Large scale concert production TCP/IP networking

[Chad Young]

Re: Large scale concert production TCP/IP networking

Hacking of the actual login passkey can only occur if there are multiple devices logging into and out of the router during the time that the hacker has access to listen to the incoming and outgoing data packets and use packet injection. For now,WPA2 passkeys are unbreakable if used correctly.

WPA2 is still quiet susceptible to a brute force attack, so "unbreakable" is erroneous in this case. True, a well-constructed key could take a ridiculously long time to crack, but it can be done. Also, it is not necessary to have more than one device on a WLAN 'logging in and out' to launch an attack. If I wanted to drive you nuts, a simple de-auth flood from my smart phone would drive you spare and the odds of you detecting me are close to nil.

Regardless of encryption or other technologies, it is still true that the 2.4GHz and 5.2GHz bands can be rendered unsuitable for the passing of 802.11 wireless traffic with very little effort and skill. As an IT security professional and a minor-league sound guy, I would never rely on 802.11a/b/g/n wireless as my sole path for mission critical data communication.

That is my $0.02.

 

[Jelmer de Jong]

Re: Large scale concert production TCP/IP networking

There is no reason to use a 192.x class C network in a live situation. The 192.x is only used because it is not resolvable from an exterior domain.

I'm not debating any network class. Just use subnets so broadcast-traffic doesn't clog the entire network.

 

[Helge A. Bentsen]

Re: Large scale concert production TCP/IP networking

Yes, there is. You have to manually add the WiFi network. Settings -> Wireless and Network -> wiFi Settings -> Add WiFi network. You will need to type in the SSID and key *exactly* as you have it on the WAP - it is case sensitive.

Tried that, still no connection as long as my SSID is hidden.

 

[Tim Duffin]

Re: Large scale concert production TCP/IP networking

WPA2 is still quiet susceptible to a brute force attack, so "unbreakable" is erroneous in this case. True, a well-constructed key could take a ridiculously long time to crack, but it can be done. Also, it is not necessary to have more than one device on a WLAN 'logging in and out' to launch an attack. If I wanted to drive you nuts, a simple de-auth flood from my smart phone would drive you spare and the odds of you detecting me are close to nil.

Regardless of encryption or other technologies, it is still true that the 2.4GHz and 5.2GHz bands can be rendered unsuitable for the passing of 802.11 wireless traffic with very little effort and skill. As an IT security professional and a minor-league sound guy, I would never rely on 802.11a/b/g/n wireless as my sole path for mission critical data communication.

That is my $0.02.

By "unbreakable" I mean that it takes a minimum of 10 days with massive processing power to break a WPA2 key with brute force. Most shows are of shorter duration than that.

In the case of wireless security at a show, what would you use then? If it was MY show, I would simply use very high power directional microwave repeaters to kill everyone elses wireless data access except mine. Since only the repeaters have enough power to talk to each other, the puny 50mw amplifier in an Iphone wouldn't even register.

You have probably seen these:

http://www.cambiumnetworks.com/solutions/products.php?id=ptp600

 

[Chad Young]

Re: Large scale concert production TCP/IP networking

In the case of wireless security at a show, what would you use then?

A very good question. If I were forced to use 802.11a/b/g/n, I would use a quality wireless router (Cisco 800 series is a fave of mine), WPA2-PSK (only because most non-computer devices have trouble using certificate-based authentication), probably turn off SSID to limit exposure a bit, and keep it all as one closed loop with no internet access. A little trick you can do with some routers is to set up a secondary SSID and brodcast it, but make it a complete dead-end. Your casual hacker will usually go for the easy decoy target and ignore the 'hidden' one.

For a more serious or mission critical application, fiber-optics is awesome, the microwave link you indicated would be very nice, as would Free Space Optics. Free space optics, in particular, have great bandwidth, excellent range, and are quite secure, but not too many are geared for mobile use.

In the case of wireless security at a show, what would you use then? If it was MY show, I would simply use very high power directional microwave repeaters to kill everyone elses wireless data access except mine. Since only the repeaters have enough power to talk to each other, the puny 50mw amplifier in an Iphone wouldn't even register.

Provided you are not intentionally 'jamming' anything, this is an excellent approach.

You have probably seen these:

http://www.cambiumnetworks.com/solut....php?id=ptp600

I have seen similar, but these bear looking into. I have a situation here where one of those might be rather useful. Our folks have this habit of selecting and outfitting buildings and then, after the fact, coming to use for data connectivity.

 

[Henry Cohen]

Re: Large scale concert production TCP/IP networking

You have probably seen these:

Cambium Networks Products

Careful: These types of PtP systems are designed for long haul connectivity, on the order of kilometers, and mounted at a fairly decent height. Attempting to use a pair of these for a 200 foot or so link at not too far above an ocean of WiFi clients could result in far less satisfactory perfomance than one might expect.

Backhaul links are designed for both high ERP output (RF power + antenna gain) and very good sensitivity (RX front end design + antenna gain), the common characteristic being antenna gain. Positioning nodes too close together could actually result in overloading the receive stage causing tremendous distortion and rendering the data link useless. Even if the RF power could be turned down alot, the cumulative antenna gain alone is still going to provide >40dB, or over 10 watts worth. Add to that the minimum RF power the node could probably be set to (about +10dBm), the result is about 100 watts ERP; way too much power for only a couple of hundred feet.

Further, because of the very high gain of the antenna and the relatively low height the units are likely to be mounted above the ground, the noise floor encountered by the receiver [at 2.4GHz] could be quite detrimental, especially as the RF power is turned down. That said, the very narrow beamwidth of a high gain antenna means only about a 30 foot height above the crowd would be sufficient to keep the received noise floor low enough to be tolerable, and of course using a 5GHz channel would most likely be quieter still.

If you still feel you'd like to try a PtP link, I'd recommend the Ubiquiti offerings: Excellent high speed performance at 1/10th the price of Canopy/Cambrium.