Deploying an enterprise class wireless network requires considerable planning. Even more difficult is maintaining it after deployment. There are many reasons for this. One is security, because you can't really control how far the signal of your wireless network will go. Another is speed, which can vary considerably from time to time depending upon how many users are connected to it. A third issue is that wireless networks are shared. As a result, as more users are added onto it, the throughput also reduces considerably.
Therefore, while deploying APs, we have to be careful about the number of users per AP. Plus, we have to be careful about the positions of their antennae as well.
The good news is that there are plenty of tools available for managing wireless networks. We will take a look at some of these in this article, and will also tell you which issues are they capable of resolving.
Let's start with tools to help you plan and deploy a wireless network.
|Once you scan your network with LANSurveyor, it creates a map with all devices and links|
Planning and Deploying
While deploying APs, one of the key things to do is to locate black spots. For this, a number of spectrum analyzers are available. A spectrum analyzer is essentially a software coupled with a specialized RF receiver, which can connect to a laptop either via a PCMCIA or USB port. Once installed, it can check for the type and approximate location of other RF devices such as Bluetooth, cordless phones, RF cameras, and even WiFi Jammers that are nearer to your AP.
AirMagnet's Spectrum Analyzer
We tried out this easy to deploy app in our labs. All you have to do for using this is to install it and plug in the AirMagnet CardBus antenna, which comes with the package. Run this app, and it will start receiving RF signals and matching patterns of the captured devices. On the left side of the main interface window it will list all devices found, and will then categorize them by their types.
You will be able to see real time noise levels generated by those devices and also the approximate center of noise. You can view the results in spectrum, device and channel formats.
The most useful view option would be channel, using which you can see which device is interfering with which channel and affecting which AP. You can order this application from www.airmagnet.com /products/ spectrum_analyzer/.
|You can simulate all your APs on the blueprint of the network that you have created using AirMagnet Surveyor|
The next app which we are going to use for planning the placement of APs within the building is AirMagnet Surveyor. You can get it from http://www.airmagnet. com/products/survey/. You can even request for a fully functional demo from the same website (though it will be valid for one day).
Installing this application is again simple. Just take the Setup file and run it. This will open the Setup wizard; a few clicks on the 'Next' button and you are through with the installation. After that, you would be asked to select the exact WLAN card model, which is there in your laptop. Interestingly, it works with most of the recent Intel, Cisco and even Centrino cards as well.
Once the card is selected, run the app and provide the blueprint of the building where you want to place the APs. Provide the blueprint, mention its size and start the wizard. After importing the blueprint, this wizard will provide you with a window in which you can place and simulate all your APs. Select the AP for which you want to create the live survey map, and go near the actual AP, so that this software can measure the actual strength of the device.
Now, click on the 'Play' button on the right. You will see the animated 'walking man' icon. Place the icon at the exact position in the blueprint where the actual AP is present or where you are likely to deploy it, by clicking on the location. Once you do so, the AP will be placed and you will be able to see its range in the blueprint.
The range of an AP is calculated on the basis of actual performance judged by the software and is pretty much accurate.
You can now deploy all APs on the blueprint first to see the simulation of coverage which you will get after actually deploying them in the building. In this simulated environment it becomes very easy for an administrator to get the best possible placements.
|You can monitor all access points on your network using Kismet. As shown, it even alerts you if any suspicious client is found connected to any of the access points|
Securing and Monitoring
To secure a wireless network, one should regularly perform its penetration testing. We discuss below a few tools meant for this specific purpose.
This is a free tool meant for checking your WEP strength. It is available for both Windows and Linux. It monitors as well as captures encrypted data that is being transmitted over the wireless network and then recovers the WEP key. It needs approximately 5 – 10 million packets for decrypting the key.
This same tool can be used for checking the strength of your WEP keys and also for calculating the number of days that a standard machine will take to break the WEP key that you are using. If this tool has calculated approximately five days will be taken by anyone to break your WEP key, then you can use the 'auto changing WEP key' option and set it to three days or less to make sure that your WEP key gets renewed even before someone is able to crack it.
Installing Airsnort in Linux is simple. Just run the command below and you are through with installation.
# yum install airsnort
Execute Airsnort by writing 'kismet' on the terminal or navigate to Application > Internet and then click on 'Airsnort' item (on a Linux system). This will open the 'Airsnort' application window.
By default, this tool will scan for wireless networks on all channels. If you want to scan a specific channel, then select the 'channel' radio button provided on the application window, and specify the channel number.
Now, select the network device from the drop-down list that this tool should use; it can be 'eht1' or 'eth0' depending upon your hardware configuration. Specify the driver type: Host AP/Orinoco, wlan-ng and others, this is to tell Airsnort that how it can place your card in the monitoring mode.
Airsnort uses probabilistic approach to crack the 40 and 128 bit passkey. When it acquires approximately 10 weak packets from a particular access point, then it tries for the crack. The 'crack breadth' option specifies the number of attempts it should try on a group of weak packets that are captured. By default it is 3 for cracking 40 bit passkey and 2 for 128 bit passkey, though you can define the number of attempts within a range of 1-20. Going for maximum number of attempts is recommended as probability of cracking a passkey increases. Using this tool you can save data in two different formats.
The first is 'pcap' dump file format; you must initiate this option before you start capturing data, it saves all the data that is being captured. For this, click on 'Log to file' item found under the File menu. The second option is the crackfile format, which saves minimum amount of data that Airsnort captures during the access point discovery along with the data found in the weak packets.
A good wireless IDS and Kismet are other important tools which are required in any wireless network. We'l discuss about them in the following paras.
|This wireless network protocol analyzer collects all TCP packets and organizes them as a conversation, which could further be viewed in ASCII, EBCDIC or hex formats|
Kismet is one of the most popular wireless network monitoring tools, and provides you with features like a sniffer, network detector and an Intrusion detection system.
It works with all those network cards that support monitoring mode and can sniff a, b, and g traffic. This tool can sniff into any wireless network. It starts monitoring the network without sending any information packet to the access point or to the client (connected to that AP) so that they can log in, and hence is completely promiscuous in nature.
Unlike other tools, this tool is divided into three parts: kismet server, kismet client and GPSMAP. Kismet server captures data, logs, and takes care of the GPS data. Its client version provides you with the front-end part that connects to the server and displays the statistics of the network. The GPSMAP is the most interesting feature; you can plot your APs or an image on a map by using this feature. For this, it reads the GPS data from an external GPS device and network XML data files.
Installing Kismet is simple, but using it is a bit complex. For installing it, write the following command on the Linux terminal.
# yum install kismet
After installation, open the configuration file 'kismet.conf', which resides in the '/etc/kismet/' folder. Find the statement 'source = none,none,addme' in the code and change it to 'source=orinoco,eth1,root'. The first parameter defines the source type, which could be Orinoco, Prism or Cisco based. The second parameter defines the interface card, which should be used for capturing packets, and the third parameter defines the name of the user. Save the file and then exit. To start Kismet, write the following command on the terminal.
Once Kismet is ready you can view all of the access points of your network. You can even figure out if any fake APs are there in your network. For further configurations, press the 'H' key, it will show all the options that are available. You can change the ones that you want or require.
|Channel highlighted in red is the most congested one. It indicates that one should reduce the load on that channel, so as to enhance the overall performance|
This is another favorite data capturing tool for network administration, formerly known as Ethereal. Now, we have a special version of Wireshark-Wireshark WiFi. It is a GUI based wireless network protocol analyzer used for network troubleshooting and analysis. It is free and available for all platforms: Linux, UNIX, Mac and Windows.
This tool captures packet data from your wireless network and lets you browse
or analyze the captured packets. The unique feature that makes this tool stand
out from the crowd is that it can
collect all TCP packets and organizes them as a conversation. Further you can view these conversations in ASCII, EBCDIC or hex format. Apart from these you can apply a filter on almost all fields, which could be done using other tools too, but you don't get as many options as you get from this one.
The best and easiest way to find Wireshark for a wireless network is to search it in the Backtrack CD. When you start this tool, it does not start capturing data at once. For capturing data click on the 'show the capture options,' which you can find on the toolbar. After that choose the wireless interface card that will be used by Wireshark WiFi for capturing the packets.
Once you have selected the interface, then simply click on the 'Start' button, and this tool starts capturing packets such as TCP, UDP, ICMP, ARP, IPX and many more. Once you have sufficient captured packets, then it's time to stop the capturing process, for this click on the 'Stop' button. Now, Wireshark WiFi will display the information about each packet i.e. source of the packet, destination of the packet, which protocol was used and some miscellaneous information about the packet.
With this information you can find out if some hacker is broadcasting too many packets for blocking your WiFi device. Then you can analyze and figure out the source from where this data is getting generated, and hence could prevent the attack.
This tool monitors several WiFi access points located across your enterprise, and helps in testing whether these access points are working properly or not. It also checks the strength of the wireless network and keeps a check on the security of the access points. For keeping a track of the network activity, it generates logs, which could be further saved as a file and used for reference in future. One of the interesting features of this tool is the GPS system.
To use this feature, you have to upload the blueprint or an image that resembles your building architecture. Then travel to the location where the access point is located, and then set the point on the map by clicking on the Set P1 or Set P2 option.
This tool works on any standard Windows machine, and requires a wireless adapter that supports NDIS_802.11. The user must be logged in through the administrator account for using this tool. You can get this tool from the PCQProfessional CD of this month.
Just follow the on screen instructions for installation. Once you are through with installation, then go to the start > Programs > WirelessMon option and launch the application. A window displaying all the necessary information about the nearby access points such as the SSID, Mac address, strength in dBm unit, authentication type , frequency, channel, and GPS signal will pop up.
This tool detects all the wireless APs which follow 802.11 a/b/g standards and gathers information about them. This tool can be installed on any system having Windows 98 or above.
You pick up any scrape laptop, which supports monitor mode and has a WiFi adapter, and this tool will automatically start scanning of all the access points, even those running on different channels and groups them accordingly. This grouping helps you in identifying which all channels are overcrowded, and hence need re-configuration etc.
For installation, double click on the 'Net Stumbler' icon and follow the onscreen instructions. For launching this application, select the start > programs > Net stumbler option. Scanning of the wireless access points must begin automatically,but if it doesn't happen then click on the 'play' button provided in the tool bar to start the scanning.
Anindya Roy, Rakesh Sharma, Vijay Chauhan