Scanning and it types:-

Each 802.11 station periodically scans each RF channel in order to find a BSS to join. The process of scanning is critical when a station is first activated. After powering up, the station will initiate scanning to find an initial BSS to join. As RF conditions change, the station will periodically
scan and possibly reassociate with another BSS.

There are two forms of scanning: passive scanning and active scanning.

Passive Scanning

Passive scanning is the process through which a station listens to each channel (or set of channels) for a specific period of time. The station waits for the transmission of beacon management frames (a.k.a. beacons) having the SSID of the network that the station is configured to join.




Beacons contain fixed fields and information elements that hold information about the BSS which are used by stations to determine whether or not the station may associate. Some vendors allow configuration of access points to remove the SSID value from the beacon so that the access point is not .announcing. its SSID to nearby stations.

Once the station detects beacons from one or more access points, the station will decide which access point with which to associate based on a vendor-proprietary algorithm. The station will negotiate a connection on the applicable channel by proceeding with authentication and association processes. An advantage of passive scanning is that it does not require the transmission of any additional frames, which reduces overhead traffic on the wireless medium and improves overall network throughput.

Active Scanning

Active scanning requires that a station broadcast probe request frames indicating the SSID of the network that the station is configured to join. The station that sends the probe request frames will receive probe response frames from access points within range and having the specified SSID. This process, like that of passive scanning, provides information that the station can use to determine the access point with which to associate. Alternately, a station can send probes containing a broadcast SSID (a null value) that causes all access points within reach to respond.
An access point must reply to all probes that contain the broadcast SSID or an SSID that matches its own. This standard is ignored when the vendor provides a proprietary mechanism allowing the network administrator to disable probe responses to probes with broadcast SSIDs.

This feature is very common in today.s access points and wireless LAN switches. With Ad Hoc networks, the station that generated the last beacon frame will respond to probes. The advantage of active scanning is that it identifies potential access points faster, which may be necessary if the client station is experiencing a rapid decrease in received signal
strength from frames.

Disabling SSID Broadcast:-

- "Hide SSID" Will hide the SSID name in beacon frames so that the casual observer cannot see the name of the SSID in casual AP to client communication.

- "Deny broadcast probe request" means that the AP will not respond to a broadcast probe request that clients send to see what APs are out there.

-Denying broadcast probe requests does cause problems with roaming in some clients.

-When associating to wireless network, even if it is hidden, if a client goes to connect, he must specify the SSID that he is connecting to. In the probe response, the AP MUST reply with the SSID, as well. This is as per the specification, and is another reason why you cannot completely hide an SSID.

Here we saw downside of denying SSID broadcast!!!

Reference:

Why Non-broadcast Networks are not a Security Feature -


Sunday, 27 November 2016

Wi-Fi Network Access for Currently Unconnected Things (IoT)

 Wi-Fi Network Access for Currently Unconnected Things (IoT)


For objects with extremely low power requirements to send information across the network, several short-range wireless communication protocols exist. In some cases, these protocols are not IP-enabled and must forward information to a connected IP-enabled device, such as a controller or gateway.

 

Each protocol for more details.


  1.  6LoWPAN arose from the need to include extremely low-powered devices with limited processing capabilities as part of IoT, for example, smart meters in a small network.

  2. Near field communication (NFC) is a standard for communicating between things in very close proximity, usually within a few inches. For example, NFC works at point of sale between an RFID tag and the reader.

  3. ZigBee is another example of an 802.15 protocol suite that uses pairing between a specified source and destination. An example is between a door sensor and a security system that sends an alert when the door is opened.

  4. The Bluetooth protocol is typically used between devices that are in close range, such as a smartphone connection to a Bluetooth-enabled headset, or a Bluetooth-enabled wireless keyboard connected to a computing device.