do an qtm_hĐ-fix
TRANSCRIPT
-
7/31/2019 Do an QTM_H-fix
1/32
TRNG CAO NG CNG NGH V QUN TR SONADEZI
KHOA CNG NGH THNG TIN
N
ti: MNG LAN KHNG DY( WLAN)
Bin Ha, Thng 1 nm 2011
Gio vin hng dn:Hunh Phc DanhSinh vin thc hin :
1) Hong Ng nh
2) Bi Vn Nam
3) V Minh Hng
Lp : K5CNTT2
-
7/31/2019 Do an QTM_H-fix
2/32
MC LC
LI NI U.............................................................................................................3
CHNG I: TNG QUAN V MNG WIRELESS LAN...................................4
I.GII THIU V MNG WIRELESS LAN-WLAN............................................4
1. Wireless Lan l g....................................................................................................42. Lch s ra i ca Wireless lan..............................................................................4
2
-
7/31/2019 Do an QTM_H-fix
3/32
II.CC THIT B C BN V NG DNG CA H THNG WLAN.............5
1. Cc thit b c bn..................................................................................................5
1.1 Card mng khng dy(Wireless NIC).................................................................5
1.2 Cc im truy cp (Access point).........................................................................5
1.3 Bridge khng dy(Wbridge)................................................................................61.4 Cc router im truy cp(Access point router)..................................................6
2. Cc ng dng ca h thng....................................................................................7
III. CC CHUN THNG DNG CA WIRELESS LAN.................................10
1. Cc chun IEEE 802.11........................................................................................10
1.1 802.11...................................................................................................................10
1.2 802.11b.................................................................................................................10
1.3 802.11a..................................................................................................................111.4 802.11g..................................................................................................................11
1.5 802.11n.................................................................................................................12
2. Hiper lan................................................................................................................13
IV. NGUYN L HOT NG CA MNG WIERLESS LAN........................13
CHNG II : BO MT MNG WIRELESS LAN............................................15
I. MT S HNH THC TN CNG XM NHP PH BIN........................15
1. Passive Attack (eavesdropping- tn cng b ng).............................................152. Active attack (tn cng ch ng)........................................................................16
3.Jamming (tn cng bng cch gy nghn)...........................................................17
3
-
7/31/2019 Do an QTM_H-fix
4/32
4. Man-in-the-middle Attack....................................................................................19
II. CC PHNG PHP BO MT CHO MNG WIRELESS LAN..............20
CHNG III: THIT K, CU HNH MNG WIRELESS LAN.....................21
I. CC THIT B H TNG CA MNG WIRELESS LAN.............................21
1. im truy cp:AP(access point)...........................................................................212. Cc ch hot ng ca AP...............................................................................21
3. Cc thit b my khch trong WIRELESS LAN................................................23
1.1 Card PCI Wireless..............................................................................................24
1.2 Card PCMCIA Wireless.....................................................................................25
1.3 Card USB Wireless.............................................................................................25
II. CU HNH AD-HOC MODE.............................................................................25
KT LUN................................................................................................................27NHN XT CA GIO VIN................................................................................28
TI LIU THAM KHO........................................................................................29
4
-
7/31/2019 Do an QTM_H-fix
5/32
LI NI U
Ngy nay mng khng dy ang tr nn ph bin trong cc t chc, doanh
nghip v c nhn. Chnh v s tin li ca mng khng dy nn n dn thay th cho cc
h thng mng c dy truyn thng hin ti.
Wireless Lan l mt trong nhng cng ngh truyn thng khng dy c p
dng cho mng cc b. S ra i ca n khc phc nhng hn ch m mng ni dy
khng th gii quyt c, v l gii php cho xu th pht trin ca cng ngh truyn
thng hin i. Ni nh vy thy c nhng li ch to ln m Wireless Lan mang
li, tuy nhin n khng phi l gii php thay th ton b cho cc mng Lan ni dy
truyn thng.
Da trn chun IEEE 802.11 mng WLan i n s thng nht v tr thnh
mng cng nghip, t c p dng trong rt nhiu lnh vc, t lnh vc chm sc
sc khe, bn l, sn xut, lu kho, n cc trng i hc. Ngnh cng nghip ny
kim li t vic s dng cc thit b u cui v cc my tnh notebook truyn thng
tin thi gian thc n cc trung tm tp trung x l. Ngy nay, mng WLAN ang
c n nhn rng ri nh mt kt ni a nng t cc doanh nghip. Li tc ca thtrng mng WLAN ngy cng tng.
V vy, nhm chng em chn ti tm hiu cng ngh Wirelesss Lan.
5
-
7/31/2019 Do an QTM_H-fix
6/32
CHNG I: TNG QUAN V MNG WIRELESS LAN
I. GII THIU V MNG WIRELESS LAN-WLAN
1. Wireless Lan l g ?
WLAN l mt loi mng my tnh nhng vic kt ni gia cc thnh phn trong
mng khng s dng cc loi cp nh mt mng thng thng, mi trng truyn thng
ca cc thnh phn trong mng l khng kh. Cc thnh phn trong mng s dng sng
in t truyn thng vi nhau.
2. Lch s ra i ca Wireless lan
Cng ngh WLAN ln u tin xut hin vo cui nm 1990, khi nhng nh sn
xut gii thiu nhng sn phm hot ng trong bng tn 900Mhz. Nhng gii php ny
cung cp tc truyn d liu 1Mbps, thp hn nhiu so vi tc 10Mbps ca hu ht
cc mng s dng cp hin thi.
Nm 1992, nhng nh sn xut bt u bn nhng sn phm WLAN s dng
bng tn 2.4Ghz. S cn thit cho vic hot ng thng nht gia cc thit b nhng
dy tn s khc nhau dn n mt s t chc bt u pht trin ra nhng chun mng
khng dy chung.
Nm 1997, Institute of Electrical and Electronics Engineers(IEEE) ph chun
s ra i ca chun 802.11, v cng c bit vi tn gi WIFI (Wireless Fidelity) cho
cc mng WLAN. Chun 802.11 h tr ba phng php truyn tn hiu, trong c bao
gm phng php truyn tn hiu v tuyn tn s 2.4Ghz.
Nm 1999, IEEE thng qua hai s b sung cho chun 802.11 l cc chun
802.11a v 802.11b (nh ngha ra nhng phng php truyn tn hiu). V nhng thit
b WLAN da trn chun 802.11b nhanh chng tr thnh cng ngh khng dy vttri. Cc thit b WLAN 802.11b truyn pht tn s 2.4Ghz, cung cp tc truyn d
6
-
7/31/2019 Do an QTM_H-fix
7/32
liu c th ln ti 11Mbps. IEEE 802.11b c to ra nhm cung cp nhng c im
v tnh hiu dng, thng lng (throughput) v bo mt so snh vi mng c dy.
Nm 2003, IEEE cng b thm mt s ci tin l chun 802.11g m c th
truyn nhn thng tin c hai dy tn 2.4Ghz v 5Ghz v c th nng tc truyn d
liu ln n 54Mbps. Thm vo , nhng sn phm p dng 802.11g cng c th tng
thch ngc vi cc thit b chun 802.11b.
II. CC THIT B C BN V NG DNG CA H THNG WLAN
1. Cc thit b c bn
1.1 Card mng khng dy(Wireless NIC)
Card mng khng dy giao tip giao tip my tnh vi mng khng giy bngcch iu ch tn hiu d liu vi chui tri ph v thc hin mt giao thc truy nhp
cm ng sng mang.
Hnh 1: Card mng khng dy
1.2 Cc im truy cp (access point)
Cc im truy cp khng dy AP(ACCESS POINT) to ra cc vng ph sng,
ni cc nt di ng ti cc c s h tng LAN c dy m cn lc lu lng v thc hin
chc nng cu ni vi cc tiu chun khc. Cc im truy cp trao i vi nhau qua
mng hu tuyn qun l cc nt di ng.
Hnh 2: Access Point
7
-
7/31/2019 Do an QTM_H-fix
8/32
1.3 Bridge khng dy(wbridge)
Wbridge (Bridge khng dy) tng t nh cc im truy cp khng dy tr
trng hp chng c s dng cho cc knh bn ngoi. Wbridge c thit k ni
cc mng vi nhau, c bit trong cc ta nh c khong cch xa ti 32 km. Wbridge c
th lc lu lng v m bo rng cc h thng mng khng dy c kt ni tt m
khng b mt lu lng cn thit.
Hnh 3: Wbridge
1.4 Cc router im truy cp(Access point router)
Mt AP router l mt thit b kt hp cc chc nng ca mt Access Point v
mt router. Khi l Access Point, n truyn d liu gia cc trm khng dy vmt mng hu tuyn cng nh l gia cc trm khng dy. Khi l router, n hot ng
nh l im lin kt gia hai hay nhiu mng c lp, hoc gia mt mng bn trong v
mt mng bn ngoi.
8
-
7/31/2019 Do an QTM_H-fix
9/32
Hnh 4: Access point router
2. Cc ng dng ca h thng
Mng WLAN l k thut thay th cho mng LAN hu tuyn, n cung cp mng
cui cng vi khong cch kt ni ti thiu gia mt mng xng sng v mng trong
nh hoc ngi dng di ng trong cc c quan
tin tng cao trong ni mng ca cc doanh nghip v s tng trng mnh
m ca mng Internet v cc dch v trc tuyn l bng chng mnh m i vi li ch
ca d liu v ti nguyn dng chung. Vi mng WLAN, ngi dng truy cp thng tin
dng chung m khng tm kim ch cm vo, v cc nh qun l mng thit lp hoc
b sung mng m khng lp t hoc di chuyn dy ni. .
u im:
Kh nng lu ng ci thin hiu sut v dch v - Cc h thng mng WLAN
cung cp s truy cp thng tin thi gian thc ti bt c u cho ngi dng mng
trong t chc ca h. Kh nng lu ng ny h tr cc c hi v hiu sut v
dch v m mng ni dy khng th thc hin c.
n gin v tc nhanh trong ci t- Ci t h thng mng WLAN nhanh
v d dng v loi tr nhu cu ko dy qua cc tng v cc trn nh.
Linh hot trong ci t - Cng ngh khng dy cho php mng i n cc ni
m mng ni dy khng th.
9
-
7/31/2019 Do an QTM_H-fix
10/32
Gim bt gi thnh s hu - Trong khi u t ban u ca phn cng cn cho
mng WLAN c gi thnh cao hn cc chi ph phn cng mng LAN hu tuyn,
nhng chi ph ci t ton b v gi thnh tnh theo tui th thp hn ng k.
Cc li ch v gi thnh tnh theo tui th l ng k trong mi trng nng ng
yu cu thng xuyn di chuyn, b sung, v thay i.
Tnh linh hot- Cc h thng mng WLAN c nh hnh theo cc kiu topo
khc nhau p ng cc nhu cu ca cc ng dng v cc ci t c th. Cu
hnh mng d thay i t cc mng c lp ph hp vi s nh ngi dng n
cc mng c s h tng vi hng nghn ngi s dng trong mt vng rng ln.
Kh nng v hng:cc mng my tnh khng dy c th c cu hnh theo
cc topo khc nhau p ng cc nhu cu ng dng v lp t c th.
Bng so snh u v nhc im gia mng khng dy v c dy
Mng c dy: Mng khng dy:
Phm vi ng dng
- C th ng dng trong tt c cc m
hnh mng nh, trung bnh, ln, rt ln
- Gp kh khn nhng ni xa xi, a
hnh phc tp, nhng ni khng n nh,
kh ko dy, ng truyn
- Ch yu l trong m hnh mng nh v
trung bnh, vi nhng m hnh ln phikt hp vi mng c dy
- C th trin khai nhng ni khng
thun tin v a hnh, khng n nh,
khng trin khai mng c dy c
phc tp k thut
- phc tp k thut ty thuc tng
loi mng c th
- Kh nng thit lp phc tp.
- phc tp k thut ty thuc tng
loi mng c th
- Xu hng to kh nng thit lp cc
thng s truyn sng v tuyn ca thit b
ngy cng n gin hn
tin cy
- Kh nng chu nh hng khch quan
bn ngoi nh thi tit, kh hu tt
- B nh hng bi cc yu t bn ngoi
nh mi trng truyn sng, can nhiudo thi tit
10
-
7/31/2019 Do an QTM_H-fix
11/32
- Chu nhiu cuc tn cng a dng, phc
tp, nguy him ca nhng k ph hoi v
tnh v c tnh
- t nguy c nh hng sc khe
- Chu nhiu cuc tn cng a dng, phc
tp, nguy him ca nhng k ph hoi v
tnh v c tnh, nguy c cao hn mng c
dy
- Cn ang tip tc phn tch v kh nng
nh hng n sc khe
Lp t, trin khai
- Lp t, trin khai tn nhiu thi gian
v chi ph.
- Lp t, trin khai d dng, n gin,
nhanh chng.Tnh linh hot, kh nng thay i, pht trin
- V l h thng kt ni c nh nn tnh
linh hot km, kh thay i, nng cp,pht trin.
- V l h thng kt ni di ng nn rt
linh hot, d dng thay i, nng cp,pht trin.
Gi c
- Gi c ty thuc vo tng m hnh
mng c th.
- Thng th gi thnh thit b cao hn so
vi ca mng c dy. Nhng xu hng
hin nay l cng ngy cng gim s
chnh lch v gi.
III. CC CHUN THNG DNG CA WIRELESS LAN
1. Cc chun IEEE 802.11
Trong lc Hip hi Wi-Fi (Wi-Fi Alliance) cc t chc v cc nh sn xut thit
b mng my tnh ang cng bn tho cho ra i cc c t k thut cui cng cho
chun 802.11n y ha hn, chng ta cng nhn li qu trnh hnh thnh v pht trinca cc chun Wi-Fi. Hiu r cc c im ca tng chun, chng ta s c ci nhn r
rng hn, chn la cho mnh mt sn phm "ng " hn, ph hp hn vi nhu cu s
dng v ti tin. Sau y l cc chun Wi-Fi thi "khai sinh" n nay.
1.1 Chun 802.11
Nm 1997, Vin k s in v in t (IEEE- Institute of Electrical and
Electronics Engineers) a ra chun mng ni b khng dy (WLAN Wireless LAN)u tin c gi l 802.11 theo tn ca nhm gim st s pht trin ca chun ny.
11
-
7/31/2019 Do an QTM_H-fix
12/32
Lc ny, 802.11 s dng tn s 2,4GHz v dng k thut tri ph trc tip (Direct-
Sequence Spread Spectrum-DSSS) nhng ch h tr bng thng ti a l 2Mbps tc
kh chm cho hu ht cc ng dng. V l do , cc sn phm chun khng dy ny
khng cn c sn xut na.
1.2 Chun 802.11b
T thng 6 nm 1999, IEEE bt u m rng chun 802.11 ban u v to ra cc
c t k thut cho 802.11b. Thit b router hay access point s dng chun 802.11b h
tr bng thng ln n 11Mbps, ngang vi tc mng ni b Ethernet thi by gi?y l chun WLAN u tin c chp nhn trn th trng, s dng tn s 2,4 GHz.
Chun 802.11b s dng k thut iu ch kha m b(Complementary Code Keying -
CCK) v dng k thut tri ph trc tip ging nh chun 802.11 nguyn bn. Vi li
th v tn s (bng tn nghip d ISM 2,4GHz), cc hng sn xut s dng tn s ny
gim chi ph sn xut.
Nhng khi y, tnh trng "ln xn" li xy ra, 802.11b c th b nhiu do l vi
sng, in thoi m bng con v cc dng c khc cng s dng tn s 2,4GHz. Tuy
nhin, bng cch lp t 802.11b khong cch hp l s d dng trnh c nhiu. u
im ca 802.11b l gi thp, tm ph sng tt v khng d b che khut. Nhc im
ca 802.11b l tc thp; c th b nhiu bi cc thit b gia dng.
1.3 Chun 802.11a
Song hnh vi 802.11b, IEEE tip tc a ra chun m rng th hai cng da
vo 802.11 u tin - 802.11a. Chun 802.11a s dng tn s 5GHz, tc 54Mbps
trnh c can nhiu t cc thit b dn dng. ng thi, chun 802.11a cng s dng
k thut tri ph khc vi chun 802.11b - k thut tri ph theo phng php a phn
chia tn s trc giao (Orthogonal Frequency Division Multiplexing-OFDM). y c
coi l k thut tri hn so vi tri ph trc tip (DSSS). Do chi ph cao hn, 802.11a
thng ch c s dng trong cc mng doanh nghip, ngc li, 802.11b thch hp
hn cho nhu cu gia nh. Tuy nhin, do tn s cao hn tn s ca chun 802.11b nntn hin ca 802.11a gp nhiu kh khn hn khi xuyn tng v cc vt cn khc.
12
-
7/31/2019 Do an QTM_H-fix
13/32
Do 802.11a v 802.11b s dng tn s khc nhau, hai cng ngh ny khng
tng thch vi nhau. Mt vi hng sn xut bt u cho ra i sn phm "lai"
802.11a/b, nhng cc sn phm ny ch n thun l cung cp 2 chun sng Wi-Fi cng
lc (my trm dng chun no th kt ni theo chun ).
u im ca 802.11a l tc nhanh; trnh xuyn nhiu bi cc thit b khc.
Nhc im ca 802.11a l gi thnh cao; tm ph sng ngn hn v d b che khut.
1.4 Chun 802.11g
Nm 2002 v 2003, cc sn phm WLAN h tr chun mi hn c gi l
802.11g ni ln trn th trng; chun ny c gng kt hp tt nht 802.11a v 802.11b.
Chun 802.11g h tr bng thng 54Mbps v s dng tn s 2,4GHz cho phm vi ph
sng ln hn. 802.11g tng thch ngc vi 802.11b, ngha l cc im truy cp
(access point AP) 802.11g s lm vic vi card mng Wi-Fi chun 802.11b...
Thng 7/2003, IEEE ph chun 802.11g. Chun ny cng s dng phng thc
iu ch OFDM tng t 802.11a nhng li dng tn s 2,4GHz ging vi chun
802.11b.
u im ca 802.11g l tc nhanh, tm ph sng tt v khng d b che
khut. Nhc im ca 802.11g l gi cao hn 802.11b; c th b nhiu bi ccthit b gia dng.
1.5 Chun 802.11n
Hnh 5: Edimax BR-6226n tch hp wifi chun N
Chun Wi-Fi mi nht trong danh mc Wi-Fi l 802.11n. 802.11n c thit k
ci thin tnh nng ca 802.11g vi tng bng thng c h tr bng cch tn dng
nhiu tn hiu khng dy v anten (gi l cng ngh MIMO-multiple-input andmultiple-output). Khi chun ny hon thnh, 802.11n s h tr tc ln n 100Mbps.
13
-
7/31/2019 Do an QTM_H-fix
14/32
802.11n cng cho tm ph sng tt hn cc chun Wi-Fi trc nh tng cng tn
hiu. Cc thit b 802.11n s tng thch ngc vi 802.11g.
u im ca 802.11n l tc nhanh nht, vng ph sng tt nht; tr khng ln
hn chng nhiu t cc tc ng ca mi trng. Nhc im ca 802.11n l cha
c ph chun cui cng; gi cao hn 802.11g; s dng nhiu lung tn hiu c th
gy nhiu vi cc thit b 802.11b/g k cn.
2. Hiper lan
HyperLANHigh Performance Radio Lan theo chun ca Chu u l tng
ng vi cng ngh 802.11. HiperLAN loi 1 h tr bng thng 20Mbps, lm vic di tn 5GHz. HiperLAN 2 cng lm vic trn di tn ny nhng h tr bng thng ln
ti 54Mbps. Cng ngh ny s dng kiu kt ni hng i tng (connection
oriented ) h tr nhiu thnh phn m bo cht lng, m bo cho cc ng dng
Multimedia.
Hnh 6: Bng cc tiu chun ca ETSI HIPERLAN
14
-
7/31/2019 Do an QTM_H-fix
15/32
IV. NGUYN L HOT NG CA MNG WIRELESS LAN
Mng WLAN s dng sng in t (v tuyn v tia hng ngoi) truyn thng
tin t im ny sang im khc m khng da vo bt k kt ni vt l no. Cc sng
v tuyn thng l cc sng mang v tuyn bi v chng thc hin chc nng phn pht
nng lng n gin ti my thu xa. D liu truyn c chng ln trn sng mang
v tuyn n c nhn li ng my thu. l s iu bin sng mang theo thngtin c truyn. Mt khi d liu c chng (c iu ch) ln trn sng mang v
tuyn, th tn hiu v tuyn chim nhiu hn mt tn s n, v tn s hoc tc
truyn theo bit ca thng tin bin iu c thm vo sng mang.
Nhiu sng mang v tuyn tn ti trong cng khng gian ti cng mt thi im
m khng nhiu vi nhau nu chng c truyn trn cc tn s v tuyn khc nhau.
nhn d liu, my thu v tuyn bt sng (hoc chn) mt tn s v tuyn xc nh trong
khi loi b tt c cc tn hiu v tuyn khc trn cc tn s khc.
Trong mt cu hnh mng WLAN tiu biu, mt thit b thu pht, c gi mt
im truy cp (AP - access point), ni ti mng ni dy t mt v tr c nh s dng
cp Ethernet chun. im truy cp (access point) nhn, lu vo b nh m, v truyn
d liu gia mng WLAN v c s h tng mng ni dy. Mt im truy cp n h tr
mt nhm nh ngi s dng v vn hnh bn trong mt phm vi vi mt ti vi chc
mt. im truy cp (hoc anten c gn ti n) thng thng c gn trn cao .Cc ngi dng u cui truy cp mng WLAN thng qua cc card giao tip
mng WLAN, m c thc hin nh cc card PC trong cc my tnh notebook, hoc
s dng card giao tip ISA hoc PCI trong cc my tnh bn, hoc cc thit b tch
hp hon ton bn trong cc my tnh cm tay. Cc card giao tip mng WLAN cung
cp mt giao din gia h iu hnh mng (NOS) v sng tri (qua mt anten). Bn
cht ca kt ni khng dy l trong sut vi NOS.
15
-
7/31/2019 Do an QTM_H-fix
16/32
CHNG II : BO MT MNG WIRELESS LAN
I. MT S HNH THC TN CNG XM NHP PH BIN
Cc kiu tn cng trn mng WLAN
Hacker c th tn cng mng WLAN bng cc cch sau:
Passive Attack (eavesdropping)
Active Attack (kt ni, thm d v cu hnh mng)
Jamming Attack
Man-in-the-middle Attack
Cc phng php tn cng trn c th c phi hp vi nhau theo nhiu cch khc
nhau.
1. Passive Attack (eavesdropping)
Tn cng b ng (passive) hay nghe ln (eavesdropping) c l l mt phng
php tn cng WLAN n gin nht nhng vn rt hiu qu. Passive attack khng li
mt du vt no chng t c s hin din ca hacker trong mng v hacker khng
tht kt ni vi AP lng nghe cc gi tin truyn trn on mng khng dy. Phng
php ny cho php hacker gi khong cch vi mng, khng li du vt trong khi vn
lng nghe v thu thp c nhng thng tin qu gi.
C nhiu ng dng c kh nng thu thp c password t nhng da ch HTTP,
email, instant message, phin lm vic FTP, telnet. Nhng kiu kt ni trn u truyn
password theo dng clear text (khng m ha). Nhiu ng dng c th bt c
password hash (mt m c bm) truyn trn on mng khng dy gia client v
server lc client ng nhp vo. Hacker l th phm nhng nhng thng tin log c
16
-
7/31/2019 Do an QTM_H-fix
17/32
li ch n ngi dng m hacker ng nhp vo. iu ny c th lm cho nhn vin
mt vic.
Hnh 7: S cch thc tn cng b ng (passive attack)
Mt hacker c th u trong bi u xe, dng nhng cng c t nhp
vo mng WLAN ca bn. Cc cng c c th l mt packet sniffer, hay mt s phn
mm hacking min ph c th crack c WEP key v ng nhp vo mng.2. Active Attack
Hacker c th tn cng ch ng (active) thc hin mt s tc v trn mng.
Mt cuc tn cng ch ng c th c s dng truy cp vo server v ly c
nhng d liu c gi tr hay s dng ng kt ni Internet ca doanh nghip thc
hin nhng mc ch ph hoi hay thm ch l thay i cu hnh ca h tng mng.
Bng cch kt ni vi mng khng dy thng qua AP, hacker c th xm nhp
su hn vo mng hoc c th thay i cu hnh ca mng. V d, mt hacker c th sa
i thm MAC address ca hacker vo danh sch cho php ca MAC filter trn AP
hay v hiu ha tnh nng MAC filter gip cho vic t nhp sau ny d dng hn.
Admin thm ch khng bit c thay i ny trong mt thi gian di nu nh khng
kim tra thng xuyn. Kiu tn cng ny c th lm cho ISP ca bn ngt kt ni email
ca bn v lm dng gi nhiu mail mc d khng phi li ca bn.
17
-
7/31/2019 Do an QTM_H-fix
18/32
Hnh 8: S cch thc tn cng ch ng
i th cnh tranh c th mun c c danh sch khch hng ca bn cng vi
nhng thng tin lin h hay thm ch l bng lng c mc cnh tranh tt hn hay
ginh ly khch hng ca bn. Nhng kiu tn cng ny xy ra thng xuyn m adminkhng h hay bit.
Mt khi hacker c c kt ni khng dy vo mng ca bn, hn c th truy
cp vo server, s dng kt ni WAN, Internet hay truy cp n laptop, desktop ngi
dng.
3. Jamming (tn cng bng cch gy nghn)
Jamming l mt k thut c s dng ch n gin lm hng (shut down)
mng khng dy ca bn. Tng t nh nhng k ph hoi s dng tn cng DoS vo
mt web server lm nghn server th mng WLAN cng c th b shut down bng
cch gy nghn tn hiu RF. Nhng tn hiu gy nghn ny c th l c hay v v c
th loi b c hay khng loi b c. Khi mt hacker ch ng tn cng jamming,
hacker c th s dng mt thit b WLAN c bit, thit b ny l b pht tn hiu RF
cng sut cao hay sweep generator.
loi b kiu tn cng ny th yu cu u tin l phi xc nh c ngun tn
hiu RF. Vic ny c th lm bng cch s dng mt Spectrum Analyzer (my phn tch
ph). C nhiu loi Spectrum Analyzer trn th trng nhng bn nn dng loi cm
tay, dng pin cho tin s dng. Mt cch khc l dng cc ng dng Spectrum Analyzer
phn mm km theo cc sn phm WLAN cho client.
18
-
7/31/2019 Do an QTM_H-fix
19/32
Hnh 9: S tn cng theo kiu gy nghn
Khi ngun gy ra jamming l khng th di chuyn c v khng gy hi nh
thp truyn thng hay cc h thng hp php khc th admin nn xem xt s dng dy
tn s khc cho mng WLAN. V d, nu admin chu trch nhim thit k v ci t
mng WLAN cho mi trng rng ln, phc tp th cn phi xem xt k cng. Nu nh
ngun nhiu RF tri rng hn 2.4 Ghz nh b m, l vi sng th admin nn s dng
nhng thit b theo chun 802.11a hot ng trong bng tn 5 Ghz UNII thay v s dng
nhng thit b 802.11b/g hot ng trong bng tn 2.4 Ghz s d b nhiu.
Jamming do v xut hin thng xuyn do nhiu thit b khc nhau chia s
chung bng tn 2.4 ISM vi mng WLAN. Jamming mt cch ch ng thng khngph bin lm, l do l bi v thc hin c jamming th rt tn km, gi ca thit b
rt mc tin, kt qu t c ch l tm thi shut down mng trong thi gian ngn.
4. Man-in-the-middle Attack
Tn cng theo kiu Man-in-the-middle l trng hp trong hacker s dng
mt AP nh cp cc node di ng bng cch gi tn hiu RF mnh hn AP hp
php n cc node .
Hnh 10: S tn cng theo kiu Man-in-the-Middle Attack.
19
-
7/31/2019 Do an QTM_H-fix
20/32
lm cho client kt ni li n AP gi mo th cng sut pht ca AP gi mo
phi cao hn nhiu so vi AP hp php trong vng ph sng ca n. Vic kt ni li vi
AP gi mo c xem nh l mt phn ca roaming nn ngi dng s khng h bit
c. Vic a ngun nhiu ton knh (all-band interference - chng hn nh bluetooth)
vo vng ph sng ca AP hp php s buc client phi roaming.
Nhiu khi, tn cng Man-in-the-middle c thc hin ch vi mt laptop v 2
PCMCIA card. Phn mm AP chy trn my laptop ni PC card c s dng nh l
mt AP v mt PC card th 2 c s dng kt ni laptop n AP hp php gn .
Trong cu hnh ny, laptop chnh l man-in-the-middle (ngi gia), hot ng gia
client v AP hp php. T hacker c th ly c nhng thng tin gi tr bng cch
s dng cc sniffer trn my laptop.
im ct yu trong kiu tn cng ny l ngi dng khng th nhn bit c.
V th, s lng thng tin m hacker c th thu c ch ph thuc vo thi gian m
hacker c th duy tr trng thi ny trc khi b pht hin. Bo mt vt l (Physical
security) l phng php tt nht chng li kiu tn cng ny.
II. CC PHNG PHP BO MT CHO MNG WIRELESS LAN
1. Nhng nguy c bo mt trong WLAN bao gm
Cc thit b c th kt ni ti nhng Access Point ang broadcast SSID.
Hacker s c gng tm kim cc phng thc m ho ang c s dng trong
qu trnh truyn thng tin trn mng, sau c phng thc gii m ring v ly
cc thng tin nhy cm.
Ngi dng s dng Access Point ti gia nh s khng m bo tnh bo mt
nh khi s dng ti doanh nghip.
2. bo mt mng WLAN, bn cn thc hin qua cc bc sau
Ch c nhng ngi dng c xc thc mi c kh nng truy cp vo mngthng qua cc Access Point.
Cc phng thc m ho c p dng trong qu trnh truyn cc thng tin quantrng.
Bo mt cc thng tin v cnh bo nguy c bo mt bng h thng IDS v IPS.
20
-
7/31/2019 Do an QTM_H-fix
21/32
Ban u, IEEE 802.11 s dng gii php bo mt bng nhng kho tnh (static
keys) cho c qu trnh m ho v xc thc. Phng thc xc thc nh vy l khng
mnh, cui cng c th b tn cng. Bi v cc kho c qun l v khng thay i,
iu ny khng th p dng trong mt gii php doanh nghip ln c.
Cisco gii thiu v cho php s dng IEEE 802.1x l giao thc xc thc v s
dng kho ng (dynamic keys), bao gm 802.1x Extensible Authentication Protocol
(EAP). Cisco cng gii thiu phng thc chng li vic tn cng bng cch s dng
qu trnh bm (hashing) (Per Packet Key PPK) v Message Integrity Check (MIC).
Phng thc ny c bit n nh Cisco Key Integrity Protocol (CKIP) v Cisco
Message Integrity Check (CMIC).
Cc t chc chun 802.11 bt u tin hnh vic nng cp bo mt cho mng
WLAN. Wi-Fi Alliance gii thiu gii php WPA (Wi-Fi Protected Access). WPA
c s dng cho vic xc thc ngi dng, MIC, Temporal Key Integrity Protocol
(TKIP), v Dynamic Keys. N tng t nh phng thc ca Cisco nhng cch thc
hin c khc i cht.
WPA cng bao gm mt passphrase hay preshared key cho ngi dng h xc
thc trong gii php bo mt trong gia nh, nhng khng c s dng cho gii phpdoanh nghip.
Ngy nay , IEEE 802.11i nng cp v Advanced Encryption Standard (AES)
thay th cho WEP v l phng thc bo mt mi nht v bo mt nht trong m ho
d liu. Wireless IDS hin nay c vi vai tr nhn din v bo v h thng WLAN
trc nhng tn cng. Wi-Fi Alliance 802.11i lm vic v s dng nh WPA2.
Cc Access Point gi broadcast mt hoc nhiu SSIDs, hay data rates, v mt sthng tin. Cc thit b Wi-Fi c th scan tt c cc knh v tm truy cp vo bt k mng
no m h scan ra c t nhng Access Point.
Client s thng kt ni ti nhng Access Point m tn hiu mnh nht. Nu tn
hiu yu, client tip tc scan ti mt Access Point khc (trong trng hp Roaming).
Trong qu trnh kt ni, SSID, a ch MAC v cc thit lp bo mt c gi t client
ti Access Point v kim tra bi Access Point.
21
-
7/31/2019 Do an QTM_H-fix
22/32
Ngi dung c xc thc thng qua giao thc 802.1x. Vi chun 802.1x hay
EAP cn thit trn WLAN client. Access Point cng c th nh mt my ch p ng
vic xc thc cho ngi dng, hoc c th lien kt ti my ch RADIUS nh xc thc
h, hoc c th lm vic vi Cisco Secure ACS. Lightweight Access Point s giao tip
vi WLAN controller, v n lm vic nh mt my ch xc cung cp xc thc cho cc
users.
Client v my ch cung cp xc thc trin khai vi hai phin bn EAP khc
nhau. Thng tin EAP s c truyn t Access point ti my ch xc thc.
Sau khi xc thc song WLAN client, d liu s c m ho trc khi truyn i.
V c bn phng thc m ho da vo thut ton RC4 c s dng bt u t WEP.
TKIP s dng m ho RC4 c tng cng bo mt hn v vi nhiu bt m ho hn
v c kho tch hp cho mi packet (key per packet PPK). AES c thay th cho RC4
vi thut ton bo mt cao cp hn. WPA s dng TKIP, trong khi WPA2 s dng AES
hay TKIP.
3. S khc nhau gia cc dng WLANs
Vi ngi dng s dng mng WLAN cho gia nh, mt phng thc bo
mt vi WPA passphare hay preshared key c khuyn co s dng.
Vi gii php doanh nghip, ti u qu trnh bo mt vi 802.1x EAP
lm phng thc xc thc v TKIP hay AES lm phng thc m ho. c da
theo chun WPA hay WPA2 v 802.11i security.
K tn cng c th tn cng mng WLAN khng bo mt bt c lc no.
22
-
7/31/2019 Do an QTM_H-fix
23/32
CHNG III: THIT K, CU HNH MNG WLAN
I. CC THIT B H TNG CA MNG WLAN
1. im truy cp: AP(Access Point)
Cung cp cho cc my khch(client) mt im truy cp vo mng "Ni m cc
my tnh dng wireless c th vo mng ni b ca cng ty". AP l mt thit b song
cng(Full duplex) c mc thng minh tng ng vi mt chuyn mch Ethernet
phc tp(Switch).
Hnh 11: Hot ng caAP n gin
2. Cc ch hot ng ca AP
AP c th giao tip vi cc my khng dy, vi mng c dy truyn thng v vi
cc AP khc. C 3 Mode hot ng chnh ca AP:
Ch gc (Root mode): Root mode c s dng khi AP c kt ni vi
mng backbone c dy thng qua giao din c dy (thng l Ethernet) ca n. Hu ht
cc AP s h tr cc mode khc ngoi root mode, tuy nhin root mode l cu hnh mc
nh. Khi mt AP c kt ni vi phn on c dy thng qua cng Ethernet ca n,
n s c cu hnh hot ng trong root mode. Cc client khng dy c th giao tip
vi cc client khng dy khc nm trong nhng cell ( t bo, hay vng ph sng ca
AP) khc nhau thng qua AP tng ng m chng kt ni vo, sau cc AP ny s
giao tip vi nhau thng qua phn on c dy,nh v d trong hnh 12.
23
-
7/31/2019 Do an QTM_H-fix
24/32
Hnh 12: M hnh Root mode
Ch cu ni(bridge Mode): Trong Bridge mode, AP hot ng hon
ton ging vi mt cu ni khng dy. AP s tr thnh mt cu ni khng dy khi c
cu hnh theo cch ny. Ch mt s t cc AP trn th trng c h tr chc nng
Bridge, iu ny s lm cho thit b c gi cao hn ng k. Chng ta s gii thch mt
cch ngn gn cu ni khng dy hot ng nh th no, t hnh 13: Client khng kt
ni vi cu ni, nhng thay vo , cu ni c s dng kt ni 2 hoc nhiu on
mng c dy li vi nhau bng kt ni khng dy.
Hnh 12: M hnh Bridge Mode.
24
-
7/31/2019 Do an QTM_H-fix
25/32
Ch lp(repeater mode): AP c kh nng cung cp mt ng kt ni
khng dy upstream vo mng c dy thay v mt kt ni c dy bnh thng. Mt AP
hot ng nh l mt root AP v AP cn li hot ng nh l mt Repeater khng
dy. AP trong repeater mode kt ni vi cc client nh l mt AP v kt ni vi
upstream AP nh l mt client.
Hnh 13: M hnh Repeater Mode Hnh 14: Mt repeater
3. Cc thit b my khch trong mng WLAN
1.1 Card PCI Wireless
L thnh phn ph bin nht trong WLAN. Dng kt ni cc my khch vo
h thng mng khng dy. c cm vo khe PCI trn my tnh. Loi ny c s
dng ph bin cho cc my tnh bn(desktop) .
25
-
7/31/2019 Do an QTM_H-fix
26/32
Hnh 15: Card PCI Wireless
1.2 Card PCMCIA Wireless
Trc y c s dng trong cc my tnh xch tay(laptop) . Hin nay nh s
pht trin ca cng ngh t c s dng v my tnh xch tay u c tch hp snCard Wireless bn trong thit b.
.
Hnh 16: Card PCMCIA Wireless.
1.3 USB Wireless
Loi rt c u chung hin nay dnh cho cc thit b kt ni vo mng khngdy v tnh nng di ng v nh gn . C chc nng tng t nh Card PCI Wireless,
nhng h tr chun cm l USB (Universal Serial Bus). C th tho lp nhanh chng
(khng cn phi cm c nh nh Card PCI Wireless) v h tr cm khi my tnh ang
hot ng.
26
-
7/31/2019 Do an QTM_H-fix
27/32
Hnh 17: USB Wireless
II. CU HNH AD-HOC MODE
Cu hnh bn di minh ha trong windows XP (trn Vista v Windows 7 cc
bn cu hnh tng t).
Click chut phi ti icon cu card wireless bn gc phi ca mn hnh chn View
available Wireless Network.
Ti tab Wireless Network Connection chnChange Advanced setting m
bng Wireless Network Connection Properties -> Chn tab Wireless Networks
27
-
7/31/2019 Do an QTM_H-fix
28/32
Chn Add m ra bng wireless network properties. Ti y bn thit l p cc
thng s nh SSID, Network key, data encryption..... va check vao This is a
computer......are not used.
Sau bn thit l p cho mnh IP tinh, v d 192.168.0.1/ Subnet Mask
255.255.255.0. Thit l p my th 2,3.... ging my th 1 vi s IP cng lp mang.
Sau khi kch OK, bn s thy mng va to xut hin di Preferred Networks.
Mng lc ny vn b lit k vi mt ch x , y l iu ht sc bnh thng v bn
28
-
7/31/2019 Do an QTM_H-fix
29/32
khng phi lo lng nhiu. N s ch thay i thnh Connected sau khi c mt my tnh
no nhp vo mng
KT LUN
Mng Wi-fi ngy cng tr nn thng dng ti Vit Nam vi cc u im nh victhit lp n gin, gi thnh ngy cng r v s dng tin li. Hin nay cng ngh
khng dy, nht l Wi-Fi hin ang c ng dng ngy cng mnh m trong i sng.
Nhng a s mi ngi u ch s dng Wi-Fi cc lnh vc lin quan n my tnh
m khng bit rng bng sng Wi-Fi, ngi dng dng my tnh iu khin h thng
n, qut, my lnh, l si, my ti, h thng nc Nhng vn quan trng nht
ca mng khng dy hin nay l s bo mt ca n cha c mt gii php no n nh.
Chng em s nghin cu thm cc l hng v cc cch tn cng mng WLAN tm ra
phng php bo mt hiu qu .
Cm n thy HUNH PHC DANH tn tnh gip chng em trong thi
gian thc hin ti v trong ny cng khng trnh khi nhng thiu st, mong thy
gp chng em c th hon thin tt hn.
29
-
7/31/2019 Do an QTM_H-fix
30/32
Nhn xt ca ging vin hng dn
........................................................................................................................
30
-
7/31/2019 Do an QTM_H-fix
31/32
....................................................................................................................................
....................................................................................................................................
....................................................................................................................................
....................................................................................................................................
....................................................................................................................................
....................................................................................................................................
....................................................................................................................................
....................................................................................................................................
....................................................................................................................................
....................................................................................................................................
....................................................................................................................................
....................................................................................................................................
....................................................................................................................................
....................................................................................................................................
....................................................................................................................................
....................................................................................................................................
....................................................................................................................................
....................................................................................................................................
....................................................................................................................................
....................................................................................................................................
....................................................................................................................................
....................................................................................................................................
....................................................................................................................................
....................................................................................................................................
....................................................................................................................................
TI LIU THAM KHO
CC WEBSITE
http://www.thegioiwifi.vn/forum/showthread.php?t=205
http://gamek.vn/c185n20101020101345983/cung-tim-hieu-ve-mang-khong-day-
wireless-lan.chn
http://ddth.com/showthread.php?p=754619
http://www.caicho.net/showthread.php?t=643,Wireless-LAN-la-gi
http://thegioimang.org/forum/mang-khong-day/856-gioi-thieu-ve-wireless-lan-wlan.htmlhttp://vi.wikipedia.org/wiki/LAN
31
http://www.thegioiwifi.vn/forum/showthread.php?t=205http://gamek.vn/c185n20101020101345983/cung-tim-hieu-ve-mang-khong-day-wireless-lan.chnhttp://gamek.vn/c185n20101020101345983/cung-tim-hieu-ve-mang-khong-day-wireless-lan.chnhttp://ddth.com/showthread.php?p=754619http://www.caicho.net/showthread.php?t=643,Wireless-LAN-la-gihttp://thegioimang.org/forum/mang-khong-day/856-gioi-thieu-ve-wireless-lan-wlan.htmlhttp://vi.wikipedia.org/wiki/LANhttp://www.thegioiwifi.vn/forum/showthread.php?t=205http://gamek.vn/c185n20101020101345983/cung-tim-hieu-ve-mang-khong-day-wireless-lan.chnhttp://gamek.vn/c185n20101020101345983/cung-tim-hieu-ve-mang-khong-day-wireless-lan.chnhttp://ddth.com/showthread.php?p=754619http://www.caicho.net/showthread.php?t=643,Wireless-LAN-la-gihttp://thegioimang.org/forum/mang-khong-day/856-gioi-thieu-ve-wireless-lan-wlan.htmlhttp://vi.wikipedia.org/wiki/LAN -
7/31/2019 Do an QTM_H-fix
32/32
http://www.wimaxpro.org/forum/showthread.php?t=85
http://vnexperts.net/bai-viet-ky-thuat/security/573-cac-phng-thc-bo-mt-mng-wlan.html
http://www.free4vn.org/f175/t37235/
http://www.quantrimang.com.vn/
http://www.cuocsongso.com/forum/
http://nhatnghe.com/
http://ictvietnam.net/forum/
http://www.adminvietnam.vn/
http://www.wimaxpro.org/forum/showthread.php?t=85http://vnexperts.net/bai-viet-ky-thuat/security/573-cac-phng-thc-bo-mt-mng-wlan.htmlhttp://www.free4vn.org/f175/t37235/http://www.quantrimang.com.vn/http://www.cuocsongso.com/forum/http://nhatnghe.com/http://ictvietnam.net/forum/http://www.adminvietnam.vn/http://www.wimaxpro.org/forum/showthread.php?t=85http://vnexperts.net/bai-viet-ky-thuat/security/573-cac-phng-thc-bo-mt-mng-wlan.htmlhttp://www.free4vn.org/f175/t37235/http://www.quantrimang.com.vn/http://www.cuocsongso.com/forum/http://nhatnghe.com/http://ictvietnam.net/forum/http://www.adminvietnam.vn/