Wireless protocols uses CSMA/CA (avoid collisions). The available frequency is split in frequency ranges, or spectrums. Spread spectrum means someone is distributing signals over allocated frequencies (like a parallel sending of data):

• Frequency Hopping Spread Spectrum (FHSS): uses total amount of bandwidth and split in smaller channels. Each channel is used in a sequence (hop)
• Direct Sequence Spread Spectrum (DSSS): uses sub-bit to the message, the sender re-assemble the sub-bits (chips) in a sequence called chipping code. It has higher data throughput than FHSS and has error detection. 802.11 started with FHSS (1-2 Mbps), 802.11b uses DSSS (11 Mbps)
• Orthogonal Frequency Division Multiplexing (OFDM) compacts multiple carriers together where signals modulation are perpendicular, avoiding interference

The system connecting to a LAN with a cable and using a transceiver is an Access Point (AP). When Stand-alone it works just as hub without link to a LAN. Devices and APs communicate over a channel, uses a SSID (Service Set ID), it is Infrastructure mode. Ad-hoc WLAN have no APs, devices connect directly together.

Wireless authentication is made in OSA (Open System Authentication) the device requires no key, authentication is send in cleartext or SKA (Shared Key Authentication) the device needs to have the correct key, it uses the WEP (Wired Equivalent Privacy) which has a lot of defficiency.

Wireless standards are:

• 802.11 in 2.4GHz range, 1-2 Mbps
• 802.11b uses DSSS, 11 Mbps
• 802.11a uses OFDM in 5GHz range (ok for USA but not for every country), 54 Mbps, is not compatible with older protocols, so is not very used
• 802.11e implements QoS
• 802.11f implements Roaming between APs
• 802.11g, 54 Mbps on the 2.4GHz
• 802.11h is an implementation of 802.11a for Europe
• 802.11i, uses EAP, AES, Temporal Key Integrity Protocol (TKIP), Message Integrity Code (MIC), CCM Protocol (CCMP)
• 802.1X is a port-based network access control. User can not make a full connection until it his properly authenticated (it's user authentication, not device authentication like in WEP). The device will not receive DHCP, HTTP, SMTP before it is properly authenticated to the authentication server. EAP allows also mutual authentication
• 802.11j tries to bring countries standards together
• 802.11n, 100 Mbps at 5 GHz
• 802.16 is broadband WLAN for MAN
• 802.15 is Personal WLAN (PWLAN) to connect devices with each other (headset...)
• Bluetooth is a portion of 802.15, 1-3 Mbps up to 10m, in 2.4GHz range. Bluejacking is attack against bluetooth

WEP main deficiencies are poor authentication, use of static encryption keys and the possibility to change frame values without detecting it.

The WAP protocol stack (Wireless Application Protocol) was built to allow wireless devices with limited power to communicate and share applications. It uses XML: WML (Wireless Markup Language), it's own transport security: WTLS (Wireless Transport Layer Security) is analog to TLS. The gap in the WAP is because decryption is done at the ISP.

i-Mode is also used for wireless transmission but is dedicated to entertainment. It works with Compact HTML (cHTML).

Cellular phone cloning happens by duplicating the SIM card. Encryption is used in the wireless part of transmission, but when transmitted in wired part it is no more encrypted. Cell phones and PDAs will be more and more victims of attacks and viruses. Cell phone firewall can be used.

War driving is moving with proper device for detecting APs and breaking into them (Kismet and NetStumbler are Software for this). Airsnard, Airsnort and WEP-Crack can crack WEP.

Recommendations:

• Enable WEP or other encryption
• Change default SSID
• Disable broadcast SSID
• Implement other authentication layer (RADIUS, Kerberos)
• Put APs in the center of the building
• Put APs in a DMZ
• Implement VPN
• Allow only known MAC address
• Disable DHCP and assign static IP
• Make penetration tests
• Follow 802.11i

Satellite communication can be used, the user must be in the footprint of the satellite. It is combined with a regular modem line, so data can be also sent to the Internet (Satellite is normally one way communication).

Cell phone technologies:

• 1G analog, voice
• 2G voice, low speed data
• 2.5G higher bandwidth
• 3G integration of voice and data, packet-switching

Rootkits are software suites for hackers once they are in a place: backdoor software, covering attacker's traces, trojan programs replacing original programs like ipconfig, replaces the kernel sometimes.

Spyware are utilities that tracks users activity, mainly on the Internet and capture passwords or install backdoors. Adware are less dangerous and just tracks the habits. Antivirus programs incorporate anti spyware today.

Instant Messaging (IM) (AOL, Messenger, ICQ...) has many security issues (no encryption, file transfer, execution of programs and scripts, buffer overflow. A company should:

• Specify IM restrictions in it's policy
• Implement Firewall on each PC
• Block IM traffic
• Upgrade IM Software
• Incorporat IM Servers