Forum

Wi-Fi Direct

9 posts by 8 authors in: Forums > CWSP - Enterprise Wi-Fi Security
Last Post: April 10:
  • By (Deleted User)

    The Wi-Fi Alliance has announced the coming of Wi-Fi Direct, billed as a new "peer-to-peer" technology that makes "everything an AP".

    http://www.businessweek.com/technology/content/oct2009/tc20091013_683659.htm?campaign_id=yhoo

    What does this mean for Wi-Fi security?

  • Get all of your peer-to-peer defense ready.

  • The technical details in the article are of course limited. How is this different than the old IBSS ad-hoc networks? In case client devices aren't dumb enough already we are going to make it that much more complex.

  • By (Deleted User)

    Yep, I agree that this is a security nightmare. They say that the spec will include methods for enterprises to shut down Wi-Fi Direct devices, but it doesn't matter. There will always be a loophole for hackers. Configuring every non-AP Wi-Fi device to say "connect to me" is a disaster waiting to happen. For that reason, I'm eager to read the spec and see what connectivity methods they're using and what security protocols they're defining. IBSS isn't used or recommended for a reason.

    Bryan, this should help keep you busy. :)

  • By (Deleted User)

    CO-CHANNEL interference. (!)

    So much for dynamic frequency selection :?

    Hope they don't include "beam steering" in the mix of these peer to peer links?

  • FAQ of Wi-Fi Direct:

    http://www.wi-fi.org/files/20091019_Wi-Fi_Direct_FAQ.pdf

  • Does anyone know where these Wi-Fi Alliance people live ?.....grrrrrrrr

    }:-@

    Dave

  • By (Deleted User)

    From said FAQ:

    How will security work for Wi-Fi Direct?

    Wi-Fi Direct networks operate in a security domain that is independent from any infrastructure network. This means that they have protection of WPA2, but are managed separately from the security system in the AP-based network (home, enterprise, hotspot). This means both the Wi-Fi Direct and the infrastructure networks can be protected, but users don???¡é?¡é?????¡é???¡ét need credentials for the infrastructure network to connect to the Wi-Fi Direct network.


    IOW, your new Wi-Fi Direct network is wide open?

  • By Howard - edited: May 28

    I rarely see posts on this subject anymore, but wanted to add my two cents, especially as I am seeing more Wi-Fi Direct printers in my neighborhood.  They DO negatively affect the performance of other 2.4 GHz networks.

    Most home printers are 2.4 GHz only, and if configured to use Wi-fi Direct they seem to choose channels OTHER than 1, 6, or 11.   

    The "best practice" for manually selecting a channel should also be the best for automatic selection.  This question/issue can actually get quite involved, but is best answered by an older study by Cisco that showed use of the intermediate channels (2,3,4,5,7,8,9, or 10) actually slows down performance compared to simply sharing channels on 1, 6, or 11.  This is due to co-channel interference.

    The incessant beacons generated by Wi-Fi direct printers rarely does anyone any good.  I place it in the same realm as an Ad-hoc device, back when wireless networks, especially in conference rooms, were  less common.

    Network admins in large institutions, especially hospitals, are driven crazy by these printers, and run around frantically either disabling them or re-configuring them anytime one pops up.

    Do yourself, and your neighbors, a big service by re-configuring your printers to use your normal Wi-Fi network.   Don't be lazy.

    Hint, you may find it convenient to set your AP to always assign the printer's MAC Address to a static IP address.

Page 1 of 1
  • 1