4. Understanding WiFi standards
First off, wireless is based on a set of standards. The wireless standards are based on what are called 800 and 211. A lot of people, when they hear that word 811, that term 811, immediately think, “Oh, that’s wireless.” Just so you know, 802 is not just wireless. 802 is a set of standards that was created by the E. They started designing it in the 1970s, and then they finished their initial standards in February of 1980, which is where 802 comes from. There’s some—I don’t know—maybe useless knowledge for you. February of 1980—that’s what the 802 stands for. 1980 and February By the time we got to about 1999, they had started coming out with these standards.
Microsoft started adapting these standards, and the industry started to kind of adapt these standards, and they were at 811. Now they have come out with eight to eleven. The standard was 54 megabits per second. But the problem was that you couldn’t get very far from your wireless access point, which is going to be the device that’s going to connect your wireless devices together. Right. Then they came out with B, which came out the same year, 1999, and it was eleven gigabits per second. Okay. The only significant difference was that it ran at a 5 GHz frequency, which is faster but not as far. B operated at a frequency of two to four GHz, which could go further but was slower, at only eleven megabits per second. They also came out with G in 2003, which could go 54 megabits per second. And it also operated off the 2.4 GHz frequency, which means it could go further and go as fast as A did. Then in 2009, they came out with N.
You could go faster or slower depending on the type of equipment you have, it all depends on the equipment. However, in general, it is capable of 300 megabits per second. And it supported a feature called “dual bonding,” which allowed you to double the speed. By using both frequencies (2, 4, and 5), You could get a faster performance off of that. And you can bond these things known as channels together. Okay. Another thing that came out around the same time was MIMO, or multiple input, multiple output, which allowed your antennas to do multiple things. Input and output may occur concurrently prior to the end of your antennas on a wireless access point. And then, as we fast forward into 2013, we get to AC. AC is the newer standard, and of course, depending upon the equipment, you could go anywhere from a few gigahertzes up to about 8 GHz. I’m sorry, gigabits are one gigabit per second, or up to eight gigabits per second. Okay, so there’s a lot of performance on that, and that one can use the 5 GHz frequency.
A lot of people don’t realize that they’ll use the two 4 GHz frequencies instead of that one, and you’re actually dropping yourself to the bottom. So if you’re using 2.4 GHz while you’re using 811 AC, you’re actually using n. A lot of people don’t realize that, but you’re going a lot slower than you need to. 5 GHz has better performance. You don’t believe me? Look it up. A lot of people disagree, and they’re like, “Oh no.” And they believe this because the 2.4-GHz frequency travels further but not faster. So if you go farther away in your home, business, or whatever from the access point, you may notice 811n 2.4 picks up better just because it goes icks up betteBut AC is actually the faster standard. Now, the other thing I want to point out, guys, is that you probably didn’t know that there are more letters than just those.
There’s A-B-C-D-E-F-G all the way through the alphabet. In fact, they’ve used all the alphabet letters up, and then they had to start doubling the alphabet letters. By the time they got to the year 2013, they had already used up all the alphabet letters up.You just don’t hear about those other alphabet letters. Those are revisions to wireless because they don’t have anything to do with speed. And the thing everybody cares about, of course, is speed. Right? Okay. So the other thing I want to point out is the wireless encryption protocols. One thing you’re going to want to know for this course and the exam is the different encryption protocols.
The first encryption protocol that came out was called Web, the wired equivalent of privacy. Of course, a lot of people call it a weak encryption protocol. This came out in the paper; it uses an older encryption called the river cypher for encryption, which is a weaker encryption by today’s standards. came out in the 1980s. It also uses what’s called a “24-bit initialization vector.” Now, not to turn this into a cybersecurity class or anything, but the initialization vector is something that works with your encryption key to keep changing the math of it constantly. 24 bits is not a very big number in regards to the initialization vector. So what happened was that it didn’t take long. By the early 2000s, hackers could actually pull up in your parking lot. They could get a tool called an aircraft air snort, and they could actually sniff some traffic on your wireless and break your encryption key very quickly. And today, that would just take, in some cases, a few seconds with the Web.
So you don’t want to be using the Web. You definitely want to get rid of webs in your environment. After Web was discovered to be insecure, they released WPA WiFi protected access, which we now refer to as WP version one. It also uses RC4, which is still considered weak. But they did improve this by using the TCP temporal key integrity protocol, which gives us a 48-bit initialization vector, which is a much more secure way to do it. The problem is, they can still be broken with enough time. Then eventually they came out with new standards. The standards were originally known as 811, which means “eight eleven.” Okay, this is WPA version 2, which employs AES (Advanced Encryption Standards), a much stronger type of wireless encryption. And then they also replaced CCP with something better. It’s called the CCMP Cipher Chaining Mode Protocol, which uses a 48-bit initialization vector as well. But it’s got better math involved, so it’s more secure. Okay, so those are your wireless encryption protocols that are generally used in your environments.
Now, I also want to tell you that those are going to encrypt your traffic, but you also have to authenticate to a wireless access point. And there are two modes of authentication. Authentication means that somebody who is connecting wirelessly has to prove that they are who they say they are. There are two modes to that: WPA personal mode and enterprise mode. Personal mode is also called PSK (pre-shared key). This is generally what you use for small businesses. We also use this in homes. Like, I’ve got this at my house right now. It’s basically just a password, okay? And the password is essentially the key; it will grant you access to the wireless network, which you can then share with others in your environment. Of course, the downside to that is that anybody could share that password with anybody else, and there’s no real accountability to it.
There’s no way to differentiate between different people. So there’s that problem in higher-security environments, where you want to be using Enterprise mode. Enterprise mode is 821x authentication, okay? I know it doesn’t say 811 X, but it does say one X. That’s because 821-X authentication supports wireless, but it also supports wired connections as well.Believe it or not, this is going to be for environments that need a much higher level of security, okay? Each user has the ability to use multifactor authentication. You can use passwords, PIN numbers, smart cards, certificates, biometrics, and all sorts of other methods of authentication. There’s actually a protocol that works with it. I didn’t put it on the screen, but it’s called EAP (Extensible Authentication Protocol), which is going to help this enterprise mode function. Now, in order to do this, you will need to have a server known as a “Radius server” or something like a Radius server.Radius is an industry standard service.It is an abbreviation for remote authentication dial in User Service. You can tell by its name that it’s been around for a while.
This is what ISPs used to use in the 90s for their dial-up connections. But over time it’s been used for other things, like VPNs, and for this particular thing. There’s also another type of server known as the “Attack Ax Plus” server. There’s also what’s called “diameter,” but radius is sort of the industry standard type of service that people use. If you have a Windows Server, you can actually install Radius for free, though they don’t call it Radius. NPS stands for NetworkPolicy server on a Windows server. Okay, so this is going to again let everybody have a unique username, password, or smart card certificate. And this is a lot more secure than using PS mode, okay? So that gives you an understanding of the WiFi settings and the different modes. Okay? And of course, I’m going to be getting into configuring some of the Wi-Fi settings.
5. Configuring the WiFi Settings on Windows 10
You’ll notice that on this virtual machine, if I click Network Internet, I do not have a Wi-Fi adapter, but I do on my physical computer. So I’ll bring up the settings on the physical computer. Now if you’ve got a WiFi adapter, you’ll have this WiFi button here that you can click on, and this is going to let you see your wireless. OK? So as you can see, I’m connected to a wireless network called wireless here, okay? and that is known as your SSID in wireless networks. As a result, that service set identifier If you look in the lower right corner of your screen on a Windows 10-based computer, you’ll see the little WiFi symbol. If you’re connected to wireless, you can click that, and this will show you the available networks that are up and running. Okay? So you can do that.
That’s how you connect to your wireless. Okay? They’ve also supported what’s called Hotspot 20. And Hotspot 20 means that your Windows Ten computer could connect to different hotspots that have been made public in public places. Of course, you’ve got to be a little bit careful there just for security reasons, but this is where your WiFi settings are going to be. And then, as far as your changing your TCP IP settings and all that, that is exactly the same as what we saw in our previous lectures on TCP IP. There are not really a lot of differences there with regards to that. Now you can, of course, put your device into aeroplane mode if you want. You can turn that on. You can do that over in the action menu as well, as we’ve seen. And by putting your device in aeroplane mode, it’s going to disable all wireless transmissions by default. This is because of airplanes, right? If you’re on an airplane, they want you to do that.
Although even if you’re in aeroplane mode, you can switch your wireless signal back on. They don’t want you doing cellular or anything like that. So you can still use that if you want. Okay? So that’s what aeroplane mode is, and that’s how you can configure your wireless network. So it’s pretty easy. If you wanted to turn this completely off, you could just switch it off if you want.Then you can support this Hot Spot 2.0 with this online sign up to get connected. So what that will do is, if you do have a Hot Spot 2.0 where they’re offering some public WiFi hotspots, it’ll just pop a message up and allow you to sign in. In some cases, though, keep in mind that they’re going to try to charge you money for that. Okay? Also, you can do mobile hotspot. If you wanted to support that, You can share your internet connection with others, enabling what is known as an “adhoc” hotspot, which basically allows you to share your connection with people nearby who want to use it. You could share that with other people if you want to. OK, so that’s how that would work. Okay, so there aren’t really a lot of wireless settings to really configure, and it’s all pretty straightforward now that you understand the standards. As far as configuring Windows 10 goes, there aren’t too many things that have to be configured.
6. Running Network Commands for troubleshooting network connections
Panel. I go down and search control, and then I can go to the network and Sharing Center, and then you can go to network diagnostic troubleshooting. So if you go to troubleshooting here, this will bring you into diagnostics. It’s going to do a diagnostic test on your connection. It’s going to see if you have an Internet connection, or maybe your neck is down or your network interface card is down. It may even try restarting your nickname for you. But all in all, I wouldn’t count too much on the diagnostic tool fixing a lot of problems for you. It can, however, be useful in certain situations. I’ve had scenarios where maybe I got disconnected from WiFi and couldn’t reconnect. But then, when I went to the troubleshooter, who reset things for me, I was able to get in. So you never know, but it is something to keep in mind. Another thing to keep in mind is the event log. You go down here and type “event,” and you can go into Event Viewer.
I’m going to talk more about Event Viewer a little bit later in this course. But I can go into the Windows logs here and look at this thing called the system log. And this will show me if I’ve got any problems going on related to the operating system and being able to get out to the network and all that. Sometimes the system log does take some time to load because it’s got a lot of events, as you can see here. But the system log is a place you can check. And then, of course, there are a tonne of commands that we can use for troubleshooting. I can also run these from a regular command prompt. Up the font size; make it bigger so you can see it a little better. Okay, so here we go. We’re in PowerShell. All right, and I’m just going to clear my screen. Make it clear here. The first command I want to show you is called IP config. I can type IP configuration, and I can see my TCP IP settings. Here is a virtual nick that I’ve got on my machine; it’s called the internal nick. And as you can see, it’s got an IPV-6 address called Fe 80.
That’s what an IP version 6 address looks like, which is actually just called a link local address. This means that I was not able to get an address from my DHCP server for V6, so my computer actually gave itself an address. But you can kind of ignore that one right now. Look at version four, though. You saw me earlier configure version four; it’s 192-1680. Two, my subnet mask is here, which is that 24 subnet mask. And then my default gateway, which is my router, is 18216. I can also do IP configuration all and see all of my IP configuration, so I can see my computer’s name and DNS suffix. Okay? I can see what the physical address of the adapter is—the Mac address. I talked about Mac addresses earlier. So there’s the Mac address. I’m not using DHCP, as you can see. I can see who my DNS server is for name not using DHCP,You can also do an IP configuration mark like that, and you can see all the switches that are available when it comes to IP configuration.
So, for example, if I was getting an address from DHCP, I could type Ipconfigrelease, and if I wanted to release my address back to DHCP, I could. And then if I wanted to renew it, I could change this to the word renew, and it would renew my address from DHCP. There are not really a lot of reasons to do that. One reason you might do it is because you know that DHCP has been reconfigured and you want to get the updated configuration on the machine. Of course, you could reboot the machine, and that’ll do it as well. Okay. You can also run a command called “ipconfig display dns.” When you go to somewhere on the network and you type the name of a computer, your computer has got to ask DNS what the IP address of where you’re going is. Your computer will remember that IP address for a certain amount of time. Okay? So if you look here, you’ll notice that I’ve got all these entries on things that my computer has asked. And if you look closely, you’ll see that there’s a time to live. TTL that time to live is counting down in seconds. So if you look, this is 23:37, and now it’s going to be 23:33, and I’m going to refresh it. And it’s 23:30; refresh it again, and it’s 23 28.You can see it’s counting down in seconds.
So, eventually, this time will pass and all of these entries will disappear. And the next time I go to any of these places, my computer will have to ask for DNS. Now, you may say, “I didn’t actually type all these names in.” It really doesn’t matter if you typed all the names in or not. When you go to one website, it has all sorts of things that it links to, so you end up caching a lot of names. This is called your DNS cache, and it makes it so your computer doesn’t have to keep asking for DNS information. Now, if you know some IP address has changed and you would like to force your computer to forget what it knows regarding DNS, you can type ipconfig flushdns, and it’s going to clear your cache. And now your computer currently has a clear cache. If I say “displaydns” again, you’re going to notice that it no longer has that information. But if I have to ask DNS something again, like if I were to open up my web browser and go to, you know, a certain website, it’s going to go out and query. Like right now, it’s querying the DNS.
Now watch this; it’s going to end up caching stuff again. So we’ll hit enter, and you’re going to notice that it actually will have that stuff in there. It’s kind of going a little bit slow because this little virtual machine doesn’t have a tremendous amount of memory. However, as you can see, my web browser cached some information that will appear in your command line. All right, anyway, that’s what Display DNS is going to do for you and Flush DNS DNS.And as you can see, it cached a whole bunch of things just by going to the Microsoft.com website just now; there are a lot of entries there. Okay, so that’s what Flush DNS does. Now there’s another great command called Ping. Ping is an abbreviation for packet Internet gateway. Ping uses a protocol known as ICMP (Internet Connect Control Message Protocol). Internet Control Message Protocol And what Ping does is send a clear text message somewhere and ask for the device to reply back. So, if I say Pinggoogle.com, it will send some traffic to Google, and Google will respond with a response if Google is accepting pings. Now, a lot of companies block pinging.
For example, if I tried to paint Microsoft.com, you’d notice that even though the name was resolved by DNS to this address, Microsoft did not respond. And it’s because their firewall is blocking pings because hackers have been known to use ping to perform attacks called DoS attacks, or denial of service attacks. Okay, I can also do that, like if I want to do Google, I can say Google.com or Pinggoogle.com. And this is kind of a neat little switch. It lets you do an infinite loop. This is useful when troubleshooting an Internet connection. Okay, great way to check if your Internet connection is operational. Now what if you could not ping by name but by IP address? Okay, that would tell you something that’s going on. That would indicate that there is a DNS problem. If you can ping by name, you can’t ping by name, but you can ping by IP address. I feel like I’m dialling 8-8-8. Then that tells you there’s usually a DNS problem usually.Okay, but ping is a great command. Just keep in mind that a lot of firewalls are going to block ping.
Okay? So the next command I want to show you is called Tracert, which is short for traceroute. I’m going to do traceroute-against-traceroute against Google.com. This is going to show you every router that your traffic and your packets are travelling through in order to get to their destination. Okay? My traffic is actually having to pass through this one in NYC and DC because that’s my router. And then it’s going to hop through my router that’s in the building I’m in. Right now, it’s going to hop through the different routers on the Internet that I’m using. But you’ll notice there are three numbers here that say Ms. Those are milliseconds. It’s sending three packets, three little bits of information, to each location and getting a reply. You can tell that I’m on Comcast Internet right now.
So these are called hops. Every router your traffic has to pass through is a hop. That’s what Trace Route is going to do for you. Keep in mind that if there’s a firewall or router out there that’s blocking the ICMP protocol (internet control message protocol), then it will eventually just time out. That’s what it’s doing here. You’ll notice it’s timing out on me because apparently there’s a router firewall out there between me and Google that’s blocking it. So it’s not always a foolproof protocol, but you can get a good feel for where your traffic is flowing if you use that tool. Another great tool is called “path pain.” I’m going to do a pain test against my Nycdc-1 machine. So what I’m going to do is send 100 packets to that server on the network and ask it to respond with all of those packets back. Now this is handy because it’s going to tell you your packet loss. It’s going to tell you how many packets get out there and how many don’t come back.
Okay? I actually worked in an environment once as a consultant, and a company said that their Internet connection was really slow between buildings. And it turned out that this company had installed a Category 5 cable between the two buildings, which were 800 feet apart. Well, if you know anything about cabling category five, twisted pair, you’re really only supposed to go a maximum of about 326 feet, and they were going 800 feet, so a lot of their traffic wasn’t making it to where it ended up when I got this little report back, I ran this pathping between the two buildings.
When I got it back, it showed an 86% packet loss. This is really good, though, for checking packet loss. I use it for wireless networks. A lot of times, when I feel like maybe my wireless signal is getting grounded out, I’ll do some papping between my computer and the access r checking The only disadvantage of pausing is that it is a slow command. For every hop that you do with a pingthrough, it’s going to take 25 seconds. So if I had to jump through, you know, eight different devices, eight routers, or whatever to do the pathpain, it was going to be eight times 25 seconds. So it’s a bit of a slow command. Another handy command is called Netstat.
Net stat will show you all of the sessions your computer has open right now. Okay? So it’ll show you all the computers you’re connected to, from where I am to the places that I’m connected to right now, and it’ll tell you the state of the connection, whether it’s still open or not. There’s a really helpful switch with this. I can do Netstata, which will show me all my ports that are open. And my personal favourite is Netstat dash NAB NAB. Basically, this is going to show me all the ports that are open, and it’s going to show me the programmes running on my computer that are using those ports and the things that they’re connected to. So that’s a really helpful one as well.
The last command I’d like to show you right now is NS Look up. This is a DNS troubleshooting command, and I can say Nslookupname server lookup and type a name like Google.com, and it’s going to show me the server name. What do you see here? This is the server I got my information from. My computer was not able to do something called a “reverse lookup” against that server. So it just says “unknown.” But it’s this server here. That’s my DNS server. He’s the one who gave me the response. He gives me what’s called a nonartative answer. That means that my server doesn’t own Google’s name. That’s what “nonauthorize” was going to mean. However, my DNS server responded with “google.com,” and here is Google’s IP version six address.” And then here are their IP version four addresses for where I’m at now: Google has over a million servers worldwide.
So if you run this command right now, you may get a different output than me. Okay, let’s do that against Facebook, and I want to show you something kind of interesting. Okay, so I ran it against Facebook, and it gives me their version six address. Take a look at their version six address. They put the word “Facebook” in there. kind of interesting. Anyway, you can do that. You can do NS lookups against all sorts of things. You can even do Nslookup D 2, which means detail level 2, which is the highest level of detail. And you can have your DNS server give you that information. So if I did this against my domain name here, examlabpractice.com, it’s going to dump all the DNS information from the DNS server about that name. And if you get skilled at DNS and understand a lot about DNS, you could troubleshoot DNS-related problems that way. Obviously, this is not a server class, so we’re not really going to get too deep into that. But you could use that command to help you troubleshoot DNS-type problems. So hopefully that gives you a quick rundown of some of the different troubleshooting commands we use and different methods we can use for troubleshooting connections in our environment and encourages you to try it out in your own. I definitely encourage you to try all this out yourself and get some hands-on experience with it.