Follow us on Twitter!
I'd prefer to die standing, than to live on my knees - Che Guevara
Wednesday, April 23, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 22
Guests Online: 22
Members Online: 0

Registered Members: 82876
Newest Member: bhl1986
Latest Articles

WiFi - Part 2, Protocols, Bands and Channels

Arrow Image This section goes over the common 802.11 protocols, talks about bands and channels, and some common characteristics of antennas. Also talks about world regulartoy domains, and how to set them.



WiFi Part 2, Protocols, Bands and Channels


written by TuXtheHxR


**note**This should have been on the last section, Interfaces; but I forgot all about it.
If you see the wireless card with 'ifconfig -a', but not with 'ifconfig' it's because your wireless card hasn't been turned on yet.

To turn on a wireless card:
ifconfig wlan# up

To turn off wireless card:
ifconfig wlan# down

This can be used with any interface, not just the wireless card interface.**/note**



WLAN Standards

The IEEE, Institute of Electrical and Electronics Engineers, is the group that defines the standards.



Protocols

802.11
This was the very first WiFi, created way back in 1997. It only supports network bandwidth of up to 2 Mbps, which is slower then Bluetooth. I highly doubt that any 802.11 product is still made today, as this is a pretty outdated technology. It has a range of 66-330 feet, depending upon interference.

802.11b
This version of WiFi was created in 1999. It supports network bandwidth of up to 11 Mbps. It uses the same frequency as the original WiFi, at 2.4 GHz. It is cheap, and isn't easily obstructed by physical items. However, home appliances run on the same frequency, causing a lot of interference. It has a range of 115-460 feet, depending upon interference.

802.11a
This was created at the same time, 1999. It supports network bandwidths up to 54 Mbps. It runs on the 5 GHz frequency, which means it is a lot easier to obstruct with physical items. It is incompatible with 802.11b, and has a much shorter range. Another downfall for 802.11a is the cost; it is much more expensive. It has a range of 115-390 feet, depending upon interference.

802.11g
This was created in 2002, and attempts to combine the best of 802.11a and 802.11b. It supports network bandwidths up to 54 Mbps, and is backwards compatible with 802.11g; due to the fact that it runs on the same 2.4Ghz frequency. It is on an unregulated frequency, so there might be interference due to home appliances. It has a range of 125-460 feet, depending upon interference.

802.11n
The newest standard, which utilizes the MIMO technology. The is pretty much the use of multiple signals and antennas, designed to increase bandwidth. It supports network bandwidths up to 100 Mbps and it has the best signal range; but is also the most expensive. Although it is has the most resistance to signal interference, it also causes the most interference due to the MIMO technology. It has a range of 230-820 feet, depending upon interference.


Bands

2.4 GHz The 802.11b/g/n all run on this frequency range. This band is good, in the fact that physical items don't interfere all that much with the signal. The only downfall is that it is unregulated, which means a lot of home appliances run on the same frequency range..
3.6 GHz The 802.11y runs on this range. You will probably never see this protocol, so it is not worth talking about, just know that the frequency band can be used.
4.9/5.0 GHz The 802.11a/h/j/n all run on this frequency range. The h protocol is for Europe, and the j protocol is for Japan. N protocol runs on both the 2.4 GHz and 5.0 GHz frequencies, it is one of the aspects of the MIMO technology. This frequency band has a more limited range, and physical items create an immense amount of interference.
These frequencies are just bands in the spectrum, and they are further divided into channels.


Channels

On the 2.4 GHz spectrum, there is a total of 14 channels that are currently available. Though only 11 of them are allowed to be used, due to FCC regulation, in the United States. It is important to know that your WiFi card doesn't go by channels, but by the frequency that those channels run on.

Channel : Frequeny
1 : 2412
2 : 2417
3 : 2422
4 : 2427
5 : 2432
6 : 2437
7 : 2442
8 : 2447
9 : 2452
10 : 2457
11 : 2462
12 : 2467 (not allowed in USA)
13 : 2472 (not allowed in USA)
14 : 2484 (not allowed in USA)

As you can see, the channels are all situated 5 MHz apart, with the exception of channel 14. This would almost seem as though the channels have a 5 MHz bandwidth, but this is not true. They have a 22 MHz bandwidth (20 MHz on 802.11g/n), which means that they overlap; and therefore interfere with each other. There is a maximum of three (four on 802.11g/n) channels that can be used, that don't overlap each other.

Changing channels on wireless interface:
iwconfig wlan# channel #
iwconfig mon# channel #

The theory behind WiFi is that there would be an incredible amount of interference, due to the channels overlapping and popularity of WiFi; however in reality, there just isn't that much interference. Why this is gets a bit to complicated, just know that physical items and humidity usually cause more interference then overlapping channels usually do.



World Regulatory Domains

WiFi cards usually come set to the US world regulatory domain, and therefore refuse to let you use, or monitor, restricted channels. There are also other limitations to using the US world regulatory domain, such as a max transmit power, and a max EIRP. Luckily, this isn't that hard to get around.

First bring down your wireless card:
ifconfig wlan0 down

Set to the country code you want:
iw reg set US (for the USA, max transmit power is 27, and 11 available channels)
iw reg set BO (for Bolivia, max transmit power is 30, and 14 available channels)
This is the country code I always use, and is the most open.
**This is illegal**



Antennas

There are a variety of different antennas available for WiFi, and it is definitely recommended that you take advantage of them. You can find them cheap, or expensive; so there is not to much of an excuse not to have one.

Omni-Directional This is the most basic type of WiFi antenna. It is pretty much the same thing as a car radio antenna. It looks for signals, evenly, in all 360 degrees. I have one, with a magnetic bottom, that I use for my car; it cost me a total of $18.

Directional This is a bit more advanced antenna, and it allows you to aim you reception in one direction. These tend to cover a further area, but in a certain direction. These come in a variety of different designs, some looking like ray guns, other looking like a slightly curved book.

The range will depend on a variety of different things, mainly the power output, wireless card, obstructions, and the humidity. My $18 dollar antenna gives me an extra 200-300 feet of reception.



Transmit Power

The power can be measured in Watts or dBm, and there are a variety of different ways to make this figure 'look' bigger then it actually is; remember that when buying an antenna. There is no direct correlation between dBm's and Watts, but there are formulas: dbm=log10(mW)*10 and mW=10^(dBm/10). You don't need to know that, just use the chart below to give a pretty good estimate.

dbm : Watts
40 : 10
36 : 4 (max EIRP in USA)
30 : 1
27 : .5
20 : .1 (max EIRP in Europe)
10 : .01
1 : .0013
0 : .001
-80 : .00000000001 (received threshold on most WLAN devices)

EIRP Is the effective isotopic radiated power; mainly just a big word for how powerful your antenna or wireless card really is. EIRP = Transmitter Power + Antenna Gain Cable Loss.

Setting max transmit power:
iwconfig wlan0 txpower 30
- This will set transmit power to 30 on the wlan0 interface.
- Will also need to do this for mon0, when wireless card is in monitor mode.


That's all that I got, or want to write, on protocols, bands and channels; much more to come. Please leave behind comments on these tutorials. That way I can improve them as I go. This will be a 'hacking' tutorial, though it may not seem like it right now. It's just I didn't want this to be a 'script kiddie' tutorial, so there had to be a fair amount of background information. Every tool you use, you should now how it works, why it works, and what it does. To fully understand some of the Aircrack-ng tools, you have to know some of this information.


TuX out

Comments

om3g45m45h3ron May 11 2012 - 16:17:31
my dad had a 10 watt booster installed in his truck cellphone"motorola" to give him more broadcasting power will running this through the attenna on my router boast the signal or will i need an amp"will house amp amp a radio signal ?:xx:
maxgonemadon March 09 2013 - 03:47:16
Your articles are great, I love when people write things this well done
Post Comment

Sorry.

You must have completed the challenge Basic 1 and have 100 points or more, to be able to post.