Acknowledgements
Contents At a Glance
Forward
Preface
Introduction
How is this book organized?
Contact Information
Chapter 1 Introduction to Wireless LAN Analysis
What is Wireless LAN Analysis?
Why Analyze Wireless LANs?
Maximize Performance
Improve Security
Improve RF Coverage
Learn How Wireless LANs Operate
When Should You Apply Analysis?
System Design
RF Site Surveys
Acceptance Testing
Baseline Analysis
What is a Baseline?
Why a Baseline?
Baseline Objective
Continual Monitoring
Troubleshooting Problems
Types of Wireless LAN Analysis
RF Propagation Analysis
Performance Analysis
Security Analysis
Troubleshooting
Wireless LAN Analysis Tools
Protocol Analyzers
RF Analyzers
Simulation Tools
Intrusion Detection Systems
Summary
Key Terms
Review Questions
Chapter 2 802.11 Protocol Architecture
802.11 Services
System Services
Distribution System (DS)
Integration Service
802.11 MAC Layer Overview
Scanning
Synchronization
Frame transmission
Authentication
Association
Reassociation
Data Protection
Power management
Fragmentation
Request-to-Send / Clear-to-Send (RTS/CTS)
Management
Scanning
Passive Scanning
Active Scanning
Synchronization
Frame Transmission
Access Timing
Short IFS (SIFS)
PCF IFS (PIFS)
DCF IFS (DIFS)
Extended IFS (EIFS)
Calculations
Medium Access
Distributed Coordination Function (DCF)
Carrier Sense
Duration Values
Extended Rate Physical (ERP)
Point Coordination Function (PCF)
Contention-Free Period
Polling
Frame Types
PCF Summary
Error Control
Data Rate Shifting
Summary
Key Terms
Review Questions
Chapter 3 Connectivity and Data Protection
Authentication
Open System Authentication
Shared Key Authentication
Association
Roaming
Data Protection
Wired Equivalent Privacy (WEP)
Wi-Fi® Protected Access (WPA®), 802.1X/EAP, & 802.11i
TKIP
48-bit initialization vectors
Per-packet key construction and distribution
A new message integrity check (MIC)
CCMP
802.1X/EAP
Summary
Key Terms
Review Questions
Chapter 4 Configuration Options and Protection Mechanisms
Power Management
General Operation
Power Management Bit Flipping
DTIMs
Ad Hoc
Summary
Fragmentation
Configuration
The Bits
Sequencing
Fragment Bursting
RTS/CTS
Hidden Node Example
Duration Values & Modulation
Duration Values Without Fragmentation
Duration Values Using Fragmentation
Scenarios
Configuration
CTS-to-Self
Protection Mechanisms
Summary
Key Terms
Review Questions
Chapter 5 802.11 MAC Frame Format
MAC Frame Format
Nomenclature
Frame Structure
Frame Control Field
Protocol Version Field
Type Field
Subtype Field
ToDS Field
FromDS Field
ToDS / FromDS Example
More Frag Field
Retry Field
Power Management Field
More Data Field
Protected Frame Field
Order Field
Duration/ID Field
Address Fields
Sequence Control Field
Frame Body Field
Frame Check Sequence (FCS)
Summary
Key Terms
Review Questions
Chapter 6 802.11 Management Frames
Management Frames
Association Request Frame
Association Response Frame
Reassociation Request Frame
Reassociation Response Frame
Probe Request Frame
Probe Response Frame
Beacon Frame
ATIM Frame
Disassociation Frame
Authentication Frame
Deauthentication Frame
Management Frame Summary
Frame Body Fields and Elements
Association ID (AID) Field
Authentication Algorithm Number Field
Authentication Transaction Sequence Number Field
Beacon Interval Field
Capability Information Field
Current AP Address Field
Listen Interval Field
Reason Code Field
Status Code Field
Timestamp Field
Service Set Identifier (SSID) Element
Supported Rates Element
Extended Supported Rates Element
FH Parameter Set Element
DS Parameter Set Element
CF Parameter Set Element
Traffic Indication Map (TIM) Element
IBSS Parameter Set Element
Challenge Text Element
ERP Information Element
Summary
Key Terms
Review Questions
Chapter 7 802.11 Control and Data Frames
Control Frames
Virtual Carrier-Sense Mechanism
Request-to-Send (RTS) Frame
Clear-to-Send (CTS) Frame
Acknowledgement (ACK) Frame
Power Save Poll (PS-Poll) Frame
Contention-Free End (CF-End) Frame
CF-End+CF-ACK Frame
Control Frame Summary
Data Frames
Simple Data Frame
Data + CF-ACK
Data + CF-Poll
Data + CF-ACK + CF-Poll
Null Function
CF-ACK
CF-Poll
CF-ACK + CF-Poll
Frame Transmission Rates
802.11e Frame Format Modification
Summary
Key Terms
Review Questions
Chapter 8 802.11 PHY Layers
Physical Layer Architecture
PLCP Sublayer
PMD Sublayer
Management Layer Entities
Generic Management Primitives
Physical Layer Service Primitives
Physical Layer Operations
Carrier Sense/Clear Channel Assessment (CS/CCA)
Transmit (Tx)
Receive (Rx)
Carrier Sense Function
Transmit Function
Receive Function
DSSS PHY
DSSS Preamble
Beacons & Probe Responses
DSSS Header
Signal Field
Service Field (802.11 & 802.11b)
Service Field (802.11g)
Length Field
DSSS PMD Sublayer
ERP-OFDM PHY
ERP-OFDM PPDU
ERP-OFDM PPDU Preamble
ERP-OFDM PPDU Header
ERP-OFDM PPDU Data Field
ERP-OFDM PMD Sublayer
DSSS-OFDM PHY
Transmit Procedure (802.11g)
Receive Procedure (802.11g)
Summary
Key Terms
Review Questions
Chapter 9 802.11 System Architecture
Access Point Architecture
Message Forwarding
Frame Translation
Proprietary Enhancements
Auto-channel Selection
Performance Enhancements
SSID Broadcasting
Multiple SSIDs
Virtual Local Area Networks (VLANs)
SSID broadcasting
Maximum number of client associations
Repeater Access Point Operation
Security Measures
Pre-Shared Keys
802.1X/EAP
802.11i / WPA2 / AES
Wireless Router Architecture
WLAN Access Point Router
PPTP VPN Example
Enterprise Wireless Gateway (EWG)
IPSec VPN Example
Wireless LAN Switch
Wireless LAN Switch Scenario #1
Wireless LAN Switch Scenario #2
Wireless Mesh Architecture
Network Design
Encryption
Analysis
Enterprise Encryption Gateways (EEG)
Bridging
Client Configuration Options
Authentication
Summary
Key Terms
Review Questions
Chapter 10 802.11 Protocol Analyzers
WLAN Analysis Dynamics
MAC vs. PHY
PHY Options
Laptop vs. Distributed
WIDS Sensors
Analyzer/Sensor Placement
Encryption Impact
Common Features
Analyzer Types and Features
Laptop and Handheld Analyzers
Frame Decoding
Protocol Statistics
Node Statistics
Channel Analysis
Conversation Analysis
Expert Feature
Peer Maps
Performance Measurement
Alarms
Filtering
Reporting
Distributed Analyzers
Hardware Sensors
Software Sensors
Dashboards
Monitoring, Alarms, and Reporting
Network Maps
Live Views
Filtering
Summary
Key Terms
Review Questions
Chapter 11 802.11 Performance Variables
Protocol Impacts
Fragmentation Threshold
Beacon Rate
DTIM Rate
Manual and Automatic Protection Mechanism Activation
Security Protocols and Encryption
Environmental Impacts
Multipath, Hidden Nodes, and RF Interference
Multipath and MIMO
Hidden Nodes
RF Interference
Co-channel and Adjacent Channel Interference
Mobile vs. Portable Impacts
Summary
Key Terms
Review Questions
Chapter 12 Additional Information
What’s Missing?
802.2 Logical Link Control (LLC)
What is the LLC Sublayer?
How Does the LLC Sublayer Relate to 802.11?
802.2 LLC Services
Unacknowledged Connectionless Service
Connection-Oriented Service
Acknowledged Connectionless Service
LLC/MAC Layer Service Primitives
SNMP
Wireless Middleware
Wireless Issues Overview
Terminal/Host Connectivity
Client/Server Connectivity
Advantages of Wireless Middleware
Connection Management
Performance Optimization
Roaming Support
Multi-Host Support
Centralized Development Environment
Summary
Key Terms
Review Questions
Chapter 13 Case Studies
Case Study 1 - Security
Case Study 2 - Performance
Case Study 3 – General Fault Finding