Dave Wi-Fi

Security is of the upmost importance when it comes to network and even more so when we are talking about Wi-Fi. Wi-Fi, as part of it's base fundamental is wireless and even with configuration options does go outside of your preferred area. This can cause a bit of an issue whereby someone can sit outside, with an adapter and monitor and potentially attack your wireless network. In this post, we will go over a high level description of the main security protocols out and about in the wireless world.  Thankfully keeping a handle of which ones are out there is quite simple. The Wi-Fi Alliance, setup in 1999 (by numerous companies to promote compatibility) owns the Wi-Fi trademark and subsequently develops the security protocols, which we'll discuss below.  There is four main Wi-Fi security protocols that you might see out and about and those are as follows, WEP, WPA, WPA2 and finally WPA3. Each have their pros and cons which we will also discuss on top of best practice configura...

Wi-Fi 6 (802.11ax) is becoming the focus point of wireless networks everywhere as we slowly start to upgrade our existing hardware and software to utilise the added features for ours and users benefits. This blog post is an overview of the features that have been brought in with Wi-Fi 6 to reacquaint myself before I get too stuck into Christmas.   Wi-Fi 6 MU-MIMO  The previous two iterations of the wireless standard have allowed for the use of more than one concurrent transmission from a single transmitter known as a spatial stream. This is most notably with 11n the first standard that allowed four max and brought in the use of (Multiple Input Multiple Out) to utilise this increase in transmit potential. This in theory allowed up to four signals to be sent at the same time from the same device, four times as many bits, increasing overall throughput.  8011.ac ramped that number up to eight max spatial streams that allowed eight times the bits (simple maths isn't it)...

Within certain WLAN management frames (Beacons, Probe Response, Association Request, and Reassociation Request), there is the Robust Security Network Information Elements (RSN IE) in Wi-Fi Protect Access 2 (WPA2) capable networks. It sits in the Tagged Parameters part of the frame and displays the security capabilities of its associated Basic Service Set (BSS). Robust Secure Network (RNS) was created within the 802.11i amendment, Wired Equivalent Privacy (WEP) is not considered a valid Robust Secure Network (RSN) due to security vulnerabilities which is one of the main reasons for 802.11i being created in the first place and a result will not contain any RSN information. There are three sections that we are going to look at today those being the Pairwise Cipher Suite, Group Cipher Suite, and the Authenticated Key Management (AKM) suite with the overall layout of all three shown below from a packet capture I did. Depending on the configuration of the BSS (Personal and Enterprise) t...