Did you know these???

Bluetooth

                                                                                                                                           Figure 1                   Bluetooth is an open wireless technology for transferring data over shorter distances (up to 100m). It creates Personal Area Networks (PANs). It was created by Sweden based telecom company Ericsson in 1994 which was originally used as a substitute for RS-232 (Serial) data cables. An adhoc group of up to 8 Bluetooth devices (1 master + 7 slaves) is called as a ‘Piconet’. Today Bluetooth is managed by ‘Bluetooth Special Interest Group’. [1, 2]

The aim of this mini article is to reveal the secret behind Bluetooth’s logo. The word Bluetooth is an anglicised version of ‘Blatand’ in Danish. It was the epithet of kink Herald I of Denmark and parts of Norway who lived in 10th century. He united Danish tribes into a single kingdom who were apart from each other. Same logic applies in Bluetooth in a way that uniting several communication protocols together forming a universal standard.

Bluetooth logo is a bind rune (aggregation of letters) merging two letters of Younger Futhark alphabet which were initials of King Herald (Hagall + Bjarkan). [1] Refer Figure 2.

Figure 2

References

[1] Bluetooth, Wikipedia, viewed 7 Sep 2010, < http://en.wikipedia.org/wiki/Bluetooth >

[2] Piconet, Wikipedia, viewed 7 Sep 2010, < http://en.wikipedia.org/wiki/Piconet >

[3] ‘Figure 1’[image] in admin, 2009, ‘B for communication’, DAVENG WRITES, viewed 7 Sep 2010, http://davengwrites.com/


Cisco & Tsunami

Cisco’s legacy wireless access points’ default SSID was ‘tsunami’. Refer Figure 1. From Cisco IOS Release 12.3(7)JA , there is no default SSID. [1, 2]

                                                                                Figure 1
References

[1] Cisco IOS Software Configuration Guide for Cisco Aironet Access Points, 12.2(15)JA, Cisco Systems, viewed 7 Sep 2010, < http://www.cisco.com/en/US/docs/wireless/access_point/12.2_15_JA/configuration/guide/s15ssid.html >

[2, Figure 1] Cisco IOS Software Configuration Guide for Cisco Aironet Access Points 12.3(7)JA, Cisco Systems, viewed 7 Sep 2010, < http://www.cisco.com/en/US/docs/wireless/access_point/12.3_7_JA/configuration/guide/s37ssid.html >

Systems Administrator's Song

A tribute to all Sys Admins out there !!!!



Do not forget to comment on your favourite posts as described in a previous post.

Wi-Fi Myth Busters Series – Episode 4

                                                                                                                                                                Figure 1

Myth # 8 : Wireless IDS is needed to prevent rogue access points.

It is true that IDS (Intrusion Detection Systems) can identify 802.11a/b/g rogue APs. But it is not smart when detecting non 802.11a/b/g rogue APs which uses 900MHz and/or FHSS. Apart from those legacy technologies, latest Bluetooth and MIMO (802.11n draft) also can be taken. Although some wireless IDS vendors produce products which can detect such non standard APs, it is hard to identify them comprehensively. IDS blocks rogue APs in DoS method (Denial of Service) too by de-authenticating/disassociation of RAPs and their associated stations. This method is not successful because Wi-Fi adapters can have its drivers configured to ignore disassociation requests.

Some other vendors shut down the wired switch port that the RAP is connected to. This is unsuccessful too as if RAP is configured with encryption and authentication (even WEP) will not allow wireless IDS to send message to wired portion of network.

             Figure 2

As a perfect solution, wired 802.11x authentication (EAPOL – EAP over LAN) which blocks access on every port can be taken. When 802.11x is configured, network access is denied until a device authenticates as a supplicant with an authenticator (mostly RADIUS). If a company has the above mentioned structure already, wireless devices can be integrated into it easily. And also 802.1x authentication negotiates an encrypted key which prevents intruders spoofing MAC addresses as they don’t have the secure key. So answer for this myth is clearly “No it is not.”

Read more about 802.11x here.

Myth # 9 : A wireless IDS is not necessary if other rogue AP prevention measures are in place.

Even though this myth was busted in previous point, still there are some needs to use IDS. Most administrators do not go for IDS as it is very expensive and only few people know what all the things an IDS can do. Actually IDS can provide troubleshooting and optimization features such as location tracking, remote packet captures and RF interference levels analysis. Those ways can be beneficial for an administrator to handle this Rogue Access Points pain centrally without going here and there gathering information. So in this way it is clear that IDS can do a better service in performance optimization and troubleshooting more than security.

References

Miller, B & Hill, G 2006, ‘Eleven Myths about 802.11 Wi-Fi Networks’, Expert Reference Series of White Papers , 18 August, pp. 7-8, Global Knowledge Training LLC., viewed 05 September 2010

‘Figure 1’ [image] in 2009, ‘The second day of the School on Low Cost Wireless’, school2009, viewed 05 September 2010, http://wireless.ictp.it/groups/school2009/wiki/8d8fe/Group_Two's_-_Day_Two.html

‘Figure 2’ [image], KBR Wireless, viewed 05 September 2010, http://kbrwireless.com/hardware/80211x.htm

The previous episode of this series has been posted on 24th Aug 2010 which can be found easily in here. If you enjoyed this article, please leave a comment as described in previous week.