39,59 €
Mehr erfahren.
- Herausgeber: Packt Publishing
- Kategorie: Wissenschaft und neue Technologien
- Sprache: Englisch
Build your own secure enterprise or home penetration testing lab to dig into the various hacking techniques
About This Book
- Design and build an extendable penetration testing lab with wireless access suitable for home and enterprise use
- Fill the lab with various components and customize them according to your own needs and skill level
- Secure your lab from unauthorized access and external attacks
Who This Book Is For
If you are a beginner or a security professional who wishes to learn to build a home or enterprise lab environment where you can safely practice penetration testing techniques and improve your hacking skills, then this book is for you. No prior penetration testing experience is required, as the lab environment is suitable for various skill levels and is used for a wide range of techniques from basic to advance. Whether you are brand new to online learning or you are a seasoned expert, you will be able to set up your own hacking playground depending on your tasks.
What You Will Learn
- Determine your needs and choose the appropriate lab components for them
- Build a virtual or hardware lab network
- Imitate an enterprise network and prepare intentionally vulnerable software and services
- Secure wired and wireless access to your lab
- Choose a penetration testing framework according to your needs
- Arm your own wireless hacking platform
- Get to know the methods to create a strong defense mechanism for your system
In Detail
Starting with the basics of wireless networking and its associated risks, we will guide you through the stages of creating a penetration testing lab with wireless access and preparing your wireless penetration testing machine.
This book will guide you through configuring hardware and virtual network devices, filling the lab network with applications and security solutions, and making it look and work like a real enterprise network. The resulting lab protected with WPA-Enterprise will let you practice most of the attack techniques used in penetration testing projects. Along with a review of penetration testing frameworks, this book is also a detailed manual on preparing a platform for wireless penetration testing. By the end of this book, you will be at the point when you can practice, and research without worrying about your lab environment for every task.
Style and approach
This is an easy-to-follow guide full of hands-on examples and recipes. Each topic is explained thoroughly and supplies you with the necessary configuration settings. You can pick the recipes you want to follow depending on the task you need to perform.
Sie lesen das E-Book in den Legimi-Apps auf:
Seitenzahl: 302
Veröffentlichungsjahr: 2016
Ähnliche
Table of Contents
Building a Pentesting Lab for Wireless Networks
Building a Pentesting Lab for Wireless Networks
Copyright © 2016 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.
First published: March 2016
Production reference: 1180316
Published by Packt Publishing Ltd.
Livery Place
35 Livery Street
Birmingham B3 2PB, UK.
ISBN 978-1-78528-315-4
www.packtpub.com
Credits
Authors
Vyacheslav Fadyushin
Andrey Popov
Reviewers
Edward Frye
Borja Merino
Acquisition Editor
Reshma Raman
Content Development Editor
Priyanka Mehta
Technical Editor
Siddhi Rane
Copy Editor
Roshni Banerjee
Project Coordinator
Izzat Contractor
Proofreader
Safis Editing
Indexer
Hemangini Bari
Graphics
Kirk D'Penha
Disha Haria
Production Coordinator
Shantanu N. Zagade
Cover Work
Shantanu N. Zagade
About the Authors
Vyacheslav Fadyushin (CISA, CEH, PCI ASV) is a security consultant and a penetration tester with more than 9 years of professional experience and a diverse background in various aspects of information security.
His main points of interest and fields of expertise are ethical hacking and penetration testing, infrastructure and application security, mobile security, and information security management.
He is also an author of the book, Penetration Testing: Setting Up a Test Lab How-to, published by Packt Publishing in 2013.
I'd like to thank Vladimir Kozerovsky (CCNA) for his advice and Olesya Sergeeva for her support. I also want to thank our content development editors Aparna Mitra and Priyanka Mehta, who helped us stick to the schedule.
Andrey Popov is a security consultant and penetration tester with rich professional experience and a diverse background in infrastructure and application security, information security management, and ethical hacking. He has been working for a market-leading company along with another security professional since 2007.
About the Reviewers
Edward Frye is an information security professional with over 20 years of experience in network engineering, systems administration, risk management, and security and compliance across many industries, including the financial sector, healthcare, and software/platform/infrastructure as a service (XaaS) industries. He has focused primarily on security engineering and risk management since 2002. He has a masters of science in information security and assurance, as well as many industry certifications including CISSP, CCNA-Security, CEH, CHFI, and GIAC Web Application Penetration Tester.
Borja Merino is a Spanish security researcher certified in OSCP, OSWP, OSCE, Cisco CCSP, and SANS GREM. He has published several papers about pentesting and exploiting and he is the author of the book, Instant Traffic Analysis with Tshark How-to, Packt Publishing. He is a Metasploit community contributor and the owner of http://www.shelliscoming.com/. You can follow him on Twitter at @BorjaMerino.
www.PacktPub.com
eBooks, discount offers, and more
Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at <[email protected]> for more details.
At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range of free newsletters and receive exclusive discounts and offers on Packt books and eBooks.
https://www2.packtpub.com/books/subscription/packtlib
Do you need instant solutions to your IT questions? PacktLib is Packt's online digital book library. Here, you can search, access, and read Packt's entire library of books.
Why subscribe?
Preface
Building a Pentesting Lab for Wireless Networks is a practical guide to building a penetration testing lab, accessible via Wi-Fi, which contains vulnerable components and at the same time secured from unauthorized external access. This book is intended for people learning ethical hacking and for security professionals who are responsible for penetration testing and maintaining security in their organization who wish to learn how to build a penetration testing lab for wireless networks.
The fact that the lab is secured from external access allows readers to use it both in corporate and home networks without putting themselves at risk. Thus, the book will be useful not only for people new to information security but also for security professionals who want to shift their expertise to the ethical hacking field. You will learn how to plan your lab, fill it with components, configure them, and secure the environment. Additionally, you will get an overview of the most popular hacking frameworks and toolsets and will be able to prepare your own wireless hacking platform on a Linux laptop or a virtual machine.
What this book covers
Chapter 1, Understanding Wireless Network Security and Risks, reviews which wireless technologies are used to transfer data, describes the associated risks and concludes which Wi-Fi protection mechanism is the most secure.
Chapter 2, Planning Your Lab Environment, designs the lab topology, plans its components to imitate a real corporate network and allow you to practice most of the possible lab tasks.
Chapter 3, Configuring Networking Lab Components, helps you understand the network communication and access rules in our lab environment, and you see two options on how to build your lab network, based on hardware Cisco devices and virtual ones.
Chapter 4, Designing Application Lab Components, shows you how to fill your lab with useful components, which actually bring sense to the whole story of building a lab network. We install the most common services that you are most likely to meet in the scope of a commercial penetration testing project and which you most probably would like to be able to hack.
Chapter 5, Implementing Security, shows our readers how to protect the lab network from unauthorized access and external attacks by installing and configuring network- and host-based security solutions. Additionally to securing the lab network, we prepare it for practicing important penetration testing topics, such as bypassing and evading security mechanisms and assessing their effectiveness.
Chapter 6, Exploring Hacking Toolkits, gives you an overview of several popular toolkits used in numerous hacking tasks and projects, along with examples of their utilization in the lab environment. It helps you get a brief understanding of their capabilities and a foundation for further learning.
Chapter 7, Preparing a Wireless Penetration Testing Platform, shows you how to prepare a penetration testing platform for wireless hacking, including the basic necessary tools. Additionally, the chapter explains how to choose a Wi-Fi interface suitable for penetration testing.
Chapter 8, What's Next?, gives you some hints regarding what to start with and in which direction to dig if you want to develop ethical hacking skills and become a professional penetration tester.
What you need for this book
The book will provide you with a couple of options to choose your lab architecture concept: based on hardware network devices and on a virtual network. You can vary the number of simultaneously running virtual and hardware hosts in both concepts, so the main hardware requirement is to have a computer capable of running 2-3 virtual machines simultaneously. For example, a laptop with an Intel Core i7 CPU, 8 GB RAM, and 100 GB free hard drive space is capable to fulfill all tasks.
Additionally, you will need a small office/home wireless router and a hardware access point (we use a Cisco IOS-based access point).
For the concept, based on hardware network devices, you will also need to have a manageable switch with at least 12 network ports and a manageable router with at least one Ethernet port (in our book, we use an old Cisco Router 1700 series and a Cisco Catalyst 2900 series).
We also mention a lot of software in the book, most of which is free, but some of it you will need to buy or use the trial versions. For the basic functionality, you will need a virtualization platform such as VMware Workstation, VMware ESX, Oracle VirtualBox, or any other that is suitable and comfortable for you. There are no exact version requirements for virtualization platforms, but in general, newer versions are better for the purposes of our book. The GNS3 software is also necessary if you will build a lab network using virtual network devices.
Other important non-free software that you will need are Windows 7 and Windows Server 2008, but you can also use Windows 8 to Windows 10 and Windows Server 2012.
Who this book is for
If you are a beginner or a security professional who wishes to learn to build a home or enterprise lab environment where you can safely practice penetration testing techniques and improve your hacking skills, then this book is for you. No prior penetration testing experience is required, as the lab environment is suitable for various skill levels and is used for a wide range of techniques from basic to advanced. Whether you are brand new to online learning or you are a seasoned expert, you will be able to set up your own hacking playground depending on your tasks.
Reader feedback
Feedback from our readers is always welcome. Let us know what you think about this book—what you liked or disliked. Reader feedback is important for us as it helps us develop titles that you will really get the most out of.
To send us general feedback, simply e-mail <[email protected]>, and mention the book's title in the subject of your message.
If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, see our author guide at www.packtpub.com/authors.
Customer support
Now that you are the proud owner of a Packt book, we have a number of things to help you to get the most from your purchase.
Downloading the example code
You can download the example code files for this book from your account at http://www.packtpub.com. If you purchased this book elsewhere, you can visit http://www.packtpub.com/support and register to have the files e-mailed directly to you.
You can download the code files by following these steps:
Once the file is downloaded, please make sure that you unzip or extract the folder using the latest version of:
Errata
Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you find a mistake in one of our books—maybe a mistake in the text or the code—we would be grateful if you could report this to us. By doing so, you can save other readers from frustration and help us improve subsequent versions of this book. If you find any errata, please report them by visiting http://www.packtpub.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details of your errata. Once your errata are verified, your submission will be accepted and the errata will be uploaded to our website or added to any list of existing errata under the Errata section of that title.
To view the previously submitted errata, go to https://www.packtpub.com/books/content/support and enter the name of the book in the search field. The required information will appear under the Errata section.
Piracy
Piracy of copyrighted material on the Internet is an ongoing problem across all media. At Packt, we take the protection of our copyright and licenses very seriously. If you come across any illegal copies of our works in any form on the Internet, please provide us with the location address or website name immediately so that we can pursue a remedy.
Please contact us at <[email protected]> with a link to the suspected pirated material.
We appreciate your help in protecting our authors and our ability to bring you valuable content.
Questions
If you have a problem with any aspect of this book, you can contact us at <[email protected]>, and we will do our best to address the problem.
Chapter 1. Understanding Wireless Network Security and Risks
In this chapter, we are going to review which wireless technologies allow data transfer, focusing on the Wi-Fi technology as the most important one for building our own penetration testing lab. As it is a very important topic for building a highly secure lab, we will also review the common Wi-Fi security mechanisms and their security risks in conjunction with an overview of the typical wireless attack methodology.
In this chapter, we will cover the following topics:
Understanding wireless environment and threats
As the first and the key step towards understanding wireless security and building a highly secure wireless lab, the nature of wireless media and its place in the modern life should be understood. In this section, we will be reviewing the main specifics and threats of wireless networking.
Wired networks use cables for data transmission, thus considered a "controlled" environment, protected by a physical level of security. In order to gain access to a wired network, an attacker would need to overcome any physical security systems to access buildings or other controlled zones and also overcome logical security systems, such as firewalls and intrusion detection/prevention systems (IDPS).
In the case of wireless networks, there is an open environment used with almost complete lack of control. Providing the security level equivalent to physical security in wired networks is not that easy nowadays. Wireless network segments can become available from another floor of the same building, neighboring buildings, or even outside—only signal strength limits physical borders of a wireless network. Therefore, unlike wired networks where connection points are known, a wireless network can be accessed from anywhere—as long as the signal is strong enough.
An overview of wireless technologies
Nowadays, various technologies are used for wireless data communications. They differ in used media, frequency bands, bandwidth, encoding methods, scopes of application, and other characteristics. Let's start by defining the term wireless communications. We would say it is a remote communication between two or more devices according to certain rules or specifications without establishing a physical connection via cables or wires.
In order to understand our definition more clearly, let's define the characteristics that can be assigned to the discussed method of communication:
A brief but very capacious way of mapping the two most important characteristics of wireless technologies (the data transmission speed and the range) is depicted in the following diagram:
The classification of wireless communications based on range and data transfer speed
As we now have a clear definition, we can proceed to look at some of the types of wireless data transfer technologies and their specifics.
Let's start with the mobile cellular communication, which is probably the most common type of wireless data transmission nowadays. Cellular communication is a mobile network—a type of mobile communication that is based on the cellular network. The key feature is that the overall coverage area is divided into cells. Cells partially overlap and together form a network. A network comprises separate base stations operating in the same frequency band and each covering its own area (cell) with a radio signal and switching equipment. Cells have unique IDs allowing to determine the current locations of subscribers and provide connection continuity when a person is moving from a coverage area of one base station into a range of another one.
The history of mobile communications began in the middle of the 20th century and has passed four major milestones in its development until and the present time:
Currently, the most forward-looking solutions are UMTS and LTE. Both data transmission standards have been inherited from GSM and allow us to transmit voice or data and provide a set of various services. The distinctive feature of these standards compared with the older generations is the ability to transfer data at a higher speed (up to 21 Mbit/s for incoming data in case of UMTS and up to 300 Mbit/s for incoming data in case of LTE). These speeds allow working on the Internet in comfortable conditions.
Since there is a large amount of existing standards and a lot of differences between the government requirements, various frequencies for data transmission and information protection techniques based on different encryption algorithms can be used in different countries and industries.
The next wireless technology that we are going to review is Bluetooth (representative of WPAN). Bluetooth allows information exchange between personal devices such as mobile phones, personal computers, tablets, input devices (microphones, keyboards, and joysticks), and output devices (printers and headsets). Bluetooth operates in the free and widely available radio frequencies (between 2.4 to 2.485 GHz) for short-range communication at a distance of typically up to 10 meters (but there are exceptions) between devices and supports two types of connection: point-to-point and point-to-multipoint.
Bluetooth has a multilevel architecture consisting of the main protocol and a set of auxiliary protocols that implement the following:
In addition to protocols that implement these functionalities, the Bluetooth protocol stack also contains protocols such as:
Another interesting way of wireless data transmission is using waves of light. There is a group of standards describing protocols of physical and logical levels of data transmission using infrared light waves as environment. It is known as IrDA (Infrared Data Association). Usually, implementation of this interaction is an emitter (infrared light-emitting diode) and a receiver (photodiode) located on each side of the link.
This technology became especially popular in the late 1990s. Nowadays, it has almost entirely replaced by more modern methods of communication such as Wi-Fi and Bluetooth. But it is still used in remote controllers of home appliances and usually these devices have one-way connection (one side has an emitter only and the other side has a receiver only).
The main reasons for the rejection of IrDA were the following:
Another example of wireless optics as data transmission is Free Space Optics (FSO). This exotic technology uses an infrared laser as the information carrier, and it is used for long-distance communications in open spaces. The disadvantage of this system, as in the case of IrDA, is the direct visibility requirement that is highly dependent on weather.
Usually FSO is used:
Going back to wireless data transmission using a radio signal, we need to review the IEEE 802.11 standards family, also known as Wi-Fi (Wi-Fi is a trademark of Wi-Fi Alliance for wireless networks based on IEEE 802.11 standards family).
The family of IEEE 802.11 contains a few dozen standards, but we will directly take a look at the ones designed for data transmission, omitting the auxiliary ones:
IEEE 802.11 is used for data transmission via radio within a range of 100 meters. Typically, the IEEE 802.11 network consists of at least one access point and at least one client, but it is possible to connect two clients in a point-to-point (ad hoc) mode. In case of point-to-point connection, the access point is not used and clients are connected directly to each other.
Due to the fact that IEEE 802.11 applies to WLAN and provides high-speed data transfer for a local area, solutions based on IEEE 802.11 are ideal to solve "the last mile" problem. IEEE 802.11 allows us to reduce costs of deploying and expanding local networks and also provides network access in difficult-to-reach places, such as outdoors or inside buildings that have historical value.
An overview of wireless threats
Considering the specifics mentioned in the previous section, let's state the most common wireless threats.
In case of a radio signal as a transmission environment and in the case of a wired connection, there are a lot of threats, each with their own specifics.
The first threat in our list is information gathering. It usually begins with reconnaissance and mostly depends on the distance from the victim because of the radio waves nature—you don't need to connect to another network device to receive radio waves generated by that device. The result of reconnaissance can give answers about locations of network objects and users, what devices and technologies are being used, and so on. Usually, the captured network traffic contains important information. Traffic analysis can be done by checking the network packages data, the pattern of network packages, and running sessions between members of connections (access points and their clients). Also, it should be noted that the wireless network control packets (service traffic) are not encrypted. Besides, it is very difficult to distinguish between information collecting user and legal participant of the network. The fact that the radio signal coverage can go outside of a controlled zone creates easy opportunities for the realization of information gathering risk.
The second threat is problems in settings of network devices, such as using weak encryption keys or authentication methods with known vulnerabilities. Potential attackers primarily exploit these disadvantages. Incorrectly configured access points may become the cause of breaking into an entire corporate network. In addition, in the case of a corporate network, it is difficult to track using unauthorized access points; for example, a typical employee can bring an unregistered access point and connect it to a corporate network. This creates a serious threat not only to the wireless network, but also to the entire company's infrastructure.
Incorrectly configured wireless clients are an even greater threat than incorrectly configured access points. Such devices are on the move and often they are not specifically configured to reduce the risk or use default settings.
Following the previous point, the next threat is breaking the encryption. Attackers are well informed about the flaws of the widely used encryption algorithms, and for example, in the case of the WEP protocol, they can retrieve a pre-shared key from a client in less than 10 minutes.
The fourth threat facing wireless networks is the difficulty in tracking actions of a user. As already noted, the wireless devices are not "tied" to the network and can change their point of connection to the network. Incorrectly configuring the wireless client can automatically connect to the nearest wireless network. This mechanism allows attackers to switch the unsuspecting user host on an attacker's device instead of a legitimate access point to perform vulnerability scanning, phishing attacks, or man-in-the-middle attacks. Furthermore, if a user simultaneously connects to a wired network, it becomes a convenient entry point to a corporate network.
Impersonating a user is a serious threat to any network, not just wireless. However, in the case of wireless communication, determining the authenticity of the user is more difficult. There are network identifiers (SSID) and filtering MAC addresses in place, but both are broadcasted in clear text in service packets and can be intercepted. Impersonation allows attackers to insert wrong frames to authorized communications and carry out an attack on a corporate infrastructure.
The fact that many laptop users prefer switching to WLANs if they are dissatisfied with the quality of the wired network service (weak connection, URL-filtering, or port-filtering) increases the risk. In most cases, operating systems do it automatically when a wired network is down.
The last threat that we would like to mention is Denial of Service (DoS). The aim of a typical DoS attack is the violation of network service availability or a complete blocking of an authorized client access. Such an attack can be carried out, for example, by flooding a network with de-authentication or "junk" packets sent from a spoofed address. Tracking an attack source in this case is not an easy task. In addition, there is a possibility to organize a DoS attack on the physical level, running a fairly powerful jammer in the special frequency range.
Wi-Fi media specifics
Despite the wide variety of wireless technologies, the overwhelming majority of corporate and personal networking communications are based on Wi-Fi technology and this is the reason why we are going deep into this certain type of wireless technology.
Wi-Fi is prone to all threats mentioned earlier that are common for all the wireless technologies—the absence of any cables or other physical connections between clients and network devices creates great mobility for users, but also become the root cause for the most of Wi-Fi security flaws and challenges. This is both the main advantage and the main disadvantage of WLANs.
The first specification of Wi-Fi, the 802.11 standard, regulates operation of the equipment at a center frequency of 2.4 GHz with a maximum speed of up to 2 Mbit/s and was approved in 1997.
The standards of the 802.11 family regulate architectures of networks and devices, and describe the first and second of seven layers of the OSI model, along with the interaction protocols. The standards specify the base frequency, modulation techniques, and spread spectrum at the physical level.
The IEEE 802.11 standards strictly regulate only the two lower levels of the OSI model: the physical and data link layers that determine the specific features of local networks. The upper OSI levels are the same in wireless and wired LANs:
Levels of the OSI model
The need to distinguish features of various LANs is reflected by separating the data link layer into two sublayers: Logical Link Control (LLC) and Media Access Control (MAC). The MAC layer provides correct sharing of the overall environment. After gaining access to the environment it may use the higher LLC, which implements the functions of the interface with an adjacent network layer. In the 802.11 standard, MAC is similar to the implementation of Ethernet networks. The fundamental difference is that the 802.11 uses a half-duplex transceiver and cannot detect collisions during communication sessions. MAC uses a special protocol Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA) in the 802.11 standard or the distributed coordination function (DCF). Moreover, 802.11 MAC supports two modes of energy consumption: continuous operation mode and the saving mode.
The 802.11 standard was updated to the standard 802.11b version in 1999, which operates on the same main frequency of 2.4 GHz with a maximum speed of up to 22 Mbit/s.
The base architecture, ideology, and characteristics of the new 802.11b standard are similar to the original version of 802.11, and only the physical layer with a higher access speed and data transmission layer have been changed.
The standard also introduces error corrections and the possibility to work in conditions of strong interference and weak signal. For this purpose, the standard describes automatic methods of data transmission speed modification based on current signal strength and interference. The development of the Wi-Fi technology has drastically increased the number of different wireless devices in the world and created the problem of interference and congestion at the 2.4 GHz band due to the fact that such devices as microwave ovens, mobile phones and Bluetooth equipment noticeably influence each other.
The 802.11a standard (operating on a 5 GHz frequency band) was developed to unload the 2.4 GHz band. There are fewer sources of interference in the new range comparing to the 2.4 GHz band and the average level of noise is much lower. The 802.11a standard uses two basic frequencies around 5 GHz and a maximum data transfer rate of up to 54 Mbit/s.
It should be mentioned that the 5 GHz band is adjacent to the frequencies that are partly used for satellite and microwave communications. To eliminate interference between Wi-Fi equipment and the other departmental systems, the European Telecommunications Standards Institute (ETSI) has developed two additional protocols: Dynamic Frequency Selection (DFS) and Transmit Power Control (TPC). Wi-Fi devices can automatically change frequency channels or decrease transmission power in the case of conflict on the carrier frequencies using these protocols.
The next step in the development of Wi-Fi is the standard 802.11g, approved in 2003. 802.11g is an improved version of 802.11b and is designed for devices operating at frequencies of 2.4 GHz with a maximum speed of 54 Mbit/s.
Now, the 802.11n standard has become the most widely used Wi-Fi technology. The developers have attempted to combine all the good features that were implemented in the previous versions in this new one. The 802.11n standard is designed for equipment operating at center frequencies of 2.4 GHz to 5 GHz as quickly as possible up to 600 Mbit/s. This standard was approved by the IEEE in September 2009. The standard is based on the technology of MIMO-OFDM. In IEEE, the maximum data rate of 802.11n is several times greater than the previous ones. This is achieved by doubling the width of the channel from 20 MHz to 40 MHz and due to implementation of MIMO technology with multiple antennas.
The last standard, which is rapidly gaining popularity, is 802.11ac. It is a wireless network standard adopted in January 2014. It operates in the 5 GHz frequency band and is backward compatible with IEEE 802.11n.
