Gio vin hng dn : NGUYN TRUNG DNG Sinh vin thc hin : NGUYN HUY BC Lp : Chuyn 2B K44
H NI - 2004 Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 2
LI M U............................................................................................................ 7 PHN I....................................................................................................................... 9 GII THIU V WIRELESS LAN........................................................................ 9 I. TNG QUAN V WLAN..................................................................................... 9 1. Tng quan:...........................................................................................................9 2. Cng ngh s dng:.............................................................................................9 3. i tng s dng: ............................................................................................10 4. a im lp t: ...............................................................................................11 5. Kh nng ng dng ti Vit Nam:.....................................................................11 II/ PHNG N K THUT............................................................................... 11 1. Tng quan:.........................................................................................................11 2. Cc tnh nng ca WLAN 802.11 .....................................................................14 3. Truy nhp knh truyn, c ch a truy nhp CSMA/CA:.................................18 4. K thut iu ch:..............................................................................................22 5. K thut truy nhp: ............................................................................................26 6. K thut v tuyn ..............................................................................................27 7. Vn bo mt:.................................................................................................32 III/ PHNG N TRUYN DN N IM T HOTSPOT DNG XDSL-WAN............................................................................................................. 33 1. Phng n truyn dn:.......................................................................................33 IV/ M HNH U NI CHO CC HOTSPOT............................................... 34 1. Cc k thut trong m hnh Wireless hotspot: ..................................................34 2. M hnh trin khai ca Subscriber Gateway: ....................................................35 3. M hnh u ni ca cc hotspot:......................................................................36 PHN II ................................................................................................................... 38 BO MT MNG LAN KHNG DY............................................................... 38 I/ WEP, WIRED EQUIVALENT PRIVACY...................................................... 38 1. Ti sao Wep c la chn...............................................................................40 2. Cha kha wep...................................................................................................40 3. SERVER qun l cha kha m ha tp trung ..................................................42 4. Cch s dng Wep.............................................................................................43 II/ LC..................................................................................................................... 45 1. Lc SSID...........................................................................................................45 2. Lc a ch MAC...............................................................................................46 3. Circumventing MAC Filters..............................................................................47 4. Lc giao thc.....................................................................................................48 III/ NHNG S TN CNG TRN WLAN...................................................... 49 1. Tn cng b ng...............................................................................................49 2. Tn cng ch ng ............................................................................................50 Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 3 3. Tn cng theo kiu chn p...............................................................................52 4. Tn cng bng cch thu ht...............................................................................53 IV/ CC GII PHP BO MT C NGH .......................................... 55 1. Qun l cha kha WEP ....................................................................................56 2. Wireless VPNs...................................................................................................56 3. K thut cha kha nhy....................................................................................58 4. Temporal Key Integrity Protocol (TKIP)..........................................................58 5. Nhng gii php da trn AES .........................................................................58 6. Wireless Gateways ............................................................................................59 7. 802.1x v giao thc chng thc m..................................................................59 V/ CHNH SCH BO MT................................................................................ 61 1. Bo mt cc thng tin nhy cm.......................................................................61 2. S an ton vt l................................................................................................62 3. Kim k thit b WLAN v kim nh s an ton.............................................63 4. S dng cc gii php bo mt tin tin............................................................63 5. Mng khng dy cng cng ..............................................................................63 6. S truy nhp c kim tra v gii hn ................................................................63 VI/ NHNG KHUYN CO V BO MT..................................................... 64 1. Wep....................................................................................................................64 2. nh c cell .......................................................................................................64 3. S chng thc ngi dng ................................................................................65 4. S bo mt cn thit ..........................................................................................66 5. S dng thm cc cng c bo mt ...................................................................66 6. Theo di cc phn cng tri php......................................................................66 7. Switches hay Hubs ............................................................................................66 8. Wireless DMZ...................................................................................................66 9. Cp nht cc vi chng trnh v cc phn mm................................................67 PH LC................................................................................................................. 68 CC THUT NG C S DNG...............................................................68 S nh v mt WLAN:........................................................................................... 70 Beacons:.................................................................................................................... 70 S ng b:............................................................................................................70 Tp hp cc tham s ca FH v DS: .....................................................................70 Thng tin v SSID: ................................................................................................70 Chng thc v lin kt: .......................................................................................... 70 Qu trnh chng thc h thng m:...................................................................... 71 Chng thc kha chia s: ....................................................................................... 72 Cc thit b c bn ca WLAN.............................................................................. 73 Access Point ............................................................................................................. 73 Anten c nh v anten c th tho ri ................................................................. 75 Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 4 B bin i cng sut u ra:................................................................................. 75 Cu ni khng dy .................................................................................................. 75 Nhm cu ni khng dy........................................................................................ 77 Cc thit b my khch ca WLAN....................................................................... 78 PCMCIA & Compact Flash Cards ........................................................................78 Wireless Ethernet & serial converter.....................................................................78 B tip hp USB....................................................................................................78 PCI & ISA Adapters..............................................................................................79 Wireless Residential Gateways .............................................................................79 Enterprise Wireless Gateway ................................................................................80 Cc Topo mng cn bn trong WLAN................................................................. 81 Tp dch v c bn c lp: Independent Basic Service Set (IBSS) ....................81 Tp dch v c bn: Basic Service Set (BSS) .......................................................81 Tp dch v m rng: Extended Service Set (ESS) ..............................................81 802.11 Frame Format [34 - 2344 bytes]................................................................. 82 802.11 Frame Control Field [16 bits] .................................................................... 82 Danh mc sch tham kho ..................................................................................... 83
Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 5
Danh mc hnh v Hnh 1: Vai tr v v tr ca Lan............................................................................ 9 Hnh 2: cu trc mng.......................................................................................... 10 Hnh 3: kh nng m rng mng ......................................................................... 12 Hnh 4: kh nng truy cp mng m khng phi i dy...................................... 12 Hnh 5: tin li trong vic xy dng mng trn min ni.................................... 13 Hnh 6: Ti ni c a hnh lng cho ................................................................. 13 Hnh 7: kh nng truy cp trong khi di chuyn ................................................... 13 Hnh 8: truy cp t nh ring............................................................................... 14 Hnh 9: truy cp t cc trng i hc ................................................................ 14 Hnh 10: V tr ca WLAN trn m hnh 7 lp ..................................................... 15 Hnh 11: S lin quan gia tc v bn knh ph sng...................................... 17 Hnh 12: Tc v s AP...................................................................................... 17 Hnh 13: Mt qu trnh truyn t A n B: ........................................................... 19 Hnh 14: u cui n............................................................................................. 19 Hnh 15: u cui hin.......................................................................................... 20 Hnh 16: Gii quyt vn u cui n ................................................................ 20 Hnh 17: Gii quyt vn u cui n ................................................................ 21 Hnh 18: Cc trng thi pha ca PSK.................................................................... 22 Hnh 19: Cc dng tn hiu iu ch...................................................................... 23 Hnh 20: S iu ch BPSK ............................................................................. 23 Hnh 21: Tn hiu iu ch BPSK......................................................................... 24 Hnh 22: B iu ch QPSK.................................................................................. 24 Hnh 23: Tn hiu bng hp ................................................................................... 27 Hnh 24: Nhy tn s ............................................................................................. 28 Hnh 25: Cc knh trong FHSS ............................................................................. 28 Hnh 26: Qu trnh tri v nn ph trong DSSS.................................................... 30 Hnh 27: B tr s knh pht trong mt khu vc ................................................... 31 Hnh 28: Kh nng s dng li tn s ca phng php DSSS ............................ 32 Hnh 29: Phng n truyn dn............................................................................. 34 Hnh 30: M hnh trin khai Gateway................................................................... 36 Hnh 31: M hnh u ni cc Hotspot.................................................................. 36 Hnh 32: S qu trnh m ha s dng WEP.................................................... 39 Hnh 33: S qu trnh gii m WEP ................................................................. 39 Hnh 34: Giao din nhp cha kha Wep............................................................... 41 Hnh 35: S h tr s dng nhiu cha kha WEP................................................ 42 Hnh 36: Cu hnh qun l cha kha m ha tp trung ........................................ 43 Hnh 37: Lc a ch MAC.................................................................................... 46 Hnh 38: Lc giao thc .......................................................................................... 48 Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 6 Hnh 39: Tn cng b ng .................................................................................... 49 Hnh 40: Qu trnh ly cha kha WEP ................................................................. 50 Hnh 41: Tn cng ch ng.................................................................................. 51 Hnh 42: Tn cng theo kiu chn p.................................................................... 52 Hnh 43: Man-in-the-middle attacks...................................................................... 54 Hnh 44: Trc cuc tn cng ............................................................................... 55 Hnh 45: V sau cuc tn cng.............................................................................. 55 Hnh 46: Wireless VPN......................................................................................... 57 Hnh 47: Qu trnh chng thc 802.1x-EAP......................................................... 60 Hnh 48: Wireless DeMilitarized Zone.................................................................. 67
Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 7
LI M U Cng ngh khng dy l mt phng php chuyn giao t im ny n im khc m khng s dng ng truyn vt l, m s dng radio, Cell, hng ngoi v v tinh. Mng khng dy ngy nay bt ngun t nhiu giai on pht trin. ca thng tin v tuyn, v nhng ng dng in bo v radio. Mc du mt vi pht minh xut hin t nhng nm 1800, nhng s pht trin ni bt t c vo k nguyn ca cng ngh in t, v chu nh hng ln ca nn kinh t hc hin i, cng nh cc khm ph trong lnh vc vt l. Cho n nay, mng khng dy t c nhng bc pht trin ng k. Ti mt s nc c nn cng ngh thng tin pht trin, mng khng dy thc s i vo cuc sng. Ch cn mt laptop, PDA hoc mt phng tin truy nhp mng khng dy bt k, bn c th truy nhp vo mng bt c ni u, trn c quan, trong nh, ngoi ng, trong qun cafe, trn my bay v.v, bt c ni u nm trong phm vi ph sng ca WLAN. Tuy nhin chnh s h tr truy nhp cng cng, cc phng tin truy nhp li a dng, n gin, cng nh phc tp, kch c cng c nhiu loi, em li s au u cho cc nh qun tr trong vn bo mt. Lm th no tch hp c cc bin php bo mt vo cc phng tin truy nhp, m vn m bo nhng tin ch nh nh gn, gi thnh, hoc vn m bo h tr truy cp cng cng.v.v. Trong tp ti liu nh b ny chng ta s c mt ci nhn tng quan v WLAN, lch s pht trin, chun thc hin, mt s c tnh k thut, cc phng php bo mt vn c v cc gii php c ngh. hon thnh tp ti liu ny, em xin cm n: Thy Nguyn Trung Dng, ging vin khoa in t vin thng, Trng i hc Bch Khoa-H Ni Anh Nguyn ng Hng, ph phng Tch hp v pht trin h thng, cng ty VDC Anh L Minh c, trng phng k thut, trung tm Saigonctt ch bo v gip em hon thnh tp ti liu ny. Ti cng xin cm n gia nh v bn b to iu kin, gip v ng vin ti trong qu trnh vit tp ti liu ny.
Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 8
Tp ti liu ny c chia lm hai phn Phn I: Gii thiu v WLAN Phn II: Bo mt mng WLAN Trong phn I trnh by mt ci nhn tng quan v Wlan, cng ngh s dng, cc chun, cc c tnh k thut, kh nng ng dng trn th trng Vit Nam. Phn ny cng cp n vn a truy nhp, CSMA/CA, k thut iu ch, k thut a truy nhp, FDMA, TDMA, v CDMA. Trong phn ny cng ni n vn tri ph, tri ph trc tip v tri ph nhy tn, v gii thiu s qua v cc phng php bo mt. Phn II i vo chi tit tng phng php bo mt, cc phng php c cng nhn chun cng nh cc phng php cn ang xem xt. Cc nguy c mt an ton i vi mng v cc bin php khc phc. Cui phn l mt vi khuyn ngh c a ra i vi ngi thc hin, nhm khc phc cc nhc im c hu ca cc phng php bo mt. Trong qu trnh lm, do iu kin thi gian v trnh c hn, bn cnh y li l mt cng ngh cn kh mi Vit Nam, nn t c iu kin tip xc vi cc thit b thc t, do khng trnh khi mt s sai st. V vy mong cc bn tham kho v ng gp kin dn hon thin tp ti liu ny. Mi kin ng gp xin lin lc theo a ch: Nguyn Huy Bc, 0953.334337 hoc qua hm th: bacnh@dts.com.vn. Ti xin chn thnh cm n!
Huy Bc, thng 05 nm 2004
Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 9 PHN I GII THIU V WIRELESS LAN I. TNG QUAN V WLAN 1. Tng quan: c ph chun ca IEEE 802.11 vo nm 1999, n nay Wireless Local Area Network (WLAN) tr ln pht trin mnh trn th gii, tuy nhin mt s nc m nn cng ngh thng tin mi pht trin nh Vit Nam hin nay th WLAN vn cn l mt cng ngh kh mi m cn c nghin cu v u t thch ng...
Hnh 1: Vai tr v v tr ca Lan 2. Cng ngh s dng: IEEE 802.11: WLAN l mt cng ngh internet khng dy tc cao theo chun 802.11 IEEE - Kch thc ph sng mi HOTSPOT: < 300m. Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 10 - Tn s: Tn s s dng ph bin: 802.11b, 2,4GHz (gii IMS), cng sut pht : 100mW, rng bng thng 22MHz. - Tc : 11Mbps vi chun 802.11b - Bo mt: WEP (Wired Equivalent Privacy) - H qun l: Radius (Remote Authentication Dial _ In User Service)
Hnh 2: cu trc mng 3. i tng s dng: - nhng nc pht trin WLAN c trin khai rng ri trong nhng phng hi ngh vn phng tp on, nhng kho hng ln, nhng lp hc c s dng Internet thm ch c nhng qun cafe. - Vi nhng nc nh Vit Nam th cc i tng ng quan tm l cc khch hng dng Laptop, Pocket PC: C th l cc doanh nhn, cc khch du lch - C dn: dng PC + card modem. - Nhng ngi dng di ng, Sinh vin, . . . Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 11 4. a im lp t: - Ti cc khu tp trung ng ngi nh: Cc vn phng, ta nh,trng i hc, sn bay, nh ga, sn vn ng, khu trin lm, khch sn, siu th, khu dn c. . . 5. Kh nng ng dng ti Vit Nam: - Vit nam l mt nc cng ngh thng tin ang trn pht trin nhanh chng, v vy tim nng khai thc l rt ln. - Hn th trong nhng nm va qua v nhng nm ti, Vit Nam l im n ca cc nh u t, cc khch du lch nc ngoi, nm 2003 va qua c cc gii th thao ln nh Seagames, Paragames .v.v. Cc khch quc t, du lch c Laptop cm card ni mng WLAN, hoc Laptop i mi Cetrino l i tng ngi dng. (theo boingo: nm 2005 90% Laptop c sn tnh nng kt ni mng WLAN m khng cn n card ring, M 27 triu trn tng s 36 triu doanh nhn c my tnh xch tay) - Dn c nm trong vng HOTSPOT dng card chuyn dng (di 100 USD) l i tng ca nh u t. - Nu c nhng chnh sch u t gim gi thch hp, th i tng sinh vin cc trng i hc s dng Laptop, PC, PDA, Pocket PC l i tng tim nng cn quan tm, cn pht trin s im HOTSPOT, gim gi cc, c chin dch xc tin, tip th. II/ PHNG N K THUT 1. Tng quan: WLAN l mt cng ngh truy cp mng bng rng khng dy theo chun ca 802.11 ca IEEE. c pht trin vi mc ch ban u l mt sn phm phc v gia nh v vn phng kt ni cc my tnh c nhn m khng cn dy, n cho php trao i d liu qua sng radio vi tc rt nhanh. L c hi cung cp ng truy cp internet bng thng rng ngy cng nhiu cc a im cng cng nh sn bay, ca hng cafe, nh ga, cc trung tm thng mi hay trung tm bo ch . Tiu chun IEEE 802.11 nh ngha c hai kiu c s h tng, vi s lng ti thiu cc im truy nhp trung tm ti mt mng hu tuyn, v mt ch l Peer-to-peer, trong mt tp hp nhng i v tuyn lin lc trc tip vi nhau m khng cn mt im truy nhp trung tm hoc mng v tuyn no. S hp dn ca WLAN l tnh linh hot ca chng. Chng c th m rng m rng truy cp ti cc mng cc b, nh Intranet, cng nh h tr Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 12 s truy nhp bng rng ti Internet ti cc Hotspot. WLAN c th cung cp kt ni khng dy nhanh chng v d dng ti cc my tnh, cc my mc hay cc h thng trong mt khu vc, ni m cc h thng c s h tng truyn thng c nh khng tn ti hoc ni m s truy nhp nh vy l khng c php. Ngi dung c th c nh hoc di ng hoc thm ch c th ang ngi trn mt phng tin chuyn ng. Mt vi hnh v sau s a ra cho ban ci nhn tng quan v kh nng ng dng ca WLAN: V kh nng s dng WLAN m rng mng hu tuyn thng thng, vi tc cao v tin li trong truy nhp mng
Hnh 3: kh nng m rng mng V kh nng truy cp mng trong cc ta nh, nh kho, bn bi m khng gp phi vn tn km v phc tp trong vic di dy
Hnh 4: kh nng truy cp mng m khng phi i dy Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 13
V kh nng n gin ha vic kt ni mng gia hai ta nh m gia chng l a hnh phc tp kh thi cng i vi mng thng thng
Hnh 5: tin li trong vic xy dng mng trn min ni hay cc khu vc c a hnh lng ging vn c th truy cp mng bnh thng nh cc ni khc
Hnh 6: Ti ni c a hnh lng cho v s tin li trong vic truy cp mng m vn c th di chuyn
Hnh 7: kh nng truy cp trong khi di chuyn Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 14 T cc vn phng, nh ring
Hnh 8: truy cp t nh ring n cc khu ln hn nhiu nh cc trng i hc, cc khu trung c u c th truy cp mng vi tc cao v qu trnh thit lp n gin
Hnh 9: truy cp t cc trng i hc 2. Cc tnh nng ca WLAN 802.11 WLAN l cng ngh thuc lp truy nhp (hnh v), n v bn cht l mt mng LAN c c ch trnh xung t CSMA/CA Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 15
Hnh 10: V tr ca WLAN trn m hnh 7 lp IEEE 802.11 gm c cc chun: - 802.11a: 56 GHz, 54Mbps, S dng phng php iu ch OFDM (Orthogonal Frequency Division Multiplexing), hot ng di tn 56 GHz, tc truyn d liu ln ti 54Mbps, hin chun ny ang c mt s hng u t hy vng chim lnh th trng thay cho chun 802.11b. - 802.11b: 2.4GHz, 11Mbps, DSSS y l mt chun kh ph bin, n hat ng di tn 2.4GHz, l di tn ISM (Industrial, Scientific v Medical). M, thit b hot ng di tn ny khng phi ng k. Tc truyn d liu c th ln n 11Mbps. Wi-Fi l tn gi ca cc dng sn phm tng thch vi chun 802.11b v c m bo bi t chc WECA (Wireless Ethernet Compatibility Alliance). - 802.11c: h tr cc khung (frame) thng tin ca 802.11. - 802.11d: cng h tr cc khung thng tin ca 802.11 nhng tun theo nhng tiu chun mi. - 802.11e: nng cao QoS lp MAC. - 802.11f: Inter Access Point Protocol - 802.11g: (2.4GHz, 54Mbps, OFDM): tng cng s dng di tn 2.4 GHz, n l phin bn nng cp ca chun 802.11b, c thng qua bi IEEE, tc truyn th ln ti 54Mbps nhng ch truyn c gia nhng i tng nm trong khong cch ngn. Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 16 - 802.11h: c thm tnh nng la chn knh t ng, Dynamic Channel Selection (DCS) v iu khin cng sut truyn dn (Transmit Power Control). - 802.1x: mt chun mi c cp nht v thc hin, n cung cp s iu khin truy cp mng trn cng c s. Mc d lc u IEEE thit k 802.1x cho thng tin hu tuyn, nhng c p dng cho WLANs cung cp mt vi s bo mt cn thit. Li ch chnh ca 802.1x i vi WLANs l n cung cp s chng thc ln nhau gia mt network v mt client ca n. - 802.11i: nng cao kh nng an ninh bo mt lp MAC, chun ny ang c hon thin, n s l mt nn tng vng chc cho cc chun WLAN sau ny. N cung cp nhiu dch v bo mt hn cho WLAN 802.11 bi nhng vn nh v gn lin vi c s iu khin phng tin truy nhp, Media Access Control (MAC), ln nhng lp vt l ca mng Wireless. Nhng kiu chng thc da trn nn tng l 802.1x v giao thc chng thc c th m rng Extensible Authentication Protocol (EAP), m c th cho php cc nh cung cp to ra mt vi kh nng chng thc khc. Trong thi gian sau 802.11i c th cung cp mt s thng nht s dng nhng tiu chun m ha tin tin,advanced encryption standard (AES) cho nhng dch v m ha ca n, nhng n s vn tng thch vi thut ton RC4 - 802.11j: l chun thng nht ton cu cho cc tiu chun: IEEE, ETSI, HiperLAN2, ARIB, HiSWANa. Vi cc chun 802.11, th chun 802.11b v 802.11g hot ng di tn 2.4GHZ, tuy nhin di tn s ISM l di tn s hot ng m khng cn cp php, do c th b giao thoa ng k vi cc phng tin nh xe cp cu, t cnh st, xe taxi, cng nh t nhng ngi dng khc v nhiu thit b gia nh v vn phng hot ng trong bng ISM. V l m chun 802.11a c a ra. Nhng tt c cc version khc li s dng di 2.4GHz, do kh nng tng thch ngc li l mt vn . 802.11a c nhng u im ni bt nh tc truyn d liu nhanh hn, trong khi 802.11b ch cung cp 3 knh c lp th 802.11a mc d khu vc ph sng nh hn, li c th cung cp ti 12 knh. Nhng bng thng ph thm ny c ngha rt qua trng trong vic chng nhiu sng khi thit k mng vi dung lng ti a. Mt im yu ca 802.11a l di ph sng hp, do chun ny s dng di tn 5GHz (tn s cng cao th di truyn tn hiu cng ngn). Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 17
Hnh 11: S lin quan gia tc v bn knh ph sng
Tc truyn d liu thp hn th phm vi hot ng ca AP rng hn, do vic la chn gia tc truyn v phm vi hot ng cn phi cn nhc, khi nh hng trc tip ti vic b tr cc AP.
Hnh 12: Tc v s AP Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 18 Xt trong cng mt phm vi ph sng, th nu yu cu tc l 2Mbps th ch cn b tr 6 AP, trong khi vi tc truyn yu cu l 5.5Mbps th phm vi ph sng bao ht khu vc trn th cn gp i s AP, 12 AP (h.v). Khi nim In-door v Out-door: In-door l khi nim dng v tuyn trong phm vi khng gian nh, nh trong mt ta nh. Out-door l khi nim dng v tuyn trong phm vi khng gian ln hn, vi WALN th bn knh n cc CPE ( Customer Premises Equipment) m n qun l c th t 540km. Vi khong cch nh hn 1km th thm ch CPE khng cn trong tm nhn thng (Light of Sight) vi AP. CPE l thit b truyn thng c nhn dng kt ni vi mng trong mt t chc. Thit b CPE bao gm cc thit PBX (Private Branch Exchange), cc ng in thoi, h thng kha, cc thit b fax, modem, thit b x l ting ni, v thit b truyn video. 3. Truy nhp knh truyn, c ch a truy nhp CSMA/CA: Mt trm khng dy mun truyn khung, u tin n s nghe trn mi trng khng dy xc nh hin c trm no ang truyn hay khng (nhy cm sng mang). Nu mi trng ny hin dang b chim, trm khng dy tnh ton mt khong tr lp li ngu nhin. Ngay sau khi thi gian tr tri qua, trm khng dy li nghe xem liu c trm no ang truyn hay khng. Bng cch to ra thi gian tr ngu nhin, nhiu trm ang mun truyn tin s khng c gng truyn li ti cng mt thi im (trnh xung t). Nhng va chm c th xy ra v khng ging nh Ethernet, chng khng th b pht hin bi cc node truyn dn. Do , 802.11b dng giao thc Request To Send (RTS)/ Clear To Send (CTS) vi tn hiu Acknowlegment (ACK) m bo rng mt khung no c gi v nhn thnh cng.
Important factors: Wait for silence Then talk Listen while talking. What do we do if theres 2 talkers? Backoff. Repeat
Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 19
Hnh 13: Mt qu trnh truyn t A n B:
Trong c ch CSMA/CA ta cn quan tm n hai vn l u cui n (Hidden Terminal) v u cui hin (Exposed Terminal).
Hnh 14: u cui n A ni chuyn vi B C cm nhn knh truyn C khng nghe thy A do C nm ngoi vng ph sng ca A C quyt nh ni chuyn vi B Ti B xy ra xung t
Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 20 u cui hin:
Hnh 15: u cui hin B ni chuyn vi A C mun ni chuyn vi D C cm nhn knh truyn v thy n ang bn C gi im lng (trong khi n hon ton c th ni chuyn vi D)
Gii quyt vn u cui n:
Hnh 16: Gii quyt vn u cui n
A gi RTS cho B B gi li CTS nu n sn sng nhn Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 21 C nghe thy CTS C khng ni chuyn vi B v ch i A gi d liu thnh cng cho B Trong trng hp ny nu C mun ni chuyn vi D th n hon ton c th gim cng sut cho ph hp Vn t ra l C phi ch bao lu th mi ni chuyn c vi B: Trong RTS m A gi cho B c cha di ca DATA m n mun gi. B cha thng tin chiu di ny trong gi CTS m n gi li A C, khi "nghe" thy gi CTS s bit c chiu di gi d liu v s dng n t thi gian km hm s truyn. Gii quyt vn u cui hin:
Hnh 17: Gii quyt vn u cui n B gi RTS cho A (bao trm c C) A gi li CTS cho B (nu A ri) C khng th nghe thy CTS ca A C coi rng A hoc "cht" hoc ngoi phm vi C ni chuyn bnh thng vi D Tuy nhin cn c vn xy ra: Gi RTS c th b xung t, v d: C v A cng nhn thy c th truyn cho B v cng gi RTS cho B, ti B s c xung t, nhng xung t ny khng nghim trng nh xung t gi DATA bi chiu di gi RTS thng nh hn nhiu DATA. Tuy nhin nhng gi CTS c th gy giao thoa, nu kch thc ca gi RTS/CTS nh ca DATA thi iu ny rt ng quan tm. Vn ny c khc phc bng cch to ra mt khong thi gian tr lp li ngu nhin (nh trn trnh by). Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 22 4. K thut iu ch: K thut iu ch s SHIFT KEYING Hin nay, c rt nhiu phng thc thc hin iu ch s Shift Keying nh: ASK, FSK, PSK . . . Qu trnh iu ch c thc hin bi kha chuyn (keying) gia hai trng thi (states), mt cch l thuyt th mt trng thi s l 0 cn mt trng thi s l 1, (chui 0/1 trc khi iu ch l chui s c m ha ng truyn). PSK c pht trin trong sut thi k u ca chng trnh pht trin v tr v ngy nay c s dng rng ri trong cc h thng thng tin qun s v thng mi. N to ra xc sut li thp nht vi mc tn hiu thu cho trc khi o mt chu k du hiu. a/ Nguyn l c bn ca iu ch PSK Dng xung nh phn coi nh l u vo ca b iu ch PSK s bin i v pha dng tn hiu ra thnh mt trng thi xc nh trc, v do tn hiu ra c biu th bng phng trnh sau
i=1,2,...,M M=2N, s lng trng thi pha cho php N= S lng cc bit s liu cn thit thit k trng thi pha M Nhn chung th c 3 k thut iu ch PSK: khi M=2 th l BPSK, khi M=4 th l QPSK v khi M=8 th l 8(phi)-PSK. Cc trng thi pha ca chng c minh ho trn hnh .
Hnh 18: Cc trng thi pha ca PSK Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 23 y cn ghi nh rng khi s lng cc trng thi pha tng ln th tc bit cng tng nhng tc boud vn gi nguyn. Tuy nhin mun tng tc s liu th phi tr gi. Ngha l, yu cu v SNR tng ln gia nguyn c BER (t l li bit). PSK/Binary PSK (Phase Shifp Keying - Kha chuyn dch pha): y l phng php thng dng nht, tn hiu sng mang c c iu ch da vo chui nh phn, tn hiu iu ch c bin khng i v bin i gia hai trng thi 0 0 v 180 0 , mi trng thi ca tn hiu iu ch c gi l mt symbol.
Hnh 19: Cc dng tn hiu iu ch
Hnh 20: S iu ch BPSK Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 24
Hnh 21: Tn hiu iu ch BPSK QPSK (Quardrature Phase Shift Keying): phng php BPSK, mi symbol bin din cho mt bit nh phn. Nu mi symbol ny biu din nhiu hn 1 bit, th s t c mt tc bit ln hn. Vi QPSKs gp i s data throughput ca PSK vi cng mt bng thng bng cch mi symbol mang 2 bits. Nh vy trng thi phase ca tn hiu iu ch s chuyn i gia cc gi tr -90 0 , 0 0 , 90 0 v 180 0 .
Hnh 22: B iu ch QPSK
Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 25 CCK (Complementary Code Keying): CCK l mt l mt k thut iu ch pht trin t iu ch QPSK, nhng tc bit t n 11Mbps vi cng mt bng thng (hay dng sng) nh QPSK. y l mt k thut iu ch rt ph hp cho cc ng dng bng rng. Theo chun IEEE802.11b, iu ch CCK dng chui s gi ngu nhin complementary spreading code c chiu di m l 8 v tc chipping rate l 11Mchip/s. 8 complex chips s kt hp to thnh mt symbol n (nh trong QPSK 4 symbol). Khi tc symbol l 1,375MSymbol/s th tc d liu s t c: 1,375x8=11Mbps vi cng bng thng xp x nh iu ch QPSK tc 2Mbps. 4.1 K thut iu ch song cng (DUPLEX SCHEME) Trong cc h thng im-a im, hin nay tn ti hai k thut song cng (hot ng c chiu ln v chiu xung, upstream v downstream) l: Phn chia theo tn s (Frequency Division Duplexing, FDD): K thut ny cho php chia tn s s dng ra lm hai knh ring bit: mt knh cho chiu xung v mt knh cho chiu ln. Phn chia theo thi gian (Time Division Duplexing, TDD): K thut ny mi hn, cho php lu lng lu thng theo c hai chiu trong cng mt knh, nhng ti cc khe thi gian khc nhau. Vic la chn FDD hay TDD ph thuc ch yu vo mc ch s dng chnh ca h thng, cc ng dng i xng (thoi-voice) hay khng i xng (d liu- data). K thut FDD s dng bng thng t ra khng hiu qu i vi cc ng dng d liu. Trong h thng s dng k thut FDD, bng thng cho mi chiu c phn chia mt cch c nh. Do , nu lu lng ch lu thng theo chiu xung (downstream), v d nh khi xem cc trang Web, th bng thng ca chiu ln (upstream) khng c s dng. iu ny li khng xy ra khi h thng c s dng cho cc ng dng thoi: Hai bn ni chuyn thng ni nhiu nh nghe, do bng thng ca hai chiu ln, xung c s dng xp x nh nhau. i vi cc ng dng truyn d liu tc cao hoc ng dng hnh nh th ch c bng thng chiu xung c s dng, cn chiu ln gn nh khng c s dng. i vi k thut TDD, s lng khe thi gian cho mi chiu thay i mt cch linh hot v thng xuyn. Khi lu lng chiu ln nhiu, s lng khe thi gian dnh cho chiu ln s c tng ln, v ngc li. Vi s gim st s lng khe thi gian cho mi chiu, h thng s dng k thut TDD h tr cho Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 26 s bng n thng lng truyn dn i vi c hai chiu. Nu mt trang Web ln ang c ti xung th cc khe thi gian ca chiu ln s c chuyn sang cp pht cho chiu xung. Nhc im ch yu ca k thut TDD l vic thay i chiu ca lu lng tn nhiu thi gian, vic cp pht khe thi gian l mt vn rt phc tp cho cc h thng phn mm. Hn na, k thut TDD yu cu s chnh xc cao v thi gian. Tt cc my trm trong khu vc ca mt h thng s dng k thut TDD cn c mt im thi gian tham chiu c th xc c nh chnh xc cc khe thi gian. Chnh iu ny lm gii hn phm vi a l bao ph i vi cc h thng im-a im. 5. K thut truy nhp: FDMA (Frequency Division Multiple Access) a truy nhp phn chia theo tn s Ph tn dng cho thng tin lin lc c chia thnh 2N di tn s k tip, cch nhau bi mt di tn phng v. Mi di tn s c gn cho mt knh lin lc, N di dnh cho lin lc hng ln, sau mt di tn phn cch l N di tn dnh cho lin lc hng xung. Mi CPE c cp pht mt i knh lin lc trong sut thi gian kt ni, nhiu giao thoa xy ra y l rt ng k. TDMA (Time Division Multiple Access) a truy nhp phn chia theo thi gian Ph tn s c chia thnh cc di tn lin lc, mi di tn ny c dng chung cho N knh lin lc. Mi knh lin lc l mt khe thi gian trong chu k mt khung. Lin lc c thc hin song cng theo mi hng thuc cc di tn lin lc khc nhau, iu ny s lm gim nhiu giao thoa mt cch ng k. CDMA (Code Divison Multiple Access) - a truy nhp phn chia theo m Mi CPE c gn mt m ring bit, vi k thut tri ph tn hiu gip cho cc CPE khng gy nhiu ln nhau trong iu kin ng thi dng chung mt di tn s. Di tn s tn hiu c th rng ti hng chc Mhz. S dng k thut tri ph phc tp cho php tn hiu v tuyn s dng c cng trng rt nh v chng pha inh hiu qu hn FDMA, TDMA. Bn cnh vic cc CPE trong cng mt trm gc s dng chung di tn s s gip cho cu trc h thng truyn dn thu pht v tuyn tr nn rt n gin. Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 27 6. K thut v tuyn Viba truyn thng Trong k thut vi ba truyn thng mi CPE s c cung cp mt hoc mt cp tn s bng hp hot ng. Di tn bng hp ny c dnh vnh vin cho thu bao ng k, mi tn hiu ca cc CPE khc lt vo trong di tn ny c coi l nhiu v lm nh hng n hot ng ca knh. Vic cp pht tn s nh trn lm hn ch s ngi s dng knh v tuyn v ti nguyn v tuyn l c hn. V v l di tn bng hp nn ng nhin s dn n s hn ch v tc ca knh truyn dn. Do viba truyn thng t ra ch thch hp cho cc ng dng thoi v d liu tc thp.
Hnh 23: Tn hiu bng hp
K thut tri ph Khi ti nguyn v tuyn ngy cng tr nn cn kit, ngi ta bt u phi p dng k thut tri ph nhm nng cao hiu nng s dng tn s. C hai k thut tri ph thng dng nht hin nay l FHSS v DSSS. Bng thng cho mi CPE s khng cn l mt di hp m s l ton b bng tn s, vic xc nh CPE thng qua mt m code ca mi CPE - m gi ngu nhin (PN sequence).
Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 28 FHSS (Frequency Hopping Spread Spectrum)
Hnh 24: Nhy tn s
Hnh 25: Cc knh trong FHSS Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 29 Tn hiu d liu c truyn trn mt di tn rng bng k thut truyn tn hiu trn nhng tn s sng mang khc nhau ti nhng thi im khc nhau. Khong cch gia cc tn s sng mang FHSS c qui nh trc, bng thng cho mi knh khong 1Mhz, trt t nhy tn c xc nh bng mt hm gi ngu nhin. FCC yu cu bng thng phi c chia t nht thnh 75 knh (subchannel). FHSS radio c gii hn ch gi mt lng nh d liu trn mi knh trong mt chu k thi gian xc nh, trc khi nhy sang knh tn s k tip trong chui nhy tn. Chu k thi gian ny gi l dwell time, thng c gi tr khong 400 microseconds. Sau mi bc nhy (hop) thit b thu pht cn phi thc hin ng b li (resynchronize) vi nhng tn s v tuyn khc trc khi c th truyn d liu. Mc ch ch yu ca vic nhy tn gi ngu nhin nh trn l trnh hin tng giao thoa tn hiu do knh d liu khng lm vic qu lu trn mt knh tn s c th no . Gi s nu nh xy ra nhiu giao thoa nghim trng trn mt tn s no trong chui nhy tn th n cng s nh hng khng nhiu n h thng. Bi qu trnh truyn ch c thc hin ti y trong mt khong thi gian nh. DSSS (Direct Sequence Spread Strectrum) DSSS cng thc hin vic tri ph tn hiu nh trn nhng theo mt k thut hon ton khc. Bng thng ca tn hiu thay v c truyn trn mt bng hp (narrow band) nh truyn thng vi ba, s c truyn trn mt khong tn s ln hn bng k thut m ha gi ngu nhin (Pseudo-Noise sequence).
Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 30
Hnh 26: Qu trnh tri v nn ph trong DSSS Tn hiu bng hp v tn hiu tri ph cng c pht vi mt cng sut v mt dng thng tin nhng mt ph cng sut (power density) ca tn hiu tri ph ln hn nhiu so vi tn hiu bng hp. Tn hiu d liu kt hp vi chui m gi ngu nhin trong qu trnh m ha s cho ra mt tn hiu vi bng thng m rng hn nhiu so vi tn hiu ban u nhng vi mc cng sut li thp hn. Mt u im ni bt ca k thut DSSS l kh nng d phng d liu. Bn trong tn hiu DSSS s gp d phng t nht 10 d liu ngun trong cng mt thi gian. Pha thu ch cn m bo thu tt c 1 trong 10 tn hiu d phng trn l thnh cng. Nu c tn hiu nhiu trong bng tn hot ng ca tn hiu DSSS, tn hiu nhiu ny c cng sut ln hn v s c hiu nh l mt tn hiu bng hp. Do , trong qu trnh gii m ti u thu, tn hiu nhiu ny s c tri ph v d dng loi b bi vic s l li (gain processing). X l li l qu trnh lm gim mt ph cng xut khi tn hiu c x l truyn v tng mt ph cng sut khi despread, vi mc ch chnh l lm tng t s S/N (Signal to Noise ratio). So snh FHSS v DSSS FH khng c qu trnh x l li do tn hiu khng c tri ph. V th n s phi dng nhiu cng xut hn c th truyn tn hiu vi cng mc S/N Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 31 so vi tn hiu DS. Tuy nhin ti ISM band theo quy nh c mc gii hn cng xut pht, do FH khng th c t S/N ging nh DS. Bn cnh vic dng FH rt kh khn trong vic ng b gia my pht v thu v c thi gian v tn s u yu cu cn phi c ng b. Trong khi DS ch cn ng b v thi gian ca cc chip. Chnh v vy FH s phi mt nhiu thi gian tm tn hiu hn, lm tng tr trong vic truyn d liu hn so vi DS. Nh vy chng ta c th thy DSSS l k thut tri ph c nhiu c im u vit hn hn FHSS. Theo chun 802.11b, th s dng 14 knh DS (Direct Sequence) trong di tn s 2,402GHz 2,483GHz, mi knh truyn rng 22MHz, nhng cc knh ch cch nhau 5MHz, v vy cc knh cnh nhau s gy giao thoa ln nhau, do trong mt khu vc ngi ta b ch cc knh truyn sao cho min tn s ca chng khng trng ln nhau, trong h thng 14 knh DS th ch c 3 knh m bo khng chng ln, v d nh trong hnh sau th cc knh 1, 6, 11 c s dng pht trong mt khu vc m khng gy nhiu giao thoa cho nhau:
Hnh 27: B tr s knh pht trong mt khu vc Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 32
Hnh 28: Kh nng s dng li tn s ca phng php DSSS Nh vy trong mt vng n tc bit vn chuyn n c th ln ti: 11Mbps x 3 = 33Mbps, thay v 11Mbps nh khi ch c mt knh truyn c s dng trong mt khu vc. 7. Vn bo mt: Chng thc qua h thng m (Open Authentication) y l hnh thc chng thc qua vic xc nh chnh xc SSIDs (Service Set Identifiers). Mt tp dch v m rng (ESS - Extended Service Set) gm 2 hoc nhiu hn cc im truy nhp khng dy c kt ni n cng mt mng c dy ) l mt phn on mng logic n ( cn c gi l mt mng con ) v c nhn dng bi SSID. Bt k mt CPE no khng c SSID hp l s khng c truy nhp ti ESS. Chng thc qua kho chia s (Shared-key Authentication) L kiu chng thc cho php kim tra xem mt khch hng khng dy ang c chng thc c bit v b mt chung khng. iu ny tng t vi kho chng thc c chia s trc trong Bo mt IP ( IPSec ). Chun 802.11 hin nay gi thit rng Kho dng chung c phn phi n cc tt c cc khch hng u cui thng qua mt knh bo mt ring, c lp vi tt c cc knh khc ca IEEE 802.11. Tuy nhin, hnh thc chng thc qua Kho chia s ni chung l khng an ton v khng c khuyn ngh s dng.
Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 33 Bo mt d liu thng qua WEP (Wired Equivalent Privacy) Vi thuc tnh c hu ca mng khng dy, truy nhp an ton ti lp vt l n mng khng dy l mt vn tng i kh khn. Bi v khng cn n mt cng vt l ring, bt c ngi no trong pham vi ca mt im truy nhp dch v khng dy cng c th gi v nhn khung cng nh theo di cc khung ang c gi khc. Chnh v th WEP (c nh ngha bi chun IEEE 802.11) c xy dng vi mc ch cung cp mc bo mt d liu tng ng vi cc mng c dy. Nu khng c WEP, vic nghe trm v pht hin gi t xa s tr nn rt d dng. WEP cung cp cc dch v bo mt d liu bng cch m ho d liu c gi gia cc node khng dy. M ho WEP dng lung mt m i xng RC4 vi t kho di 40 bit hoc104 bit. WEP cung cp ton vn ca d liu t cc li ngu nhin bng cch gp mt gi tr kim tra ton vn (ICV - Integrity Check Value) vo phn c m ho ca khung truyn khng dy. Vic xc nh v phn phi cc cha kho WEP khng c nh ngha v phi c phn phi thng qua mt knh an ton v c lp vi 802.11. Bo mt d liu thng qua EAP (Extensible Authentication Protocol) y l mt trong nhng hnh thc chng thc ng, kho chng thc c thay i gi tr mt cch ngu nhin mi ln chng thc hoc ti cc khong c chu k trong thi gian thc hin mt kt ni c chng thc. Ngoi ra, EAP cn xc nh chng thc qua RADIUS c ngha l: khi mt CPE mun kt ni vo mng th n s gi yu cu ti AP. AP s yu cu CPE gi cho n mt tn hiu Identify. Sau khi nhn c tn hiu Identify ca CPE, AP s gi tn hiu Identify ny ti server RADIUS tin hnh chng thc. Sau , RADIUS s tr li kt qu cho AP AP quyt nh c cho php CPE ng nhp hay khng. III/ PHNG N TRUYN DN N IM T HOTSPOT DNG XDSL-WAN 1. Phng n truyn dn: Cc im hotspot s c kt ni tp trung v trung tm qun l mng di s iu khin ca Subsscriber Gateway chung ra Internet. Phng thc truyn dn c la chn i vi m hnh ny s l dich v xDSL WAN. Da trn chun cng nghip ton cu ITU, gii php SHDSL s dng truyn d liu cn bng vi tc c th t t 192 Kbps ti 2.3Mbps trn mt i cp n. Thm vo , tn hiu SHDSL c kh nng truyn dn xa hn so vi cc kt ni s dng cng ngh ADSL v SDSL, cho php cc nh cung cp dch v tho mn nhu cu cc khch hng xa. S dng cng ngh ny, ti mi im truy cp hotspot phi c mt SHDSL router. Cng ging nh ADSL Router, SHDSL Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 34 Router cng c tch hp DHCP v NAT server bn trong. Cng ngh ny khin cho chi ph u t c gim i ng k do khng phi u t thm hai server ngoi phc v DHCP v NAT.
Hnh 29: Phng n truyn dn IV/ M HNH U NI CHO CC HOTSPOT 1. Cc k thut trong m hnh Wireless hotspot: i vi h thng Wi-Fi: mi trng truyn dn l mi trng sng, truyn tin theo cc chun 802.11a, 802.11b Thc cht y c th coi l mi trng broadcast, tt c cc my client ng vo vng ph sng u c th bt c tn hiu, cc AP t c kh nng iu khin c truy nhp. Cc Acces Point hin nay bt u c pht trin h tr chun bo mt thng tin trong mi trng Wireless l EAP (cc hng sn xut thit b a ra cc chun EAP khc nhau nh Cisco LEAP, Microsoft PEAP, Funk PEAP). Vi 802.1x cc AP c kh nng xc thc client, v acconting nhng hin ang cn rt nhiu hn ch nh: cc client phi c phn mm iu khin thch hp, AP khng c kh nng iu khin truy nhp nh Access Server trong mi trng Dial-up, AP c h tr RADIUS nhng do c nhng thng s k thut mi nn cha cho php c kh Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 35 nng s dng cc h thng database tp trung nh ORACLE do khng c kh nng cung cp dch v trn AP nh Access Server trong mi trng Dialup. Gii php c a ra l s dng thit b Subscriber Gateway: Subscriber Gateway s ng chn ti ng ra ca cc AP i Internet, mi trng sng s lun c cc AP cung cp cho bt c mt my trm no ng trong mi trng truyn sng. Nhng khi ngi s dng truy nhp vo mi trng sng ca mt Access point (AP) th ngay lp tc Subscriber Gateway s tin hnh vic xc thc thu bao. Ngi s dng s c iu khin t ng truy nhp vo mt trang Web xc thc c xy dng tch hp trn cc Subcriber Gateway. Ti y, username/password s c nhp vo. Subscriber Gateway lin lc vi AAA Server tp trung ti trung tm qun l iu hnh mng theo giao thc RADIUS ly thng tin v khch hng trong h thng c s d liu. Nu xc thc thnh cng th ngi s dng mi c php thng qua Subscriber Gateway i ra Internet, v thng tin tnh cc s c Subscriber Gateway gi v AAA Server. Subscriber Gateway cn c kh nng iu khin truy nhp theo thi gian thc, linh ng, cho php cung cp cc loi dch v a dng. 2. M hnh trin khai ca Subscriber Gateway: Yu cu ca Subcriber Gateway l n phi c t ti ng ra duy nht ca nhng h thng m n qun l, nh n mi c th iu khin c vic truy nhp thng tin ca khch hng. Phng n trong iu kin hin nay l dng Subcriber Gateway tp trung ti trung tm mng. - c im: Trong m hnh ny tt c cc im truy nhp (hotspot) phi kt ni tp trung v trung tm mng, sau i qua h thng Subcriber Gateway i ra Internet. H thng mng gia cc im truy nhp vi trung tm mng phi l mng ring khng lin quan ti Internet, ng ra Internet duy nht l qua h thng Subcriber Gateway.
Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 36
Hnh 30: M hnh trin khai Gateway - u im: Qun l tp trung, trao i thng tin AAA gia Subcriber Gateway v AAA Server ch l trao i thng tin trong mng ni b ng kt ni Internet tp trung d qun l. - Nhc im: Tt c lu lng u phi i qua WAN v Subcriber Gateway ti trung tm mng cho d thu bao l khng hp l, v khng c php i Internet, cc lu lng ny s lm gim hiu sut mng. 3. M hnh u ni ca cc hotspot: Trin khai theo m hnh tp trung, k thut truyn dn s dng u ni l SHDSL.
Hnh 31: M hnh u ni cc Hotspot Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 37 Trong m hnh ny cc im hotspot bao gm cc AP c kt ni v trung tm bng mt SHDSL Router. Cc chc nng DHCP v NAT s c thc hin trn cc Router.
Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 38 PHN II BO MT MNG LAN KHNG DY Wireless Lan vn khng phi l mt mng an ton, tuy nhin ngay c vi Wired Lan v Wan, nu bn khng c bin php bo mt th n cng khng an ton. Cha kha m ra s an ton ca WLAN v gi cho n c an ton l s thc hin v qun l n. o to ngi qun tr mt cch cn bn, trn nhng cng ngh tin tin l cch quan trng to s an ton cho WLAN. Trong phn ny chng ta s bn n bin php bo mt theo chun 802.11 bit, WEP. Tuy nhin bn thn WEP khng phi l ngn ng bo mt duy nht, mt mnh WEP khng th m bo an ton tuyt i cho WLAN. V vy m chng ta cn xem xt ti sao c s hn ch trong bo mt ca WEP, phm vi ng dng ca WEP, v cc bin php khc phc. Trong phn ny chng ta cng cp n mt vi bin php tn cng, t m ngi qun tr s a c ra cc bin php phng nga. Sau chng ta cng bn v cc bin php bo mt sn c, nhng cha c tha nhn chnh thc bi bt c chun 802. no. Cui cng chng ta cng a ra vi khuyn ngh v cc chnh sch bo mt cho WLAN. I/ WEP, WIRED EQUIVALENT PRIVACY WEP (Wired Equivalent Privacy) l mt thut ton m ha s dng qu trnh chng thc kha chia s cho vic chng thc ngi dng v m ha phn d liu truyn trn nhng phn on mng Lan khng dy. Chun IEEE 802.11 c bit s dng WEP. WEP l mt thut ton n gin, s dng b pht mt chui m ngu nhin, Pseudo Random Number Generator (PRNG) v dng m RC4. Trong vi nm, thut ton ny c bo mt v khng sn c, thng 9 nm 1994, mt vi ngi a m ngun ca n ln mng. Mc d bay gi m ngun l sn c, nhng RC4 vn c ng k bi RSADSI. Chui m RC4 th m ha v gii m rt nhanh, n rt d thc hin, v n gin cc nh pht trin phn mm c th dng n m ha cc phn mm ca mnh. Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 39
Hnh 32: S qu trnh m ha s dng WEP
Hnh 33: S qu trnh gii m WEP ICV gi tr kim tra tnh ton vn Thut ton RC4 khng thc s thch hp cho WEP, n khng lm phng php bo mt duy nht cho mng 802.11. C hai loi 64 bit v 128 bit u c cng vector khi to, Initialization Vector (IV), l 24 bit. Vector khi to bng mt chui cc s 0, sau tng thm 1 sau mi gi dc gi. Vi mt mng hot ng lin tc, th s kho st ch ra rng, chui m ny c th s b trn trong vng na ngy, v th m vector ny cn c khi ng li t nht mi ln mt ngy, tc l cc bit li tr v 0. Khi WEP c s dng, vector khi to (IV) c truyn m khng c m ha cng vi mt gi c m ha. Vic phi khi ng li v truyn khng c m ha l nguyn nhn cho mt vi kiu tn cng sau: Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 40 - Tn cng ch ng chn gi tin mi: Mt trm di ng khng c php c th chn cc gi tin vo mng m c th hiu c, m khng cn gii m. - Tn cng ch ng gii m thng tin: Da vo s nh la im truy nhp. - Tn cng nh vo t in tn cng c xy dng: Sau khi thu thp thng tin, cha kha WEP co th b crack bng cc cng c phn mm min ph. Khi WEP key b crack, th vic gii m cc gi thi gian thc c th thc hin bng cch nghe cc gi Broadcast, s dng cha kha WEP. - Tn cng b ng gii m thng tin: S dng cc phn tch thng k gii m d liu ca WEP 1. Ti sao Wep c la chn WEP khng c an ton, vy ti sao WEP li c chn v a vo chun 802.11? Chun 802.11 a ra cc tiu chun cho mt vn c gi l bo mt, l: - C th xut khu - mnh - Kh nng tng thch - Kh nng c tnh c - Ty chn, khng bt buc WEP hi t cc yu t ny, khi c a vo thc hin, WEP d nh h tr bo mt cho mc ch tin cy, iu khin truy nhp, v ton vn d liu. Ngi ta thy rng WEP khng phi l gii php bo mt y cho WLAN, tuy nhin cc thit b khng dy u c h tr kh nng dng WEP, v iu c bit l h c th b sung cc bin php an ton cho WEP. Mi nh sn xut c th s dng WEP vi cc cch khc nhau. Nh chun Wi-fi ca WECA ch s dng t kha WEP 40 bit, mt vi hng sn xut la chn cch tng cng cho WEP, mt vi hng khc li s dng mt chun mi nh l 802.1X vi EAP hoc VPN. 2. Cha kha wep Vn ct li ca WEP l cha kha WEP (WEP key). WEP key l mt chui k t ch ci v s, c s dng cho hai mc ch cho WLAN (xem k hn trong phn ph lc v vai tr ca cha kha WEP, trong vn chng thc m v chng thc kha chia s): - Cha kha WEP c s dng xc nh s cho php ca mt Station Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 41 - Cha kha WEP dng m ha d liu. Khi mt client m s dng WEP c gng thc hin mt s xc thc v lin kt ti vi mt AP (Access Point). AP s xc thc xem Client c cha kha c xc thc hay khng, nu c, c ngha l Client phi c mt t kha l mt phn ca cha kha WEP, cha kha WEP ny phi c so khp trn c kt ni cui cng ca WLAN. Mt nh qun tr mng WLAN (Admin), c th phn phi WEP key bng tay hoc mt phng php tin tin khc. H thng phn b WEP key c th n gin nh s thc hin kha tnh, hoc tin tin s dng Server qun l cha kha m ha tp trung. H thng WEP cng tin tin, cng ngn chn c kh nng b ph hoi, hack. WEP key tn ti hai loi, 64 bit v 128 bit, m i khi bn thy vit l 40 bit v 104 bit. L do ny l do c hai loi WEP key u s dng chung mt vector khi to, Initialization Vector (IV) 24 bit v mt t kha b mt 40 bit hoc 104 bit. Vic nhp WEP key vo client hoc cc thit b ph thuc nh l bridge hoc AP th rt n gin. N c cu hnh nh hnh v sau:
Hnh 34: Giao din nhp cha kha Wep Hu ht cc Client v AP c th a ra ng thi 4 WEP key, nhm h tr cho vic phn on mng. V d, nu h tr cho mt mng c 100 trm khch: a ra 4 WEP key thay v mt th c th phn s ngi dng ra lm 4 nhm ring bit, mi nhm 25, nu mt WEP key b mt, th ch phi thay i 25 Station v mt n hai AP thay v ton b mng. Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 42 Mt l do na cho vic dng nhiu WEP key, l nu mt Card tch hp c kha 64 bit v kha 128 bit, th n c th dng phng n ti u nht, ng thi nu h tr 128 bit th cng c th lm vic c vi cha kha 64 bit.
Hnh 35: S h tr s dng nhiu cha kha WEP Theo chun 802.11, th cha kha Wep c s dng l cha kha Wep tnh. Nu chn Wep key tnh bn phi t gn mt wep key tnh cho mt AP hoc Client lin kt vi n, Wep key ny s khng bao gi thay i. N c th l mt phng php bo mt cn bn, n gin, thch hp cho nhng WLAN nh, nhng khng thch hp vi nhng mng WLAN quy m ln hn. Nu ch s dng Wep tnh th rt d dn n s mt an ton. Xt trng hp nu mt ngi no lm mt Card mng WLAN ca h, card mng cha chng trnh c s m c th truy nhp vo WLAN cho ti khi kha tnh ca WLAN c thay i. 3. SERVER qun l cha kha m ha tp trung Vi nhng mng WLAN quy m ln s dng WEP nh mt phng php bo mt cn bn, server qun l cha kha m ha tp trung nn c s dng v nhng l do sau: - Qun l sinh cha kha tp trung - Qun l vic phn b cha kha mt cch tp trung Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 43 - Thay i cha kha lun phin - Gim bt cng vic cho nh qun l Bt k s lng thit b khc nhau no cng c th ng vai tr mt server qun l cha kha m ha tp trung. Bnh thng, khi s dng WEP, nhng cha kha (c to bi ngi qun tr) thng c nhp bng tay vo trong cc trm v cc AP. Khi s dng server qun l cha kha m ha tp trung, mt qu trnh t ng gia cc trm, AP v server qun l s thc hin vic trao cc cha kha WEP. Hnh sau m t cch thit lp mt h thng nh vy
Hnh 36: Cu hnh qun l cha kha m ha tp trung Server qun l cha kha m ha tp trung cho php sinh cha kha trn mi gi, mi phin, hoc cc phng php khc, ph thuc vo s thc hin ca cc nh sn xut. Phn phi cha kha WEP trn mi gi, mi cha kha mi s c gn vo phn cui ca cc kt ni cho mi gi c gi, trong khi , phn phi cha kha WEP trn mi phin s dng mt cha kha mi cho mi mt phin mi gia cc node. 4. Cch s dng Wep Khi WEP c khi to, d liu phn ti ca mi gi c gi, s dng WEP, c m ha; tuy nhin, phn header ca mi gi, bao gm a ch MAC, khng c m ha, tt c thng tin lp 3 bao gm a ch ngun v a ch ch c m ha bi WEP. Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 44 Khi mt AP gi ra ngoi nhng thng tin dn ng ca n trn mt WLAN ang s dng WEP, nhng thng tin ny khng c m ha. Hy nh rng, thng tin dn ng th khng bao gm bt c thng tin no ca lp 3. Khi cc gi c gi i m s dng m ha WEP, nhng gi ny phi c gii m. Qu trnh gii m ny chim cc chu k ca CPU, n lm gim ng k thng lng trn WLAN. Mt vi nh sn xut tch hp cc CPU trn cc AP ca h cho mc ch m ha v gii m WEP. Nhiu nh sn xut li tch hp c m ha v gii m trn mt phn mm v s dng cng CPU m c s dng cho qun l AP, chuyn tip gi. Nh tch hp WEP trong phn cng, mt AP c th duy tr thng lng 5Mbps hoc nhiu hn. Tuy nhin s bt li ca gii php ny l gi thnh ca AP tng ln hn so vi AP thng thng. WEP c th c thc hin nh mt phng php bo mt cn bn, nhng cc nh qun tr mng nn nm bt c nhng im yu ca WEP v cch khc phc chng. Cc Admin cng nn hiu rng, mi nh cung cp s dng WEP c th khc nhau, v vy gy ra tr ngi trong vic s dng phn cng ca nhiu nh cung cp. khc phc nhng khim khuyt ca WEP, chun m ha tin tin Advanced Encryption Standard (AES) ang c cng nhn nh mt s thay th thch hp cho thut ton RC4. AES s dng thut ton Rijndale (RINE-dale) vi nhng loi cha kha sau: - 128 bit - 192 bit - 256 bit AES c xt l mt phng php khng th crack bi hu ht ngi vit mt m, v NIST (National Institute of Standards and Technology) chn AES cho FIPS (Federal Information Processing Standard). Nh mt phn ci tin cho chun 802.11, 802.11i c xem xt s dng AES trong WEP v.2. AES, nu c ng bi 802.11i, s dng trong WEP v2, s c thc hin trong phn vi chng trnh v cc phn mm bi cc nh cung cp. Chng trnh c s trong AP v trong Client (Card v tuyn PCMCIA) s phi c nng cp h tr AES. Phn mm trm khch (cc driver v cc tin ch my khch) s h tr cu hnh AES cng vi cha kha b mt. Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 45 II/ LC Lc (Filtering) l mt c ch bo mt cn bn m c th dng b sung cho WEP v/hoc AES. Lc theo ngha en l chn nhng g khng mong mun v cho php nhng g c mong mun. Filter lm vic ging nh l mt danh sch truy nhp trn router: bng cch xc nh cc tham s m cc trm phi gn vo truy cp mng. Vi WLAN th vic xc nh xem cc my trm l ai v phi cu hnh nh th no. C ba loi cn bn ca Filtering c th thc hin trn WLAN - Lc SSID - Lc a ch MAC - Lc giao thc on ny s miu t mi loi ny l g, n c th lm g cho ngi qun tr v phi cu hnh n nh th no. 1. Lc SSID Lc SSID (SSID Filtering) l mt phng php lc s ng, v nn ch c dng cho hu ht cc iu khin truy nhp. SSID (Service Set Identifier) ch l mt thut ng khc cho tn mng. SSID ca mt trm WLAN phi khp vi SSID trn AP (ch c s, infracstructure mode) hoc ca cc trm khc (ch c bit, Ad-hoc mode) chng thc v lin kt Client thit lp dch v. V l do SSID c pht qung b trong nhng bn tin dn ng m AP hoc cc Station gi ra, nn d dng tm c SSID ca mt mng s dng mt b phn tch mng, Sniffer. Nhiu AP c kh nng ly cc SSID ca cc khung thng tin dn ng (beacon frame). Trong trng hp ny client phi so khp SSID lin kt vi AP. Khi mt h thng c cu hnh theo kiu ny, n c gi l h thng ng, closed system. Lc SSID c coi l mt phng php khng tin cy trong vic hn ch nhng ngi s dng tri php ca mt WLAN. Mt vi loi AP c kh nng g b SSID t nhng thng tin dn ng hoc cc thng tin kim tra. Trong trng hp ny, gia nhp dch v mt trm phi c SSID c cu hnh bng tay trong vic thit t cu hnh driver. Mt vi li chung do ngi s dng WLAN to ra khi thc hin SSID l: - S dng SSID mc nh: S thit lp ny l mt cch khc a ra thng tin v WLAN ca bn. N n gin s dng mt b phn tch mng ly a ch MAC khi ngun t AP, v sau xem MAC trong Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 46 bng OUI ca IEEE, bng ny lit k cc tin t a ch MAC khc nhau m c gn cho cc nh sn xut. Cch tt nht khc phc li ny l: Lun lun thay i SSID mc nh - Lm cho SSID c g lin quan n cng ty: Loi thit lp ny l mt mo him v bo mt v n lm n gin ha qu trnh mt hacker tm thy v tr vt l ca cng ty. Khi tm kim WLAN trong mt vng a l c bit th vic tm thy v tr vt l ca cng ty hon thnh mt na cng vic. Khi mt ngi qun tr s dng SSID m t tn lin quan n tn cty hoc t chc, vic tm thy WLAN s l rt d dng. Do hy nh rng: lun lun s dng SSID khng lin quan n Cng ty. - S dng SSID nh nhng phng tin bo mt mng WLAN: SSID phi c ngi dng thay i trong vic thit lp cu hnh vo mng. N nn c s dng nh mt phng tin phn on mng ch khng phi bo mt, v th hy: lun coi SSID ch nh mt ci tn mng. - Khng cn thit qung b cc SSID: Nu AP ca bn c kh nng chuyn SSID t cc thng tin dn ng v cc thng tin phn hi kim tra th hy cu hnh chng theo cch . Cu hnh ny ngn cn nhng ngi nghe v tnh khi vic gy ri hoc s dng WLAN ca bn. 2. Lc a ch MAC WLAN c th lc da vo a ch MAC ca cc trm khch. Hu ht tt c cc AP, thm ch c nhng ci r tin, u c chc nng lc MAC. Ngi qun tr mng c th bin tp, phn phi v bo tr mt danh sch nhng a ch MAC c php v lp trnh chng vo cc AP. Nu mt Card PC hoc nhng Client khc vi mt a ch MAC m khng trong danh sch a ch MAC ca AP, n s khng th n c im truy nhp . Hnh v:
Hnh 37: Lc a ch MAC Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 47 Tt nhin, lp trnh cc a ch MAC ca cc Client trong mng WLAN vo cc AP trn mt mng rng th khng thc t. B lc MAC c th c thc hin trn vi RADIUS Server thay v trn mi im truy nhp. Cch cu hnh ny lm cho lc MAC l mt gii php an ton, v do c kh nng c la chn nhiu hn. Vic nhp a ch MAC cng vi thng tin xc nh ngi s dng vo RADIUS kh l n gin, m c th phi c nhp bng bt c cch no, l mt gii php tt. RADIUS Server thng tr n cc ngun chng thc khc, v vy cc ngun chng thc khc phi c h tr b lc MAC. B lc MAC c th lm vic tt trong ch ngc li. Xt mt v d, mt ngi lm thu b vic v mang theo c Card Lan khng dy ca h. Card Wlan ny nm gi c cha kha WEP v b lc MAC v th khng th h cn c quyn s dng. Khi ngi qun tr c th loi b a ch MAC ca my khch ra khi danh sch cho php. Mc d Lc MAC trng c v l mt phng php bo mt tt, chng vn cn d b nh hng bi nhng thm nhp sau: - S n trm mt Card PC trong c mt b lc MAC ca AP - Vic thm d WLAN v sau gi mo vi mt a ch MAC thm nhp vo mng. Vi nhng mng gia nh hoc nhng mng trong vn phng nh, ni m c mt s lng nh cc trm khch, th vic dng b lc MAC l mt gii php bo mt hiu qa. V khng mt hacker thng minh no li tn hng gi truy nhp vo mt mng c gi tr s dng thp. 3. Circumventing MAC Filters a ch MAC ca Client WLAN thng c pht qung b bi cc AP v Bridge, ngay c khi s dng WEP. V th mt hacker m c th nghe c lu lng trn mng ca bn c th nhanh chng tm thy hu ht cc a ch MAC m c cho php trn mng khng dy ca bn. mt b phn tch mng thy c a ch MAC ca mt trm, trm phi truyn mt khung qua on mng khng dy, y chnh l c s a n vic xy dng mt phng php bo mt mng, to ng hm trong VPN, m s c cp phn sau. Mt vi card PC khng dy cho php thay i a ch MAC ca h thng qua phn mm hoc thm ch qua cch thay i cu hnh h thng. Mt hacker c danh sch cc a ch MAC cho php, c th d dng thay i a ch MAC ca card PC ph hp vi mt card PC trn mng ca bn, v do truy nhp ti ton b mng khng dy ca bn. Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 48 Do hai trm vi cng a ch MAC khng th ng thi tn ti trn mt WLAN, hacker phi tm mt a ch MAC ca mt trm m hin thi khng trn mng. Chnh trong thi gian trm di ng hoc my tnh sch tay khng c trn mng l thi gian m hacker c th truy nhp vo mng tt nht. Lc MAC nn c s dng khi kh thi, nhng khng phi l c ch bo mt duy nht trn my ca bn 4. Lc giao thc Mng Lan khng dy c th lc cc gi i qua mng da trn cc giao thc lp 2-7. Trong nhiu trng hp, cc nh sn xut lm cc b lc giao thc c th nh hnh c lp cho c nhng on mng hu tuyn v v tuyn ca AP. Tng tng mt hon cnh, trong mt nhm cu ni khng dy c t trn mt Remote building trong mt mng WLAN ca mt trng i hc m kt ni li ti AP ca ta nh k thut trung tm. V tt c nhng ngi s dng trong remote building chia s bng thng 5Mbs gia nhng ta nh ny, nn mt s lng ng k cc iu khin trn cc s dng ny phi c thc hin. Nu cc kt ni ny c ci t vi mc ch c bit ca s truy nhp internet ca ngi s dng, th b lc giao thc s loi tr tt c cc giao thc, ngoi tr SMTP, POP3, HTTP, HTTPS, FTP. . .
Hnh 38: Lc giao thc Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 49 III/ NHNG S TN CNG TRN WLAN Mt s tn cng c c th gy v hiu ha hoc c th tm cch truy nhp WLAN tri php theo mt vi cch. - Tn cng b ng (Nghe trm) Passive attacks - Tn cng ch ng (kt ni, d v cu hnh mng) Active attacks - Tn cng kiu chn p, Jamming attacks - Tn cng theo kiu thu ht, Man-in-the-middle attacks Trn y ch lit k mt vi kiu tn cng, trong mt vi kiu c th thc hin c theo nhiu cch khc nhau. 1. Tn cng b ng Nghe trm c l l phng php n gin nht, tuy nhin n vn c hiu qu i vi WLAN. Tn cng b ng nh mt cuc nghe trm, m khng pht hin c s c mt ca ngi nghe trm (hacker) trn hoc gn mng khi hacker khng thc s kt ni ti AP lng nghe cc gi tin truyn qua phn on mng khng dy. Nhng thit b phn tch mng hoc nhng ng dng khc c s dng ly thng tin ca WLAN t mt khong cch vi mt anten hng tnh
Hnh 39: Tn cng b ng Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 50 Phng php ny cho php hacker gi khong cch thun li khng b pht hin, nghe v thu nht thng tin qu gi.
Hnh 40: Qu trnh ly cha kha WEP C nhng ng dng c kh nng ly pass t cc Site HTTP, email, cc instant messenger, cc phin FTP, cc phin telnet m c gi di dng text khng c m ha. C nhng ng dng khc c th ly pass trn nhng phn on mng khng dy gia Client v Server cho mc ch truy nhp mng. Hy xem xt tc ng nu mt hacker tm c cch truy nhp ti mt domain ca ngi s dng, hacker s ng nhp vo domain ca ngi s dng v gy hu qu nghim trng trn mng. Tt nhin vic l do hacker thc hin, nhng ngi dng l ngi phi trc tip chu trch nhim, v gnh chu mi hu qu, v c th i ti ch mt vic. Xt mt tnh hung khc m trong HTTP hoc email password b ly trn nhng phn on mng khng dy, v sau c hacker s dng vi mc ch truy nhp ti WLAN . 2. Tn cng ch ng Nhng hacker c th s dng phng php tn cng ch ng thc hin mt vi chc nng trn mng. Mt s tn cng ch ng c th c dng tm cch truy nhp ti mt server ly nhng d liu quan trng, s dng s truy nhp ti mng internet ca t chc cho nhng mc ch c hi, thm ch thay i cu hnh c s h tng mng. Bng cch kt ni ti mt mng WLAN Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 51 thng qua mt AP, mt ngi s dng c th bt u thm nhp xu hn vo trong mng v thm ch lm thay i chnh mng khng dy . Chng hn mt hacker qua c b lc MAC, sau hacker c th tm cch ti AP v g b tt c cc b lc MAC, lm cho n d dng hn trong ln truy nhp tip theo. Ngi qun tr c th khng n s kin ny trong mt thi gian. Hnh di y m t mt kiu tn cng ch ng trn WLAN
Hnh 41: Tn cng ch ng Mt vi v d ca tn cng ch ng c th nh vic gi bomb, cc spam do cc spammer hoc cc doanh nghip i th mun truy nhp n h s ca bn. Sau khi thu c mt a ch IP t DHCP server ca bn, hacker c th gi hng ngn l th s dng kt ni Internet v ISPs email server ca bn m bn khng bit. Kiu tn cng ny c th l nguyn nhn m ISP ca bn ct kt ni cho email ca bn do s lm dng email, mc d li khng phi do bn gy ra. Mt i th c th ly bng danh sch khch hng, bng lng ca bn m khng b pht hin. Khi hacker c kt ni khng dy ti mng ca bn th anh ta cng c th truy cp vo mng hu tuyn trong vn phng, v hai s kin khng khc nhau nhiu. Nhng kt ni khng dy cho php hacker v tc , s truy nhp ti server, kt ni ti mng din rng, kt ni internet, ti desktop v laptop ca nhng ngi s dng.Vi mt vi cng c n gin, c th ly cc thng tin quan trng, Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 52 chim quyn ca ngi s dng, hoc thm ch ph hy mng bng cch cu hnh li mng. S dng cc server tm kim vi vic qut cc cng, to nhng phin rng chia s v c nhng server phc v vic c nh password, hacker khng th thay i c pass, nng cao cc tin ch v ngn chn kiu tn cng ny. 3. Tn cng theo kiu chn p Trong khi mt hacker s dng phng php tn cng b ng, ch ng ly thng tin t vic truy cp ti mng ca bn, tn cng theo kiu chn p, Jamming, l mt k thut s dng n gin ng mng ca bn. Tng t nh vic k ph hoi sp t mt s t chi dch v mt cch p o, s tn cng c nhm vo Web server, v vy mt WLAN c th ngng lm vic bi mt tn hiu RF p o. Tn hiu RF c th v tnh hoc c , v tn hiu c th di chuyn hoc c nh. Khi mt hacker thc hin mt cuc tn cng Jamming c ch , hacker c th s dng thit b WLAN nhng c nhiu kh nng hn l hacker s dng mt my pht tn hiu RF cng sut cao hoc my to sng qut.
Hnh 42: Tn cng theo kiu chn p
Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 53 loi b kiu tn cng ny, yu cu trc ht l tm c ngun pht tnh hiu RF , bng cch phn tch ph. C nhiu my phn tch ph trn th trng, nhng mt my phn tch ph cm tay v chy bng pin thi tin li hn c. Mt vi nh sn xut ch to nhng b phn tch ph cm tay, trong khi mt vi nh sn xut khc to ra cc phn mm phn tch ph cho ngi dng tch hp ngay trong cc thit b WLAN. Khi Jamming gy ra bi mt ngun c nh, khng ch , nh mt thp truyn thng hoc cc h thng hp php khc, th ngi qun tr WLAN c th phi xem xt n vic s dng b thit t cc tn s khc nhau. V d nu mt admin c trch nhim thit k v ci t mt mng RF trong mt khu phng rng, phc tp, th ngi cn phi xem xt mt cch k cng theo th t. Nu ngun giao thoa l mt in thoi, hoc cc thit b lm vic di tn 2,4Ghz, th admin c th s dng thit b di tn UNII, 5Ghz, thay v di tn 802.11b, 2,4Ghz v chia s di tn ISM 2,4Ghz vi cc thit b khc. S Jamming khng ch xy ra vi mi thit b m dng chung di tn 2,4Ghz. Jamming khng phi l s e da nghim trng v jamming khng th c thc hin ph bin bi hacker do vn gi c ca thit b, n qu t trong khi hacker ch tm thi v hiu ha c mng.. 4. Tn cng bng cch thu ht Kiu tn cng ny, Man-in-the-middle Attacks, l mt tnh trng m trong mt c nhn s dng mt AP chim ot s iu khin ca mt node di ng bng cch gi nhng tn hiu mnh hn nhng tn hiu hp php m AP ang gi ti nhng node . Sau node di ng kt hp vi AP tri php ny, gi cc d liu ca ngi xm nhp ny, c th l cc thng tin nhy cm. Hnh v sau a ra mt m hnh cho s tn cng kiu ny Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 54
Hnh 43: Man-in-the-middle attacks cc client lin kt vi AP tri php th cng sut ca AP phi cao hn nhiu ca cc AP khc trong khu vc v i khi phi l nguyn nhn tch cc cho cc user truy nhp ti. Vic mt kt ni vi AP hp php c th nh l mt vic tnh c trong qu trnh vo mng, v mt vi client s kt ni ti AP tri php mt cch ngu nhin. Ngi thc hin man-in-the-middle attack trc tin phi bit SSID m client s dng, v phi bit WEP key ca mng, nu n ang c s dng. Kt ni ngc (hng v pha mng li) t AP tri php c iu khin thng qua mt thit b client nh l PC card, hoc workgroup bridge. Nhiu khi man-in-the-middle attack c sp t s dng mt laptop vi hai PCMCIA card. Phn mm AP chy trn mt laptop m mt PC card c s dng nh l mt AP v PC card th hai c dng kt ni laptop ti gn AP hp php. Kiu cu hnh ny lm laptop thnh mt man-in-the-middle attack vn hnh gia client v AP hp php. Mt hacker theo kiu man-in-the-middle attack c th ly c cc thng tin c gi tr bng cch chy mt chng trnh phn tch mng trn laptop trong trng hp ny. Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 55
Hnh 44: Trc cuc tn cng
Hnh 45: V sau cuc tn cng Mt iu c bit vi kiu tn cng ny l ngi s dng khng th pht hin ra c cuc tn cng, v lng thng tin m thu nht c bng kiu tn cng ny l gii hn, n bng lng thng tin th phm ly c trong khi cn trn mng m khng b pht hin. Bin php tt nht ngn nga loi tn cng ny l bo mt lp vt l. IV/ CC GII PHP BO MT C NGH V WLAN vn khng phi l an ton, bn cnh WEP cng khng phi l phng php bo mt duy nht v hon ho cho WLAN, nn y l c hi quan trng a ra cc phng php bo mt b sung cho WLAN. Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 56 Nhng phng php bo mt ny c a ra, v tt nhin cn cha c cng nhn bi chun 802.11, tuy nhin c th ng vai tr quan trng trong mng Lan khng dy ca bn. Nh chun 802.1x c chp nhn bi IEEE nhng vn cha c chnh thc coi l mt phn ca h 802.11. Chun 802.11i th vn cn nm trn bn tho. 1. Qun l cha kha WEP Thay v s dng cha kha WEP tnh, m c th d dng b pht hin bi hacker. WLAN c th c bo mt hn bi vic thc hin cc cha kha trn tng phin hoc tng gi, s dng mt h thng phn phi cha kha tp trung. S phn phi cha kha WEP cho mi phin, mi gi s gn mt cha kha WEP mi cho c Client v AP cho mi phin hoc mi gi c gi gia chng. Trong khi kha ng thm nhiu overhead v gim bt lu lng, chng lm cho vic hack vo mng thng qua nhng on mng khng dy tr ln kh khn hn nhiu. Hacker c th phi d on chui cha kha m server phn phi cha kha ang dng, iu ny l rt kh. Hy nh l WEP ch bo v thng tin lp 3-7 v d liu phn ti, nhng khng m ha a ch MAC hoc cc thng tin dn ng. Mt b phn tch mng c th bt bt c thng tin no c truyn qung b trong bn tin dn ng t AP hoc bt c thng tin a ch MAC no trong nhng gi unicast t client. t mt server qun l cha kha m ha tp trung vo ch thch hp, ngi qun tr WLAN phi tm mt ng dng m thc hin nhim v ny, mua mt server vi mt h iu hnh thch hp, v cu hnh ng dng theo nhu cu. Qu trnh ny c th tn km v cn nhiu thi gi, ph thuc vo quy m trin khai. Tuy nhin chi ph s nhanh chng thu li c nh vic ngn nga nhng ph tn thit hi do hacker gy ra. 2. Wireless VPNs Nhng nh sn xut WLAN ngy cng tng cc chng trnh phc v mng ring o, VPN, trong cc AP, Gateway, cho php dng k thut VPN bo mt cho kt ni WLAN. Khi VPN server c xy dng vo AP, cc client s dng phn mm Off-the-shelf VPN, s dng cc giao thc nh PPTP hoc Ipsec hnh thnh mt ng hm trc tip ti AP. Trc tin client lin kt ti im truy nhp, sau quay s kt ni VPN, c yu cu thc hin client i qua c AP. Tt c lu lng c qua Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 57 thng qua ng hm, v c th c m ha thm mt lp an ton. Hnh sau y m t mt cu hnh mng nh vy:
Hnh 46: Wireless VPN S s dng PPTP vi nhng bo mt c chia s rt n gin thc hin v cung cp mt mc an ton hp l, c bit khi c thm m ha WEP. S s dng Ipsec vi nhng b mt dng chung hoc nhng s cho php l gii php chung ca s la chn gia nhng k nng bo mt trong phm vi hot ng ny. Khi VPN server c cung cp vo trong mt Gateway, qu trnh xy ra tng t, ch c iu sau khi client lin kt vi AP, ng hm VPN c thit lp vi thit b gateway thay v vi bn thn AP. Cng c nhng nh cung cp ang n gh ci tin cho nhng gii php VPN hin thi ca h (phn cng hoc phn mm) h tr cc client khng dy v cnh tranh tn th trng WLAN. Nhng thit b hoc nhng ng dng ny phc v trong cng kh nng nh gateway, gia nhng on v tuyn v mng li hu tuyn. Nhng gii php VPN khng dy kh n gin v kinh t. Nu mt admin cha c kinh nghim vi cc gii php VPN, th nn tham d mt Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 58 kha o to trc khi thc hin n. VPN m h tr cho WLAN c thit k mt cch kh n gin, c th c trin khai bi mt ngi ang tp s, chnh iu l gii ti sao cc thit b ny li ph bin nh vy i vi ngi dng. 3. K thut cha kha nhy Gn y, k thut cha kha nhy s dng m ha MD5 v nhng cha kha m ha thay i lin tc tr ln sn dng trong mi trng WLAN. Mng thay i lin tc, hops, t mt cha kha ny n mt cha kha khc thng thng 3 giy mt ln. Gii php ny yu cu phn cng ring v ch l gii php tm thi trong khi ch s chp thun chun bo mt tin tin 802.11i. Thut ton cha kha ny thc hin nh vy khc phc nhng nhc im ca WEP, nh vn v vector khi to. 4. Temporal Key Integrity Protocol (TKIP) TKIP thc cht l mt s ci tin WEP m vn gi nhng vn bo mt bit trong WEP ca chui dng s RC4. TKIP cung cp cch lm ri vector khi to chng li vic nghe ln cc gi mt cch th ng. N cng cung cp s kim tra tnh ton vn thng bo gip xc nh liu c phi mt ngi s dng khng hp php sa i nhng gi tin bng cch chn vo lu lng c th crack cha kha. TKIP bao gm s s dng cc cha kha ng chng li s n cp cc cha kha mt cch b ng, mt l hng ln trong chun WEP. TKIP c th thc hin thng qua cc vi chng trnh c nng cp cho AP v bridge cng nh nhng phn mm v vi chng trnh nng cp cho thit b client khng dy. TKIP ch r cc quy tc s dng vector khi to, cc th tc to li cha kha da trn 802.1x, s trn cha kha trn mi gi v m ton vn thng bo. S c s gim tnh thc thi khi s dng TKIP, tuy nhin b li l tnh bo mt c tng cng ng k, n to ra mt s cn bng hp l. 5. Nhng gii php da trn AES Nhng gii php da trn AES c th thay th WEP s dng RC4, nhng ch l tm thi. Mc d khng c sn phm no s dng AES ang c trn th trng, mt vi nh sn xut ang thc hin a chng ra th trng. Bn d tho 802.11i ch r s s dng ca AES, v xem xt cc ngi s dng trong vic s dng n. AES c v nh l mt b phn hon thnh chun ny. K thut m ha d liu ang thay i ti mt gii php mnh nh AES s tc ng ng k trn bo mt mng WLAN, nhng vn phi l gii php ph bin s dng trn nhng mng rng nh nhng server qun l cha kha m ha Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 59 tp trung t ng ha qu trnh trao i cha kha. Nu mt card v tuyn ca client b mt, m c nhng cha kha m ha AES, n khng quan trng vi vic AES mnh n mc no bi v th phm vn c th c c s truy nhp ti mng. 6. Wireless Gateways Trn wireless gateway by gi sn sng vi cng ngh VPN, nh l NT, DHCP, PPPoE, WEP, MAC filter v c l thm ch l mt filewall xy dng sn. Nhng thit b ny cho cc vn phng nh vi mt vi trm lm vic v dng chng kt ni ti internet. Gi ca nhng thit b ny rt thay i ph thuc vo phm vi nhng dch v c ngh. Nhng wireless gateway trn mng quy m ln hn l mt s thch nghi c bit ca VPN v server chng thc cho WLAN. Gateway ny nm trn on mng hu tuyn gia AP v mng hu tuyn. Nh tn ca n, gateway iu khin s truy nhp t WLAN ln on mng hu tuyn, v th trong khi mt hacker c th lng nghe hoc truy cp c ti on mng khng dy, gateway bo v h thng phn b hu tuyn khi s tn cng. Mt v d mt trng hp tt nht trin khai m hnh gateway nh vy c th l hon cnh sau: gi thit mt bnh vin s dng 40 AP trn vi tng ca bnh vin. Vn u t ca h vo y l kh ln, v th nu cc AP khng h tr cc bin php an ton m c th nng cp, th tng tnh bo mt, bnh vin phi thay ton b s AP. Trong khi nu h thu mt gateway th cng vic ny s n gin v tn km hn nhiu. Gateway ny c th c kt ni gia chuyn mch li v chuyn mch phn b (m ni ti AP) v c th ng vai tr ca server chng thc, server VPN m qua tt c cc client khng dy c th kt ni. Thay v trin khai tt c cc AP mi, mt (hoc nhiu hn ty thuc quy m mng) gateway c th c ci t ng sau cc AP. S dng kiu gateway ny cung cp mt s an ton thay cho nhm cc AP. a s cc gateway mng khng dy h tr mt mng cc giao thc nh PPTP, IPsec, L2TP, chng thc v thm ch c QoS. 7. 802.1x v giao thc chng thc m Chun 802.1x cung cp nhng chi tit k thut cho s iu khin truy nhp thng qua nhng cng c bn. S iu khin truy nhp thng qua nhng cng c bn c khi u, v vn ang c s dng vi chuyn mch Ethernet. Khi ngi dng th ni ti cng Ethernet, cng s t kt ni ca ngi s dng ch kha v ch i s xc nhn ngi s dng ca h thng chng thc. Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 60 Giao thc 802.1x c kt hp vo trong h thng WLAN v gn nh tr thnh mt chun gia nhng nh cung cp. Khi c kt hp giao thc chng thc m (EAP), 802.1x c th cung cp mt s chng thc trn mt mi trng an ton v linh hot. EAP, c nh ngha trc tin cho giao thc point-to-point (PPP), l mt giao thc chuyn i mt phng php chng thc. EAP c nh ngha trong RFC 2284 v nh ngha nhng c trng ca phng php chng thc, bao gm nhng vn ngi s dng c yu cu (password, certificate, v.v), giao thc c s dng (MD5, TLS, GMS, OTP, v.v), h tr sinh cha kha t ng v h tr s chng thc ln nhau. C l hin thi c c t loi EAP trn th trng, mt khi c nhng ngi s dng cng ngh v IEEE u khng ng bt k mt loi ring l no, hoc mt danh sch nh cc loi, t to ra mt chun. M hnh chng thc 802.1x-EAP thnh cng thc hin nh sau:
Hnh 47: Qu trnh chng thc 802.1x-EAP 1. Client yu cu lin kt ti AP 2. AP p li yu cu lin kt vi mt yu cu nhn dng EAP 3. Client gi p li yu cu nhn dng EAP cho AP Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 61 4. Thng tin p li yu cu nhn dng EAP ca client c chuyn ti Server chng thc 5. Server chng thc gi mt yu cu cho php ti AP 6. AP chuyn yu cu cho php ti client 7. Client gi tr li s cp php EAP ti AP 8. AP chuyn s tr li ti Server chng thc 9. Server chng thc gi mt thng bo thnh cng EAP ti AP 10. AP chuyn thng bo thnh cng ti client v t cng ca client trong ch forward. V/ CHNH SCH BO MT Mt cng ty m s dng WLAN nn c mt chnh sch bo mt thch hp. V d , nu khng c chnh sch ng n m cho kch thc cell khng thch hp, th s to iu kin cho hacker c c hi tt truy cp vo mng ti nhng im ngoi vng kim sot ca cty, nhng vn nm trong vng ph sng ca AP. Cc vn cn a ra trong chnh sch bo mt ca cng ty l cc vn v password, cha kha WEP, bo mt vt l, s s dng cc gii php bo mt tin tin, v nh gi phn cng WLAN. Danh sch ny tt nhin khng y , bi cc gii php an ton s thay i vi mi mt t chc. phc tp ca chnh sch bo mt ph thuc vo nhng yu cu an ton ca t chc cng nh l phm vi ca mng WLAN trong mng. Nhng li ch ca vic thc hin, bo tr mt chnh sch bo mt em li l vic ngn nga s n cp d liu, s ph hoi ca cc tp on cnh tranh, v c th pht hin v bt gi cc k xm nhp tri php. S bt u tt nht cho cc chnh sch bo mt l vic qun l. Cc chnh sch bo mt cn c xem xt v d on, v cn a vo cng vi cc ti liu xy dng tp on. Vic bo mt cho WLAN cn c phn b thch hp, v nhng ngi c giao trch nhim thc hin phi c o to mt cch quy m. i ng ny li phi thnh lp chng mc ti liu mt cch chi tit c th lm ti liu tham kho cho cc i ng k cn. 1. Bo mt cc thng tin nhy cm Mt vi thng tin nn ch c bit bi ngi qun tr mng l: - Username v password ca AP v Bridge - Nhng chui SNMP - Cha kha WEP - Danh sch a ch MAC Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 62 Nhng thng tin ny phi c ct gi bi mt ngi tin cy, c kinh nghim, nh ngi qun tr mng, l rt quan trng bi n l nhng thng tin nhy cm m nu l ra th c th l nguyn nhn ca s truy nhp tri php, hoc thm ch l s ph hy c mt mng. Nhng thng tin ny c th c ct gi trong nhiu kiu khc nhau. 2. S an ton vt l Mc d bo mt vt l khi s dng mng hu tuyn truyn thng l quan trng, thm ch quan trng hn cho mt cng ty s dng cng ngh WLAN. Nh cp t trc, mt ngi m c card PC wireless (v c th l mt anten) khng phi trong cng khu vc mng c th truy cp ti mng . Thm ch phn mm d tm s xm nhp khng ngn cn nhng hacker n cp thng tin nhy cm. S nghe ln khng li du vt trn mng bi v khng c kt ni no c thc hin. C nhng ng dng trn th trng by gi c th pht hin cc card mng trong ch pha tp (dng chung), truy nhp d liu m khng to kt ni. Khi WEP l gii php bo mt WLAN thch hp, nhng iu khin cht ch nn t trn nhng ngi dng m c s hu cc thit b client khng dy ca cng ty, khng cho php h mang cc thit b client ra khi cng ty. V cha kha WEP c gi trong cc chng trnh c s trn thit b client, bt k ni no c card, v th ;lm cho mi lin kt an ton ca mng yu nht. Ngi qun tr WLAN cn phi bit ai, u, khi no mi card PC c mang i. Thng nhng yu cu nh vy l qu gii hn ca mt ngi qun tr, ngi qun tr cn nhn ra rng, bn thn WEP khng phi l mt gii php an ton thch hp cho WLAN. K c vi s qun l cht nh vy, nu mt card b mt hoc b n trm, ngi c trch nhim vi card (ngi s dng) phi c yu cu bo co ngay vi ngi qun tr, c nhng bin php n phng thch hp. Nhng bin php ti thiu phi lm l t li b lc MAC, thay i cha kha WEP,v.v. Cho php nhm bo v qut nh k xung quanh khu vc cng ty pht hin nhng hot ng ng ng. Nhng nhn s ny c hun luyn nhn ra phn cng 802.11 v cnh gic cc nhn vin trong cng ty lun lun quan st nhng ngi khng trong cng ty ang trn quanh ta nh vi cc phn cng c bn ca 802.11 th cng rt hiu qu trong vic thu hp nguy c tn cng. Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 63 3. Kim k thit b WLAN v kim nh s an ton Nh mt s b sung ti chnh sch an ton vt l, tt c cc thit b WLAN cn c kim k u n lp chng mc cho php v khng cho php cc ngi s dng thit b WLAN truy nhp ti mng ca t chc. Nu mng qu ln v bao gm mt s lng ng k cc thit b khng dy th vic kim k nh k c th khng kh thi. Trong nhng trng hp nh vy th cn thit thc hin nhng gii php bo mt WLAN m khng da trn phn cng, nhng d nhin l vn da trn username v password hoc mt vi loi khc trong cc gii php bo mt khng da trn phn cng. Vi nhng mng khng dy trung bnh v nh, s kim k hng thng hoc hng qu gip pht hin nhng s mt mt cc phn cng. Qut nh k vi cc b phn tch mng pht hin cc thit b xm nhp, l cch rt tt bo mt mng WLAN. 4. S dng cc gii php bo mt tin tin Nhng t chc WLAN cn tn dng mt vi c ch bo mt tin tin c sn trn th trng. iu cng cn c cp trong chnh sch bo mt ca cng ty. V nhng cng ngh ny kh mi,cn c quyn v thng c s dng phi hp vi cc giao thc, cc cng ngh khc. Chng cn c lp thnh ti liu hng dn, nu c mt s xm phm xut hin, th ngi qun tr c th xc nh ni v cch m s xm nhp xut hin. Bi ch c s t c o to v bo mt WLAN, do nhng ngi ny l rt quan trng, v th chnh sch tin lng cng c cp n trong cc chnh sch bo mt ca cng ty, tp on. N cng l mt trong cc mc cn c lp ti liu chi tit. 5. Mng khng dy cng cng iu tt yu s xy ra l nhng ngi s dng ca cng ty vi nhng thng tin nhy cm ca h s kt ni t laptop ca h ti WLAN cng cng. iu ny cng nm trong chnh sch bo mt ca cng ty. Nhng ngi dng phi chy nhng phn mm firewall c nhn v cc phn mm chng virus trn laptop ca h. a s cc mng WLAN cng cng c t hoc khng c s bo mt no, nhm lm cho kt ni ca ngi dng n gin v gim bt s lng cc h tr k thut c yu cu. 6. S truy nhp c kim tra v gii hn Hu ht cc mng Lan ln u c mt vi phng php gii hn v kim tra s truy nhp ca ngi s dng. Tiu biu l mt h thng h tr chng thc, Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 64 s cp php, v cc dch v Accounting, (Authentication, Authorization, Accountting (AAA)) c trin khai. Nhng dch v AAA cho php t chc gn quyn s dng vo nhng lp c bit ca ngi dng. V d mt ngi dng tm thi c th ch c truy cp vo internet trong mt phm vi no . Vic qun l ngi s dng cn cho php xem xt ngi lm g trn mng, thi gian v chng mc h vo VI/ NHNG KHUYN CO V BO MT Nh mt s tm lc ca phn II, phn di y a ra vi khuyn co trong vic bo mt mng WLAN. 1. Wep Khng c ch tin cy vo WEP, khng c mt bin php no hon ton tt m bn c th ch dng n bo mt. Mt mi trng khng dy m ch c bo v bi WEP th khng phi l mt mi trng an ton. Khi s dng WEP khng c s dng cha kha WEP m lin quan n SSID hoc tn ca t chc lm cho cha kha WEP kh nh v kh lun ra. C nhiu trng hp trong thc t m cha kha WEP c th d dng on c nh vic xem SSID hoc tn ca t chc. WEP l mt gii php c hiu qa gim bt vic mt thng tin khi tnh c b nghe thy, bi ngi khng c cha kha WEP thch hp, do trnh c s truy nhp ca i tng ny. 2. nh c cell gim bt c hi nghe trm, ngi qun tr nn chc chn rng kch c cell ca AP phi thch hp. Phn ln hacker tm nhng ni m tn t thi gian v nng lng nht tm cch truy cp mng. V l do ny, rt quan trng khi khng cho php nhng AP pht ra nhng tn hiu ra ngoi khu vc an ton ca t chc, tr khi tuyt i cn thit. Vi AP cho php cu hnh mc cng sut u ra, do c th iu khin kch thc Cell RF xung quanh AP. Nu mt ngi nghe trm nm trong khu vc khng c bo v ca t chc v khng pht hin c mng ca bn, th mng ca bn khngphi l d b nh hng bi loi tn cng ny. C th ngi qun tr mng s dng cc thit b vi cng sut ln nht t thng lng ln v vng bao ph rng, nhng iu ny s phi tr gi bng vic Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 65 chi ph v cc bin php bo mt. V vy vi mi im truy nhp cn bit cc thng s nh cng sut, vng ph sng, kh nng iu khin kch thc cell. V vic iu khin bn knh cell cn phi c nghin cu cho k v lp thnh ti liu hng dn cng vi cu hnh ca AP hoc ca bridge cho mi vng. Trong vi trng hp c th cn thit t hai AP c kch c cell nh hn thay v mt AP trnh nhng tn hi khng nn c. C gng t AP ca bn v pha trung tm ca ta nh, n s gim thiu vic r tn hiu ra ngoi phm vi mong i. Nu bn ang s dng nhng anten ngoi, phi la chn ng loi anten c ch cho vic ti gin phm vi tn hiu. Tt cc AP khi khng s dng. Nhng iu ny s gim thiu nguy c b tn cng v gim nh gnh nng qun l mng 3. S chng thc ngi dng S chng thc ngi dng l mt mi lin kt yu nht ca WLAN, v chun 802.11 khng ch r bt k mt phng php chng thc no, l yu cu bt buc m ngi qun tr phi lm vi ngi s dng ngay khi thit lp c s h tng cho WLAN. S chng thc ngi dng da vo Username v Password, th thng minh, m thng bo, hoc mt vi loi bo mt no dng xc nh ngi dng, khng phi l phn cng. Gi php thc hin cn h tr s chng thc song hng gia Server chng thc v cc client khng dy, v d nh RADIUS server). RADIUS l chun khng chnh thc trong h thng chng thc ngi s dng. Cc AP gi nhng yu cu chng thc ngi s dng n mt RADIUS server, m c th hoc c mt c s d liu c gn sn hoc c th qua yu cu chng thc ti mt b iu khin vng, nh NDS server, active directory server, hoc thm ch l mt h thng c s d liu tng hp LDAP. Mt vi RADIUS vendor c nhng sn phm Radius hu hiu hn, h tr cc bn mi nht cho cc giao thc chng thc nh l nhiu loi EAP. Vic qun tr mt Radius server c th rt n gin nhng cng c th rt phc tp, ph thuc vo yu cu cn thc hin. Bi cc gii php bo mt khng dy rt nhy cm, do cn cn thn khi chn mt gii php Radius server chc chn rng ngi qun tr c th qun tr n hoc n c th lm vic hiu qa vi ngi qun tr Radius ang tn ti. Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 66 4. S bo mt cn thit Chn mt gii php bo mt m ph hp vi nhu cu v ngn sch ca t chc, cho c bay gi v mai sau. WLAN ang nhanh chng ph bin nh vy v s thc hin d dng. Mt WLAN bt u vi 1 AP v 5 client c th nhanh chng ln ti 15 AP v 300 client. Do cng mt c ch an ton lm vic cho mt AP l iu hon ton khng th chp nhn c cho 300 Ap, nh th s lm tng chi ph bo mt mt cch ng k. Trong trng hp ny, t chc cn c cc phng php bo mt cho c h thng nh: h thng pht hin xm nhp, firewalls, Radius server. Khi quyt nh cc gii php trn WLAN, th cc thit b ny xt v lu di, l mt nhn t quan trng gim chi ph. 5. S dng thm cc cng c bo mt Tn dng cc cng ngh sn c nh VPNs, firewall, h thng pht hin xm nhp, Intrusion Detection System (IDS), cc giao thc v cc chun nh 802.1x v EAP, v chng thc client vi Radius c th gip cc gii php an ton nm ngoi phm vi m chun 802.11 yu cu, v tha nhn. Gi v thi gian thc hin cc gii php ny thay i ty theo quy m thc hin. 6. Theo di cc phn cng tri php pht hin ra cc AP tri php, cc phin d cc AP cn c hoch nh c th nhng khng c cng b. Tch cc tm v xa b cc AP tri php s gi n nh cu hnh AP v lm tng tnh an ton. Vic ny c th c thc hin trong khi theo di mng mt cch bnh thng v hp l. Kiu theo di ny thm ch c th tm thy cc thit b b mt. 7. Switches hay Hubs Mt nguyn tc n gin khc l lun kt ni cc AP ti switch thay v hub, hub l thit b qung b, do d b mt pass v IP address. 8. Wireless DMZ tng khc trong vic thc hin bo mt cho nhng segment khng dy l thit lp mt vng ring cho mng khng dy, Wireless DeMilitarized Zone (WDMZ). To vng WDMZ s dng firewalls hoc router th c th rt tn km, ph thuc vo quy m, mc thc hin. WDMZ ni chung c thc hin vi nhng mi trng WLAN rng ln. Bi cc AP v c bn l cc thit b khng bo m v khng an ton, nn cn phi tch ra khi cc on mng khc bng thit b firewall. Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 67
Hnh 48: Wireless DeMilitarized Zone
9. Cp nht cc vi chng trnh v cc phn mm Cp nht vi chng trnh v driver trn AP v card khng dy ca bn. Lun lun s dng nhng chng trnh c s v driver mi nht trn AP v card khng dy ca bn. Thng th cc c tnh an ton, cc vn c bn s c c nh, b sung thm nhng c tnh mi, s khc phc cc l hng trong cc cp nht ny.
Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 68 PH LC CC THUT NG C S DNG AAA Authentication, Authorization, Accountting ACK Acknowlegment ADSL Asymmetric Digital Subscriber Line AES Advanced encryption standard AES Advanced Encryption Standard AP Access point ASK Amplitude shift keying CCK Complementary Code Keying CDMA Code Divison Multiple Access CPE Customer Premises Equipment CSMA/CA Carrier Sense Multiple Access /Collision Avoidance CTS Clear To Send DCS Dynamic Channel Selection DHCP Dynamic Host Configuration Protocol DSSS Direct Sequence Spread Strectrum EAP Extensible Authentication Protocol EAP Extensible Authentication Protocol ESS Extended Service Set FDD Frequency Division Duplexing FDMA Frequency Division Multiple Access FHSS Frequency Hopping Spread Spectrum FIPS Federal Information Processing Standard FSK Frequency Shift keying ICV Integrity Check Value IDS Intrusion Detection System IEEE Institute of Electrical and Electronics Engineers IMS Industrial, Scientific and Medical IV Initialization Vector MAC Media Access Control Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 69 NIST National Institute of Standards and Technology OFDM Orthogonal Frequency Division Multiplexing PCMCIA Personal Computer Memory Card International Association PDA Personal digital assistant PRNG Pseudo Random Number Generator PSK Phase Shifp Keying QoS Quality of Service QPSK Quardrature Phase Shift Keying RADIUS Remote Authentication Dial _ In User Service RTS Request To Send SSIDs Service Set Identifiers TDD Time Division Duplexing TDMA Time Division Multiple Access TKIP Temporal Key Integrity Protocol VPN Virtual Private Network WDMZ Wireless DeMilitarized Zone WECA Wireless Ethernet Compatibility Alliance uh WEP Wired Equivalent Privacy WEP Wired Equivalent Privacy Wi-fi Wireless fidelity
Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 70 S nh v mt WLAN: Mt my Client mun nh v mt WLAN th n s nghe trn mng tm kim nhng vt tin li bi AP, cc SSID hoc cc bn tin dn ng (Beacons). Qu trnh ny c gi l qut, c hai loi qut l: qut ch ng v qut b ng Beacons: Vit y l Beacon management frame, l cc khung ngn m c gi t AP ti cc my trm (Station) trong ch c s, hoc t cc trm ti cc trm trong ch c bit, thit lp v ng b thng tin v tuyn trn mng WLAN. Trong bn tin dn ng cha cc thng tin phc v: S ng b: Khi cc client nhn c bn tin dn ng, th chng s ng b ng h ca mnh vi ng h ca AP. Tp hp cc tham s ca FH v DS: Cha ng cc thng tin c bit phc v cho cng ngh tri ph: vi h thng FHSS, th l cc thng s v thi gin nhy v ngng. Cn vi DSSS, bn tin dn ng cha cc thng tin v knh truyn. Thng tin v SSID: Cc trm tm trong bn tin dn ng thng tin SSID ca mng m chng mun truy cp. Khi cc thng tin ny c tm thy, cc trm xem a ch MAC ca ni xut pht bn tin dn ng v gi yu cu chng thc lin kt vi im truy nhp. Nu mt trm c thit lp chp nhn bt c SSID no, trm s c gng truy cp n mng thng qua AP u tin m gi bn tin dn ng hoc thng qua AP c tn hiu tt nht trong trng hp c nhiu AP.
Chng thc v lin kt: Qu trnh ny c ba trng thi phn bit: 1. Khng chng thc v khng lin kt (Unauthenticated and unassociated) 2. Chng thc v khng lin kt (Authenticated and unassociated) 3. Chng thc v lin kt (Authenticated and associated)
Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 71 Xy ra theo s sau:
Qu trnh chng thc h thng m: Qu trnh ny thc hin n gin theo hai bc sau: 1. My client gi mt yu cu lin kt ti AP 2. AP chng thc my khch v gi mt tr li xc thc client c lin kt
Phng php ny th n gin v bo mt hn phng php chng thc kha chia s, phng php ny c 802.11 ci t mc nh trong cc thit b WLAN. S dng phng php ny mt trm c th lin kt vi bt c mt AP no s dng phng php chng thc h thng m khi n c SSID ng. SSID phi ph hp trn c AP v Client trc khi Client hon thnh qu trnh chng thc. Qu trnh chng thc h thng m dng cho c mi trng bo mt Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 72 v mi trng khng bo mt. Trong phng php ny th WEP ch c s dng m ha d liu, nu c. Chng thc kha chia s: Phng php ny bt buc phi dng WEP. Mt qu trnh chng thc kha chia s xy ra theo cc bc sau: 1. Mt clien gi yu cu lin kt ti AP, bc ny ging nh chng thc h thng m. 2. AP gi mt on vn bn ngu nhin ti Client, vn bn ny cha c m ha, v yu cu Client dng cha kha WEP ca n m ha. 3. Clien m ha vn bn vi cha kha WEP ca n v gi vn bn c m ha n AP. 4. AP s th gii m vn bn , xc nh xem cha kha WEP ca Client c hp l khng, nu c th n gi mt tr li cho php, cn nu khng, th n tr li bng mt thng bo khng cho php Client lin kt.
Nhn qua th phng php ny c v an ton hn phng php chng thc h thng m, nhng nu xem xt k th trong phng php ny, cha kha Wep c dng cho hai mc ch, chng thc v m ha d liu, y chnh l k h hacker c c hi thm nhp mng. Hacker s thu c hai tn hiu, vn bn cha m ha do AP gi v vn bn m ha, do Client gi, v t hai thng tin hacker c th gii m ra c cha kha WEP. Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 73
Cc thit b c bn ca WLAN Access Point Thit b ny l mt trong nhng thit b ph bin nht trong c s mng WLAN. N c vai tr l mt im truy nhp, cung cp cho khch hng mt im truy nhp vo trong mng. AP l mt thit b bn song cng. Hnh sau m t mt AP vi hai anten v v tr ca mt AP trong mng
Cc ch lm vic ca AP: AP lin lc vi cc my Client, vi mng hu tuyn, vi cc AP khc, theo ba ch m n c th c cu hnh: Ch gc, ch repeater, ch bridge Ch gc: Ch ny c cu hnh mc nh trong mng WLAN, n c dng khi AP c ni ti mt mng backbone, thng qua mng hu tuyn, thng l mng Ethernet.
Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 74
Ch cu ni Trong ch ny, AP ng vai tr nh mt cu ni khng dy, wireless bridge, thc t chng ng vai tr cu ni trong khi cu hnh chng theo cch ny. Ch mt s lng nh cc AP c chc nng cu ni, n l do vn gi c thit b. Vi vai tr l mt cu ni, th AP c s dng kt ni hai hay nhiu on mng vi nhau m khng cn dy.
Ch lp:
Trong ch b lp, AP s dng cung cp ng link khng dy n mng thng thng tt hn l cc kt ni thng thng
Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 75
Anten c nh v anten c th tho ri Ty thuc vo nhu cu ca ngi s dng m bn c th chn thit b anten c nh hoc anten c th tho ri. Mt anten m c th tho ri c s cho bn kh nng kt ni ti mt anten khc m khng cn quan tm lm ti di cable bn ang c Card v tuyn c th tho ri c Mt vi nh sn xut cho php bn c th thm hoc b card v tuyn trong khe cm PCMCIA trn AP. Mt vi AP c th c hai khe PCMCIA cho nhng chc nng c bit. C hai khe trong mt AP cho php mt card v tuyn ng vai tr mt im truy nhp, AP, trong khi card kia ng vai tr mt cu ni. Mt tin ch khc l c th s dng hai card nh cc AP c lp. Mi card ng vai tr mt AP c lp cho php mt ngi qun tr cung cp c cho gp i s ngi s dng trong cng mt phm vi vt l m khng phi dng hai AP. Tuy nhin khi cu hnh theo cch ny th m bo vn chng nhiu giao thoa, mi card v tuyn nn c cu hnh trn nhng knh khng chng ln ln nhau, v d nh knh 1 v knh 11. B bin i cng sut u ra: Cng sut u ra bin i cho php ngi qun tr iu khin cng sut m AP s dng pht tn hiu. iu khin cng sut u ra rt c ch trong vic cu hnh vt l mt mng. N c th tng cng sut u ra m rng phm vi kt ni ca cc khch hng, nhng ng thi cng c th iu chnh phm vi ph sng hp l, trnh s r r thng tin ra ngoi. Cu ni khng dy Mt cu ni khng dy cung cp kt ni gia hai phn on mng LAN hu tuyn, n c dng trong cu hnh point-to-point hoc cu hnh point-to- multipoint. Mt cu ni khng dy l mt thit b bn song cng, ch hot ng trn kt ni khng dy ca lp hai. Hnh sau a ra mt hnh nh ca cu ni khng dy, v v tr ca cu ni khng dy trn mng LAN khng dy.
Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 76
Cng nh AP, cu ni khng dy cng hot ng trong nhiu ch khc nhau: Ch gc: Trong ch ny mi cu ni trong nhm cu ni phi c thit lp nh mt cu ni gc. Mt cu ni gc ch c th lin lc vi nhng cu ni khng phi l gc v cc thit b Client khc m khng th lin kt vi cu ni gc khc.
Ch non - root Kt ni vi cu ni ch gc, theo cu hnh trn Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 77 Ch AP Mt vi nh sn xut cho php nhng ngi qun tr c th kt ni cc Client ti cu ni, lc ny cu ni ng vai tr nh mt AP. Ch lp Cu ni cng c th cu hnh nh mt b lp, ng vai tr kt ni hai mng vi nhau, cu ni lc ny phi l cu ni ch khng phi l ch gc.
Nhm cu ni khng dy Tng t v i khi nhm ln vi cu ni khng dy l nhm cu ni khng dy. S khc nhau c bn ca cu ni khng dy v nhm cu ni khng dy l nhm cu ni khng dy l mt thit b my khch. Nhm cu ni khng dy c vai tr kt ni cho mt nhm cc my khch ca on mng hu tuyn vi on mng v tuyn. Hnh v:
Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 78
Cc thit b my khch ca WLAN - PCMCIA v Card flash - Wireless Ethernet & serial converter - B tng hp USB, USB Adapter - PCI v ISA adapter PCMCIA & Compact Flash Cards y l thnh phn chung cho mi mng khng dy, thng c gi l PC card, thit b ny c dng trong laptop v PDA. PC card l thnh phn cung cp kt ni gia thit b client v mng. Server PC card nh mt modul v tuyn trong AP, Bridge, Workgroup bridges, USB adapters, PCI & ISA adapters, v thm ch c Server phc v in n. Hnh di y l PCMCIA card
Wireless Ethernet & serial converter
B tip hp USB USB adapter tr nn thng dng do kh nng kt ni n gin ca chng. Thit b my khch USB h tr plug-and-play. Mt vi USB client c card c th d dng rt ra c, trong khi mt vi ci khc th khng th rt card ra c.
Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 79
PCI & ISA Adapters
Wireless Residential Gateways Wireless gateway l mt thit b c thit k kt ni mt s lng nh cc node khng dy ti mt thit b n l ca lp 2 (mng v tuyn hoc hu tuyn) v lp 3 ca internet hoc ti mt mng khc. Nhiu nh sn xut tch hp c AP v Gateway trn mt thit b. c kt ni.
Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 80
Enterprise Wireless Gateway y l thit b m c th cung cp kh nng chng thc v kt ni c bit cho nhng client khng dy. N thch hp vi mt mng WLAN quy m ln, cung cp rt nhiu cc dch v c th qun l cho WLAN, nh gii hn tc , cht lng dch v (QoS) .v.v. Thit b gateway ny vn c mt CPU cng sut ln, v mt giao din Ethernet nhanh, n c th h tr nhiu AP, gi v nhn thng tin qua n. Gateway loi ny thng h tr nhiu loi WLAN hay WPAN nh cc thit b chun 802.11, Bluetooth, HomeRF, v nhiu loi na. V d ca mt Gateway ni trn v v tr ca n trong mng
Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 81 Cc Topo mng cn bn trong WLAN Tp dch v c bn c lp: Independent Basic Service Set (IBSS) Topo ny tham chiu ti cu hnh mng c lp, hay Ad-hoc, ca WLAN. Mt cu hnh IBSS tng t mt mng peer-to-peer m trong khng c mt node n no c chc nng nh mt server. IBSS WLAN bao gm mt s node hoc trm khng dy lin lc trc tip vi nhau trn cu hnh c s Ad-hoc, peer-to-peer. Nh vy n gm tp hp cc trm khng dy lin lc trc tip vi nhau m khng s dng bt c AP cng nh bt c kt ni no n mng hu tuyn. Cu trc ny hu ch cho vic thit lp nhanh chng v d dng mt mng WLAN ti nhng ni m c s h tng mng khng dy khng tn ti hoc khng c yu cu, nh phng trong khch sn, trung tm hi ngh, sn bay v.v. Topo mng loi ny che ph mt din tch gii hn v khng kt ni ti bt k mng rng hn no.
Tp dch v c bn: Basic Service Set (BSS) BSS bao gm t nht mt AP c kt ni ti c s h tng ca mng hu tuyn v mt tp cc trm khng dy cui (Infrastructure mode). Trong cu hnh ny AP ng vai tr nh mt server cho mt mng hoc knh WLAN n. Truyn thng gia node A v node B s thc hin t node A ti AP v sau t AP n node B. Tp dch v m rng: Extended Service Set (ESS) ESS bao gm mt nhm cc BSS gi ln nhau (mi ci cha ng AP) kt ni vi nhau theo h thng phn b. Distributed System (DS). Mc d h thng phn b c th l bt c kiu mng no nhng thng l mng Ethernet LAN. Nhng node di ng c th roam gia cc AP. Cu hnh ny ph hp vi nhng mng WLAN m yu cu truy nhp ti cc mng Lan hu tuyn cho cc dch v nh (files servers, Printer, Internet links) Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 82
802.11 Frame Format [34 - 2344 bytes]
802.11 Frame Control Field [16 bits]
Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 83 Danh mc sch tham kho 1. Wireless LAN Protokolle und Anwendungen 2. Introduction to Wireless Technology 3. Designing a Wireless Network 4. Building a Cisco Network Wireless LAN 5. Security problems and solutions in WLAN access zones 6. 802.11 Wireless Network 7. Building Wireless Community Networks 8. Hack broofing your Wireless Network 9. Cisco AVVID Wireless Design 10. IEEE Std 802.11-1999
Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 84 PHN III: QU TRNH CU HNH THIT B WIRELESS Tn thit b: Wireless-B, Broadband Router, 2.4GHz 802.11b Cc bc cu hnh Cc thng s c th v chc nng ca cc cng, nt, n led c trong ti liu i km thit b
t thit b ti trung tm khu vc ph sng, trnh cc vt cn (nh cp trong phn khuyn ngh). Kt ni cable mng vo cng internet (hnh v trn) v ni thit b mng ca bn vo trong 4 cng cn li: 1,2,3,4
Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 85 Cp ngun cho Router v cu hnh cho thit b theo cc bc sau: - Thit b ny mc nh a ch l 192.168.1.1, a ch ny nn thay i ngay khi cu hnh.
Nhp user name v password do nh sn xut cung cp
Thit lp cc thng s theo yu cu ca bn t SSID ch khng qung b: Wireless SSID Broadcast: Enabled Disabled
Wireless lan security Nguyn Huy Bc i Hc Bch Khoa H Ni 86
Vo Wireless Security t cha kha Wep:
Vo Wireless Network Access t bng a ch Mac, v xem cc thit b mng hin ang truy cp mng thng qua router
Ngoi ra bn cng c th t cc bin php bo mt nh: t bng lc a ch MAC, thay i SSID, gii hn s my tham gia mng trong mt thi gian, bng cch cp mt s gii hn cc a ch IP, v.v. Thng xuyn theo di cc my truy cp mng thng qua Router wireless, thay i password admin thng xuyn