do an qtm_hĐ-fix

7/31/2019 Do an QTM_H-fix

1/32

TRNG CAO NG CNG NGH V QUN TR SONADEZI

KHOA CNG NGH THNG TIN

N

ti: MNG LAN KHNG DY( WLAN)

Bin Ha, Thng 1 nm 2011

Gio vin hng dn:Hunh Phc DanhSinh vin thc hin :

1) Hong Ng nh

2) Bi Vn Nam

3) V Minh Hng

Lp : K5CNTT2


2/32

MC LC

LI NI U.............................................................................................................3

CHNG I: TNG QUAN V MNG WIRELESS LAN...................................4

I.GII THIU V MNG WIRELESS LAN-WLAN............................................4

1. Wireless Lan l g....................................................................................................42. Lch s ra i ca Wireless lan..............................................................................4

2


3/32

II.CC THIT B C BN V NG DNG CA H THNG WLAN.............5

1. Cc thit b c bn..................................................................................................5

1.1 Card mng khng dy(Wireless NIC).................................................................5

1.2 Cc im truy cp (Access point).........................................................................5

1.3 Bridge khng dy(Wbridge)................................................................................61.4 Cc router im truy cp(Access point router)..................................................6

2. Cc ng dng ca h thng....................................................................................7

III. CC CHUN THNG DNG CA WIRELESS LAN.................................10

1. Cc chun IEEE 802.11........................................................................................10

1.1 802.11...................................................................................................................10

1.2 802.11b.................................................................................................................10

1.3 802.11a..................................................................................................................111.4 802.11g..................................................................................................................11

1.5 802.11n.................................................................................................................12

2. Hiper lan................................................................................................................13

IV. NGUYN L HOT NG CA MNG WIERLESS LAN........................13

CHNG II : BO MT MNG WIRELESS LAN............................................15

I. MT S HNH THC TN CNG XM NHP PH BIN........................15

1. Passive Attack (eavesdropping- tn cng b ng).............................................152. Active attack (tn cng ch ng)........................................................................16

3.Jamming (tn cng bng cch gy nghn)...........................................................17

3


4/32

4. Man-in-the-middle Attack....................................................................................19

II. CC PHNG PHP BO MT CHO MNG WIRELESS LAN..............20

CHNG III: THIT K, CU HNH MNG WIRELESS LAN.....................21

I. CC THIT B H TNG CA MNG WIRELESS LAN.............................21

1. im truy cp:AP(access point)...........................................................................212. Cc ch hot ng ca AP...............................................................................21

3. Cc thit b my khch trong WIRELESS LAN................................................23

1.1 Card PCI Wireless..............................................................................................24

1.2 Card PCMCIA Wireless.....................................................................................25

1.3 Card USB Wireless.............................................................................................25

II. CU HNH AD-HOC MODE.............................................................................25

KT LUN................................................................................................................27NHN XT CA GIO VIN................................................................................28

TI LIU THAM KHO........................................................................................29

4


5/32

LI NI U

Ngy nay mng khng dy ang tr nn ph bin trong cc t chc, doanh

nghip v c nhn. Chnh v s tin li ca mng khng dy nn n dn thay th cho cc

h thng mng c dy truyn thng hin ti.

Wireless Lan l mt trong nhng cng ngh truyn thng khng dy c p

dng cho mng cc b. S ra i ca n khc phc nhng hn ch m mng ni dy

khng th gii quyt c, v l gii php cho xu th pht trin ca cng ngh truyn

thng hin i. Ni nh vy thy c nhng li ch to ln m Wireless Lan mang

li, tuy nhin n khng phi l gii php thay th ton b cho cc mng Lan ni dy

truyn thng.

Da trn chun IEEE 802.11 mng WLan i n s thng nht v tr thnh

mng cng nghip, t c p dng trong rt nhiu lnh vc, t lnh vc chm sc

sc khe, bn l, sn xut, lu kho, n cc trng i hc. Ngnh cng nghip ny

kim li t vic s dng cc thit b u cui v cc my tnh notebook truyn thng

tin thi gian thc n cc trung tm tp trung x l. Ngy nay, mng WLAN ang

c n nhn rng ri nh mt kt ni a nng t cc doanh nghip. Li tc ca thtrng mng WLAN ngy cng tng.

V vy, nhm chng em chn ti tm hiu cng ngh Wirelesss Lan.

5


6/32

CHNG I: TNG QUAN V MNG WIRELESS LAN

I. GII THIU V MNG WIRELESS LAN-WLAN

1. Wireless Lan l g ?

WLAN l mt loi mng my tnh nhng vic kt ni gia cc thnh phn trong

mng khng s dng cc loi cp nh mt mng thng thng, mi trng truyn thng

ca cc thnh phn trong mng l khng kh. Cc thnh phn trong mng s dng sng

in t truyn thng vi nhau.

2. Lch s ra i ca Wireless lan

Cng ngh WLAN ln u tin xut hin vo cui nm 1990, khi nhng nh sn

xut gii thiu nhng sn phm hot ng trong bng tn 900Mhz. Nhng gii php ny

cung cp tc truyn d liu 1Mbps, thp hn nhiu so vi tc 10Mbps ca hu ht

cc mng s dng cp hin thi.

Nm 1992, nhng nh sn xut bt u bn nhng sn phm WLAN s dng

bng tn 2.4Ghz. S cn thit cho vic hot ng thng nht gia cc thit b nhng

dy tn s khc nhau dn n mt s t chc bt u pht trin ra nhng chun mng

khng dy chung.

Nm 1997, Institute of Electrical and Electronics Engineers(IEEE) ph chun

s ra i ca chun 802.11, v cng c bit vi tn gi WIFI (Wireless Fidelity) cho

cc mng WLAN. Chun 802.11 h tr ba phng php truyn tn hiu, trong c bao

gm phng php truyn tn hiu v tuyn tn s 2.4Ghz.

Nm 1999, IEEE thng qua hai s b sung cho chun 802.11 l cc chun

802.11a v 802.11b (nh ngha ra nhng phng php truyn tn hiu). V nhng thit

b WLAN da trn chun 802.11b nhanh chng tr thnh cng ngh khng dy vttri. Cc thit b WLAN 802.11b truyn pht tn s 2.4Ghz, cung cp tc truyn d

6


7/32

liu c th ln ti 11Mbps. IEEE 802.11b c to ra nhm cung cp nhng c im

v tnh hiu dng, thng lng (throughput) v bo mt so snh vi mng c dy.

Nm 2003, IEEE cng b thm mt s ci tin l chun 802.11g m c th

truyn nhn thng tin c hai dy tn 2.4Ghz v 5Ghz v c th nng tc truyn d

liu ln n 54Mbps. Thm vo , nhng sn phm p dng 802.11g cng c th tng

thch ngc vi cc thit b chun 802.11b.

II. CC THIT B C BN V NG DNG CA H THNG WLAN

1. Cc thit b c bn

1.1 Card mng khng dy(Wireless NIC)

Card mng khng dy giao tip giao tip my tnh vi mng khng giy bngcch iu ch tn hiu d liu vi chui tri ph v thc hin mt giao thc truy nhp

cm ng sng mang.

Hnh 1: Card mng khng dy

1.2 Cc im truy cp (access point)

Cc im truy cp khng dy AP(ACCESS POINT) to ra cc vng ph sng,

ni cc nt di ng ti cc c s h tng LAN c dy m cn lc lu lng v thc hin

chc nng cu ni vi cc tiu chun khc. Cc im truy cp trao i vi nhau qua

mng hu tuyn qun l cc nt di ng.

Hnh 2: Access Point

7


8/32

1.3 Bridge khng dy(wbridge)

Wbridge (Bridge khng dy) tng t nh cc im truy cp khng dy tr

trng hp chng c s dng cho cc knh bn ngoi. Wbridge c thit k ni

cc mng vi nhau, c bit trong cc ta nh c khong cch xa ti 32 km. Wbridge c

th lc lu lng v m bo rng cc h thng mng khng dy c kt ni tt m

khng b mt lu lng cn thit.

Hnh 3: Wbridge

1.4 Cc router im truy cp(Access point router)

Mt AP router l mt thit b kt hp cc chc nng ca mt Access Point v

mt router. Khi l Access Point, n truyn d liu gia cc trm khng dy vmt mng hu tuyn cng nh l gia cc trm khng dy. Khi l router, n hot ng

nh l im lin kt gia hai hay nhiu mng c lp, hoc gia mt mng bn trong v

mt mng bn ngoi.

8


9/32

Hnh 4: Access point router

2. Cc ng dng ca h thng

Mng WLAN l k thut thay th cho mng LAN hu tuyn, n cung cp mng

cui cng vi khong cch kt ni ti thiu gia mt mng xng sng v mng trong

nh hoc ngi dng di ng trong cc c quan

tin tng cao trong ni mng ca cc doanh nghip v s tng trng mnh

m ca mng Internet v cc dch v trc tuyn l bng chng mnh m i vi li ch

ca d liu v ti nguyn dng chung. Vi mng WLAN, ngi dng truy cp thng tin

dng chung m khng tm kim ch cm vo, v cc nh qun l mng thit lp hoc

b sung mng m khng lp t hoc di chuyn dy ni. .

u im:

Kh nng lu ng ci thin hiu sut v dch v - Cc h thng mng WLAN

cung cp s truy cp thng tin thi gian thc ti bt c u cho ngi dng mng

trong t chc ca h. Kh nng lu ng ny h tr cc c hi v hiu sut v

dch v m mng ni dy khng th thc hin c.

n gin v tc nhanh trong ci t- Ci t h thng mng WLAN nhanh

v d dng v loi tr nhu cu ko dy qua cc tng v cc trn nh.

Linh hot trong ci t - Cng ngh khng dy cho php mng i n cc ni

m mng ni dy khng th.

9


10/32

Gim bt gi thnh s hu - Trong khi u t ban u ca phn cng cn cho

mng WLAN c gi thnh cao hn cc chi ph phn cng mng LAN hu tuyn,

nhng chi ph ci t ton b v gi thnh tnh theo tui th thp hn ng k.

Cc li ch v gi thnh tnh theo tui th l ng k trong mi trng nng ng

yu cu thng xuyn di chuyn, b sung, v thay i.

Tnh linh hot- Cc h thng mng WLAN c nh hnh theo cc kiu topo

khc nhau p ng cc nhu cu ca cc ng dng v cc ci t c th. Cu

hnh mng d thay i t cc mng c lp ph hp vi s nh ngi dng n

cc mng c s h tng vi hng nghn ngi s dng trong mt vng rng ln.

Kh nng v hng:cc mng my tnh khng dy c th c cu hnh theo

cc topo khc nhau p ng cc nhu cu ng dng v lp t c th.

Bng so snh u v nhc im gia mng khng dy v c dy

Mng c dy: Mng khng dy:

Phm vi ng dng

- C th ng dng trong tt c cc m

hnh mng nh, trung bnh, ln, rt ln

- Gp kh khn nhng ni xa xi, a

hnh phc tp, nhng ni khng n nh,

kh ko dy, ng truyn

- Ch yu l trong m hnh mng nh v

trung bnh, vi nhng m hnh ln phikt hp vi mng c dy

- C th trin khai nhng ni khng

thun tin v a hnh, khng n nh,

khng trin khai mng c dy c

phc tp k thut

- phc tp k thut ty thuc tng

loi mng c th

- Kh nng thit lp phc tp.

- phc tp k thut ty thuc tng

loi mng c th

- Xu hng to kh nng thit lp cc

thng s truyn sng v tuyn ca thit b

ngy cng n gin hn

tin cy

- Kh nng chu nh hng khch quan

bn ngoi nh thi tit, kh hu tt

- B nh hng bi cc yu t bn ngoi

nh mi trng truyn sng, can nhiudo thi tit

10


11/32

- Chu nhiu cuc tn cng a dng, phc

tp, nguy him ca nhng k ph hoi v

tnh v c tnh

- t nguy c nh hng sc khe

- Chu nhiu cuc tn cng a dng, phc

tp, nguy him ca nhng k ph hoi v

tnh v c tnh, nguy c cao hn mng c

dy

- Cn ang tip tc phn tch v kh nng

nh hng n sc khe

Lp t, trin khai

- Lp t, trin khai tn nhiu thi gian

v chi ph.

- Lp t, trin khai d dng, n gin,

nhanh chng.Tnh linh hot, kh nng thay i, pht trin

- V l h thng kt ni c nh nn tnh

linh hot km, kh thay i, nng cp,pht trin.

- V l h thng kt ni di ng nn rt

linh hot, d dng thay i, nng cp,pht trin.

Gi c

- Gi c ty thuc vo tng m hnh

mng c th.

- Thng th gi thnh thit b cao hn so

vi ca mng c dy. Nhng xu hng

hin nay l cng ngy cng gim s

chnh lch v gi.

III. CC CHUN THNG DNG CA WIRELESS LAN

1. Cc chun IEEE 802.11

Trong lc Hip hi Wi-Fi (Wi-Fi Alliance) cc t chc v cc nh sn xut thit

b mng my tnh ang cng bn tho cho ra i cc c t k thut cui cng cho

chun 802.11n y ha hn, chng ta cng nhn li qu trnh hnh thnh v pht trinca cc chun Wi-Fi. Hiu r cc c im ca tng chun, chng ta s c ci nhn r

rng hn, chn la cho mnh mt sn phm "ng " hn, ph hp hn vi nhu cu s

dng v ti tin. Sau y l cc chun Wi-Fi thi "khai sinh" n nay.

1.1 Chun 802.11

Nm 1997, Vin k s in v in t (IEEE- Institute of Electrical and

Electronics Engineers) a ra chun mng ni b khng dy (WLAN Wireless LAN)u tin c gi l 802.11 theo tn ca nhm gim st s pht trin ca chun ny.

11


12/32

Lc ny, 802.11 s dng tn s 2,4GHz v dng k thut tri ph trc tip (Direct-

Sequence Spread Spectrum-DSSS) nhng ch h tr bng thng ti a l 2Mbps tc

kh chm cho hu ht cc ng dng. V l do , cc sn phm chun khng dy ny

khng cn c sn xut na.

1.2 Chun 802.11b

T thng 6 nm 1999, IEEE bt u m rng chun 802.11 ban u v to ra cc

c t k thut cho 802.11b. Thit b router hay access point s dng chun 802.11b h

tr bng thng ln n 11Mbps, ngang vi tc mng ni b Ethernet thi by gi?y l chun WLAN u tin c chp nhn trn th trng, s dng tn s 2,4 GHz.

Chun 802.11b s dng k thut iu ch kha m b(Complementary Code Keying -

CCK) v dng k thut tri ph trc tip ging nh chun 802.11 nguyn bn. Vi li

th v tn s (bng tn nghip d ISM 2,4GHz), cc hng sn xut s dng tn s ny

gim chi ph sn xut.

Nhng khi y, tnh trng "ln xn" li xy ra, 802.11b c th b nhiu do l vi

sng, in thoi m bng con v cc dng c khc cng s dng tn s 2,4GHz. Tuy

nhin, bng cch lp t 802.11b khong cch hp l s d dng trnh c nhiu. u

im ca 802.11b l gi thp, tm ph sng tt v khng d b che khut. Nhc im

ca 802.11b l tc thp; c th b nhiu bi cc thit b gia dng.

1.3 Chun 802.11a

Song hnh vi 802.11b, IEEE tip tc a ra chun m rng th hai cng da

vo 802.11 u tin - 802.11a. Chun 802.11a s dng tn s 5GHz, tc 54Mbps

trnh c can nhiu t cc thit b dn dng. ng thi, chun 802.11a cng s dng

k thut tri ph khc vi chun 802.11b - k thut tri ph theo phng php a phn

chia tn s trc giao (Orthogonal Frequency Division Multiplexing-OFDM). y c

coi l k thut tri hn so vi tri ph trc tip (DSSS). Do chi ph cao hn, 802.11a

thng ch c s dng trong cc mng doanh nghip, ngc li, 802.11b thch hp

hn cho nhu cu gia nh. Tuy nhin, do tn s cao hn tn s ca chun 802.11b nntn hin ca 802.11a gp nhiu kh khn hn khi xuyn tng v cc vt cn khc.

12


13/32

Do 802.11a v 802.11b s dng tn s khc nhau, hai cng ngh ny khng

tng thch vi nhau. Mt vi hng sn xut bt u cho ra i sn phm "lai"

802.11a/b, nhng cc sn phm ny ch n thun l cung cp 2 chun sng Wi-Fi cng

lc (my trm dng chun no th kt ni theo chun ).

u im ca 802.11a l tc nhanh; trnh xuyn nhiu bi cc thit b khc.

Nhc im ca 802.11a l gi thnh cao; tm ph sng ngn hn v d b che khut.

1.4 Chun 802.11g

Nm 2002 v 2003, cc sn phm WLAN h tr chun mi hn c gi l

802.11g ni ln trn th trng; chun ny c gng kt hp tt nht 802.11a v 802.11b.

Chun 802.11g h tr bng thng 54Mbps v s dng tn s 2,4GHz cho phm vi ph

sng ln hn. 802.11g tng thch ngc vi 802.11b, ngha l cc im truy cp

(access point AP) 802.11g s lm vic vi card mng Wi-Fi chun 802.11b...

Thng 7/2003, IEEE ph chun 802.11g. Chun ny cng s dng phng thc

iu ch OFDM tng t 802.11a nhng li dng tn s 2,4GHz ging vi chun

802.11b.

u im ca 802.11g l tc nhanh, tm ph sng tt v khng d b che

khut. Nhc im ca 802.11g l gi cao hn 802.11b; c th b nhiu bi ccthit b gia dng.

1.5 Chun 802.11n

Hnh 5: Edimax BR-6226n tch hp wifi chun N

Chun Wi-Fi mi nht trong danh mc Wi-Fi l 802.11n. 802.11n c thit k

ci thin tnh nng ca 802.11g vi tng bng thng c h tr bng cch tn dng

nhiu tn hiu khng dy v anten (gi l cng ngh MIMO-multiple-input andmultiple-output). Khi chun ny hon thnh, 802.11n s h tr tc ln n 100Mbps.

13


14/32

802.11n cng cho tm ph sng tt hn cc chun Wi-Fi trc nh tng cng tn

hiu. Cc thit b 802.11n s tng thch ngc vi 802.11g.

u im ca 802.11n l tc nhanh nht, vng ph sng tt nht; tr khng ln

hn chng nhiu t cc tc ng ca mi trng. Nhc im ca 802.11n l cha

c ph chun cui cng; gi cao hn 802.11g; s dng nhiu lung tn hiu c th

gy nhiu vi cc thit b 802.11b/g k cn.

2. Hiper lan

HyperLANHigh Performance Radio Lan theo chun ca Chu u l tng

ng vi cng ngh 802.11. HiperLAN loi 1 h tr bng thng 20Mbps, lm vic di tn 5GHz. HiperLAN 2 cng lm vic trn di tn ny nhng h tr bng thng ln

ti 54Mbps. Cng ngh ny s dng kiu kt ni hng i tng (connection

oriented ) h tr nhiu thnh phn m bo cht lng, m bo cho cc ng dng

Multimedia.

Hnh 6: Bng cc tiu chun ca ETSI HIPERLAN

14


15/32

IV. NGUYN L HOT NG CA MNG WIRELESS LAN

Mng WLAN s dng sng in t (v tuyn v tia hng ngoi) truyn thng

tin t im ny sang im khc m khng da vo bt k kt ni vt l no. Cc sng

v tuyn thng l cc sng mang v tuyn bi v chng thc hin chc nng phn pht

nng lng n gin ti my thu xa. D liu truyn c chng ln trn sng mang

v tuyn n c nhn li ng my thu. l s iu bin sng mang theo thngtin c truyn. Mt khi d liu c chng (c iu ch) ln trn sng mang v

tuyn, th tn hiu v tuyn chim nhiu hn mt tn s n, v tn s hoc tc

truyn theo bit ca thng tin bin iu c thm vo sng mang.

Nhiu sng mang v tuyn tn ti trong cng khng gian ti cng mt thi im

m khng nhiu vi nhau nu chng c truyn trn cc tn s v tuyn khc nhau.

nhn d liu, my thu v tuyn bt sng (hoc chn) mt tn s v tuyn xc nh trong

khi loi b tt c cc tn hiu v tuyn khc trn cc tn s khc.

Trong mt cu hnh mng WLAN tiu biu, mt thit b thu pht, c gi mt

im truy cp (AP - access point), ni ti mng ni dy t mt v tr c nh s dng

cp Ethernet chun. im truy cp (access point) nhn, lu vo b nh m, v truyn

d liu gia mng WLAN v c s h tng mng ni dy. Mt im truy cp n h tr

mt nhm nh ngi s dng v vn hnh bn trong mt phm vi vi mt ti vi chc

mt. im truy cp (hoc anten c gn ti n) thng thng c gn trn cao .Cc ngi dng u cui truy cp mng WLAN thng qua cc card giao tip

mng WLAN, m c thc hin nh cc card PC trong cc my tnh notebook, hoc

s dng card giao tip ISA hoc PCI trong cc my tnh bn, hoc cc thit b tch

hp hon ton bn trong cc my tnh cm tay. Cc card giao tip mng WLAN cung

cp mt giao din gia h iu hnh mng (NOS) v sng tri (qua mt anten). Bn

cht ca kt ni khng dy l trong sut vi NOS.

15


16/32

CHNG II : BO MT MNG WIRELESS LAN

I. MT S HNH THC TN CNG XM NHP PH BIN

Cc kiu tn cng trn mng WLAN

Hacker c th tn cng mng WLAN bng cc cch sau:

Passive Attack (eavesdropping)

Active Attack (kt ni, thm d v cu hnh mng)

Jamming Attack

Man-in-the-middle Attack

Cc phng php tn cng trn c th c phi hp vi nhau theo nhiu cch khc

nhau.

1. Passive Attack (eavesdropping)

Tn cng b ng (passive) hay nghe ln (eavesdropping) c l l mt phng

php tn cng WLAN n gin nht nhng vn rt hiu qu. Passive attack khng li

mt du vt no chng t c s hin din ca hacker trong mng v hacker khng

tht kt ni vi AP lng nghe cc gi tin truyn trn on mng khng dy. Phng

php ny cho php hacker gi khong cch vi mng, khng li du vt trong khi vn

lng nghe v thu thp c nhng thng tin qu gi.

C nhiu ng dng c kh nng thu thp c password t nhng da ch HTTP,

email, instant message, phin lm vic FTP, telnet. Nhng kiu kt ni trn u truyn

password theo dng clear text (khng m ha). Nhiu ng dng c th bt c

password hash (mt m c bm) truyn trn on mng khng dy gia client v

server lc client ng nhp vo. Hacker l th phm nhng nhng thng tin log c

16


17/32

li ch n ngi dng m hacker ng nhp vo. iu ny c th lm cho nhn vin

mt vic.

Hnh 7: S cch thc tn cng b ng (passive attack)

Mt hacker c th u trong bi u xe, dng nhng cng c t nhp

vo mng WLAN ca bn. Cc cng c c th l mt packet sniffer, hay mt s phn

mm hacking min ph c th crack c WEP key v ng nhp vo mng.2. Active Attack

Hacker c th tn cng ch ng (active) thc hin mt s tc v trn mng.

Mt cuc tn cng ch ng c th c s dng truy cp vo server v ly c

nhng d liu c gi tr hay s dng ng kt ni Internet ca doanh nghip thc

hin nhng mc ch ph hoi hay thm ch l thay i cu hnh ca h tng mng.

Bng cch kt ni vi mng khng dy thng qua AP, hacker c th xm nhp

su hn vo mng hoc c th thay i cu hnh ca mng. V d, mt hacker c th sa

i thm MAC address ca hacker vo danh sch cho php ca MAC filter trn AP

hay v hiu ha tnh nng MAC filter gip cho vic t nhp sau ny d dng hn.

Admin thm ch khng bit c thay i ny trong mt thi gian di nu nh khng

kim tra thng xuyn. Kiu tn cng ny c th lm cho ISP ca bn ngt kt ni email

ca bn v lm dng gi nhiu mail mc d khng phi li ca bn.

17


18/32

Hnh 8: S cch thc tn cng ch ng

i th cnh tranh c th mun c c danh sch khch hng ca bn cng vi

nhng thng tin lin h hay thm ch l bng lng c mc cnh tranh tt hn hay

ginh ly khch hng ca bn. Nhng kiu tn cng ny xy ra thng xuyn m adminkhng h hay bit.

Mt khi hacker c c kt ni khng dy vo mng ca bn, hn c th truy

cp vo server, s dng kt ni WAN, Internet hay truy cp n laptop, desktop ngi

dng.

3. Jamming (tn cng bng cch gy nghn)

Jamming l mt k thut c s dng ch n gin lm hng (shut down)

mng khng dy ca bn. Tng t nh nhng k ph hoi s dng tn cng DoS vo

mt web server lm nghn server th mng WLAN cng c th b shut down bng

cch gy nghn tn hiu RF. Nhng tn hiu gy nghn ny c th l c hay v v c

th loi b c hay khng loi b c. Khi mt hacker ch ng tn cng jamming,

hacker c th s dng mt thit b WLAN c bit, thit b ny l b pht tn hiu RF

cng sut cao hay sweep generator.

loi b kiu tn cng ny th yu cu u tin l phi xc nh c ngun tn

hiu RF. Vic ny c th lm bng cch s dng mt Spectrum Analyzer (my phn tch

ph). C nhiu loi Spectrum Analyzer trn th trng nhng bn nn dng loi cm

tay, dng pin cho tin s dng. Mt cch khc l dng cc ng dng Spectrum Analyzer

phn mm km theo cc sn phm WLAN cho client.

18


19/32

Hnh 9: S tn cng theo kiu gy nghn

Khi ngun gy ra jamming l khng th di chuyn c v khng gy hi nh

thp truyn thng hay cc h thng hp php khc th admin nn xem xt s dng dy

tn s khc cho mng WLAN. V d, nu admin chu trch nhim thit k v ci t

mng WLAN cho mi trng rng ln, phc tp th cn phi xem xt k cng. Nu nh

ngun nhiu RF tri rng hn 2.4 Ghz nh b m, l vi sng th admin nn s dng

nhng thit b theo chun 802.11a hot ng trong bng tn 5 Ghz UNII thay v s dng

nhng thit b 802.11b/g hot ng trong bng tn 2.4 Ghz s d b nhiu.

Jamming do v xut hin thng xuyn do nhiu thit b khc nhau chia s

chung bng tn 2.4 ISM vi mng WLAN. Jamming mt cch ch ng thng khngph bin lm, l do l bi v thc hin c jamming th rt tn km, gi ca thit b

rt mc tin, kt qu t c ch l tm thi shut down mng trong thi gian ngn.

4. Man-in-the-middle Attack

Tn cng theo kiu Man-in-the-middle l trng hp trong hacker s dng

mt AP nh cp cc node di ng bng cch gi tn hiu RF mnh hn AP hp

php n cc node .

Hnh 10: S tn cng theo kiu Man-in-the-Middle Attack.

19


20/32

lm cho client kt ni li n AP gi mo th cng sut pht ca AP gi mo

phi cao hn nhiu so vi AP hp php trong vng ph sng ca n. Vic kt ni li vi

AP gi mo c xem nh l mt phn ca roaming nn ngi dng s khng h bit

c. Vic a ngun nhiu ton knh (all-band interference - chng hn nh bluetooth)

vo vng ph sng ca AP hp php s buc client phi roaming.

Nhiu khi, tn cng Man-in-the-middle c thc hin ch vi mt laptop v 2

PCMCIA card. Phn mm AP chy trn my laptop ni PC card c s dng nh l

mt AP v mt PC card th 2 c s dng kt ni laptop n AP hp php gn .

Trong cu hnh ny, laptop chnh l man-in-the-middle (ngi gia), hot ng gia

client v AP hp php. T hacker c th ly c nhng thng tin gi tr bng cch

s dng cc sniffer trn my laptop.

im ct yu trong kiu tn cng ny l ngi dng khng th nhn bit c.

V th, s lng thng tin m hacker c th thu c ch ph thuc vo thi gian m

hacker c th duy tr trng thi ny trc khi b pht hin. Bo mt vt l (Physical

security) l phng php tt nht chng li kiu tn cng ny.

II. CC PHNG PHP BO MT CHO MNG WIRELESS LAN

1. Nhng nguy c bo mt trong WLAN bao gm

Cc thit b c th kt ni ti nhng Access Point ang broadcast SSID.

Hacker s c gng tm kim cc phng thc m ho ang c s dng trong

qu trnh truyn thng tin trn mng, sau c phng thc gii m ring v ly

cc thng tin nhy cm.

Ngi dng s dng Access Point ti gia nh s khng m bo tnh bo mt

nh khi s dng ti doanh nghip.

2. bo mt mng WLAN, bn cn thc hin qua cc bc sau

Ch c nhng ngi dng c xc thc mi c kh nng truy cp vo mngthng qua cc Access Point.

Cc phng thc m ho c p dng trong qu trnh truyn cc thng tin quantrng.

Bo mt cc thng tin v cnh bo nguy c bo mt bng h thng IDS v IPS.

20


21/32

Ban u, IEEE 802.11 s dng gii php bo mt bng nhng kho tnh (static

keys) cho c qu trnh m ho v xc thc. Phng thc xc thc nh vy l khng

mnh, cui cng c th b tn cng. Bi v cc kho c qun l v khng thay i,

iu ny khng th p dng trong mt gii php doanh nghip ln c.

Cisco gii thiu v cho php s dng IEEE 802.1x l giao thc xc thc v s

dng kho ng (dynamic keys), bao gm 802.1x Extensible Authentication Protocol

(EAP). Cisco cng gii thiu phng thc chng li vic tn cng bng cch s dng

qu trnh bm (hashing) (Per Packet Key PPK) v Message Integrity Check (MIC).

Phng thc ny c bit n nh Cisco Key Integrity Protocol (CKIP) v Cisco

Message Integrity Check (CMIC).

Cc t chc chun 802.11 bt u tin hnh vic nng cp bo mt cho mng

WLAN. Wi-Fi Alliance gii thiu gii php WPA (Wi-Fi Protected Access). WPA

c s dng cho vic xc thc ngi dng, MIC, Temporal Key Integrity Protocol

(TKIP), v Dynamic Keys. N tng t nh phng thc ca Cisco nhng cch thc

hin c khc i cht.

WPA cng bao gm mt passphrase hay preshared key cho ngi dng h xc

thc trong gii php bo mt trong gia nh, nhng khng c s dng cho gii phpdoanh nghip.

Ngy nay , IEEE 802.11i nng cp v Advanced Encryption Standard (AES)

thay th cho WEP v l phng thc bo mt mi nht v bo mt nht trong m ho

d liu. Wireless IDS hin nay c vi vai tr nhn din v bo v h thng WLAN

trc nhng tn cng. Wi-Fi Alliance 802.11i lm vic v s dng nh WPA2.

Cc Access Point gi broadcast mt hoc nhiu SSIDs, hay data rates, v mt sthng tin. Cc thit b Wi-Fi c th scan tt c cc knh v tm truy cp vo bt k mng

no m h scan ra c t nhng Access Point.

Client s thng kt ni ti nhng Access Point m tn hiu mnh nht. Nu tn

hiu yu, client tip tc scan ti mt Access Point khc (trong trng hp Roaming).

Trong qu trnh kt ni, SSID, a ch MAC v cc thit lp bo mt c gi t client

ti Access Point v kim tra bi Access Point.

21


22/32

Ngi dung c xc thc thng qua giao thc 802.1x. Vi chun 802.1x hay

EAP cn thit trn WLAN client. Access Point cng c th nh mt my ch p ng

vic xc thc cho ngi dng, hoc c th lien kt ti my ch RADIUS nh xc thc

h, hoc c th lm vic vi Cisco Secure ACS. Lightweight Access Point s giao tip

vi WLAN controller, v n lm vic nh mt my ch xc cung cp xc thc cho cc

users.

Client v my ch cung cp xc thc trin khai vi hai phin bn EAP khc

nhau. Thng tin EAP s c truyn t Access point ti my ch xc thc.

Sau khi xc thc song WLAN client, d liu s c m ho trc khi truyn i.

V c bn phng thc m ho da vo thut ton RC4 c s dng bt u t WEP.

TKIP s dng m ho RC4 c tng cng bo mt hn v vi nhiu bt m ho hn

v c kho tch hp cho mi packet (key per packet PPK). AES c thay th cho RC4

vi thut ton bo mt cao cp hn. WPA s dng TKIP, trong khi WPA2 s dng AES

hay TKIP.

3. S khc nhau gia cc dng WLANs

Vi ngi dng s dng mng WLAN cho gia nh, mt phng thc bo

mt vi WPA passphare hay preshared key c khuyn co s dng.

Vi gii php doanh nghip, ti u qu trnh bo mt vi 802.1x EAP

lm phng thc xc thc v TKIP hay AES lm phng thc m ho. c da

theo chun WPA hay WPA2 v 802.11i security.

K tn cng c th tn cng mng WLAN khng bo mt bt c lc no.

22


23/32

CHNG III: THIT K, CU HNH MNG WLAN

I. CC THIT B H TNG CA MNG WLAN

1. im truy cp: AP(Access Point)

Cung cp cho cc my khch(client) mt im truy cp vo mng "Ni m cc

my tnh dng wireless c th vo mng ni b ca cng ty". AP l mt thit b song

cng(Full duplex) c mc thng minh tng ng vi mt chuyn mch Ethernet

phc tp(Switch).

Hnh 11: Hot ng caAP n gin

2. Cc ch hot ng ca AP

AP c th giao tip vi cc my khng dy, vi mng c dy truyn thng v vi

cc AP khc. C 3 Mode hot ng chnh ca AP:

Ch gc (Root mode): Root mode c s dng khi AP c kt ni vi

mng backbone c dy thng qua giao din c dy (thng l Ethernet) ca n. Hu ht

cc AP s h tr cc mode khc ngoi root mode, tuy nhin root mode l cu hnh mc

nh. Khi mt AP c kt ni vi phn on c dy thng qua cng Ethernet ca n,

n s c cu hnh hot ng trong root mode. Cc client khng dy c th giao tip

vi cc client khng dy khc nm trong nhng cell ( t bo, hay vng ph sng ca

AP) khc nhau thng qua AP tng ng m chng kt ni vo, sau cc AP ny s

giao tip vi nhau thng qua phn on c dy,nh v d trong hnh 12.

23


24/32

Hnh 12: M hnh Root mode

Ch cu ni(bridge Mode): Trong Bridge mode, AP hot ng hon

ton ging vi mt cu ni khng dy. AP s tr thnh mt cu ni khng dy khi c

cu hnh theo cch ny. Ch mt s t cc AP trn th trng c h tr chc nng

Bridge, iu ny s lm cho thit b c gi cao hn ng k. Chng ta s gii thch mt

cch ngn gn cu ni khng dy hot ng nh th no, t hnh 13: Client khng kt

ni vi cu ni, nhng thay vo , cu ni c s dng kt ni 2 hoc nhiu on

mng c dy li vi nhau bng kt ni khng dy.

Hnh 12: M hnh Bridge Mode.

24


25/32

Ch lp(repeater mode): AP c kh nng cung cp mt ng kt ni

khng dy upstream vo mng c dy thay v mt kt ni c dy bnh thng. Mt AP

hot ng nh l mt root AP v AP cn li hot ng nh l mt Repeater khng

dy. AP trong repeater mode kt ni vi cc client nh l mt AP v kt ni vi

upstream AP nh l mt client.

Hnh 13: M hnh Repeater Mode Hnh 14: Mt repeater

3. Cc thit b my khch trong mng WLAN

1.1 Card PCI Wireless

L thnh phn ph bin nht trong WLAN. Dng kt ni cc my khch vo

h thng mng khng dy. c cm vo khe PCI trn my tnh. Loi ny c s

dng ph bin cho cc my tnh bn(desktop) .

25


26/32

Hnh 15: Card PCI Wireless

1.2 Card PCMCIA Wireless

Trc y c s dng trong cc my tnh xch tay(laptop) . Hin nay nh s

pht trin ca cng ngh t c s dng v my tnh xch tay u c tch hp snCard Wireless bn trong thit b.

.

Hnh 16: Card PCMCIA Wireless.

1.3 USB Wireless

Loi rt c u chung hin nay dnh cho cc thit b kt ni vo mng khngdy v tnh nng di ng v nh gn . C chc nng tng t nh Card PCI Wireless,

nhng h tr chun cm l USB (Universal Serial Bus). C th tho lp nhanh chng

(khng cn phi cm c nh nh Card PCI Wireless) v h tr cm khi my tnh ang

hot ng.

26


27/32

Hnh 17: USB Wireless

II. CU HNH AD-HOC MODE

Cu hnh bn di minh ha trong windows XP (trn Vista v Windows 7 cc

bn cu hnh tng t).

Click chut phi ti icon cu card wireless bn gc phi ca mn hnh chn View

available Wireless Network.

Ti tab Wireless Network Connection chnChange Advanced setting m

bng Wireless Network Connection Properties -> Chn tab Wireless Networks

27


28/32

Chn Add m ra bng wireless network properties. Ti y bn thit l p cc

thng s nh SSID, Network key, data encryption..... va check vao This is a

computer......are not used.

Sau bn thit l p cho mnh IP tinh, v d 192.168.0.1/ Subnet Mask

255.255.255.0. Thit l p my th 2,3.... ging my th 1 vi s IP cng lp mang.

Sau khi kch OK, bn s thy mng va to xut hin di Preferred Networks.

Mng lc ny vn b lit k vi mt ch x , y l iu ht sc bnh thng v bn

28


29/32

khng phi lo lng nhiu. N s ch thay i thnh Connected sau khi c mt my tnh

no nhp vo mng

KT LUN

Mng Wi-fi ngy cng tr nn thng dng ti Vit Nam vi cc u im nh victhit lp n gin, gi thnh ngy cng r v s dng tin li. Hin nay cng ngh

khng dy, nht l Wi-Fi hin ang c ng dng ngy cng mnh m trong i sng.

Nhng a s mi ngi u ch s dng Wi-Fi cc lnh vc lin quan n my tnh

m khng bit rng bng sng Wi-Fi, ngi dng dng my tnh iu khin h thng

n, qut, my lnh, l si, my ti, h thng nc Nhng vn quan trng nht

ca mng khng dy hin nay l s bo mt ca n cha c mt gii php no n nh.

Chng em s nghin cu thm cc l hng v cc cch tn cng mng WLAN tm ra

phng php bo mt hiu qu .

Cm n thy HUNH PHC DANH tn tnh gip chng em trong thi

gian thc hin ti v trong ny cng khng trnh khi nhng thiu st, mong thy

gp chng em c th hon thin tt hn.

29


30/32

Nhn xt ca ging vin hng dn

........................................................................................................................

30


31/32

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

....................................................................................................................................

TI LIU THAM KHO

CC WEBSITE

http://www.thegioiwifi.vn/forum/showthread.php?t=205

http://gamek.vn/c185n20101020101345983/cung-tim-hieu-ve-mang-khong-day-

wireless-lan.chn

http://ddth.com/showthread.php?p=754619

http://www.caicho.net/showthread.php?t=643,Wireless-LAN-la-gi

http://thegioimang.org/forum/mang-khong-day/856-gioi-thieu-ve-wireless-lan-wlan.htmlhttp://vi.wikipedia.org/wiki/LAN

31
http://www.thegioiwifi.vn/forum/showthread.php?t=205http://gamek.vn/c185n20101020101345983/cung-tim-hieu-ve-mang-khong-day-wireless-lan.chnhttp://gamek.vn/c185n20101020101345983/cung-tim-hieu-ve-mang-khong-day-wireless-lan.chnhttp://ddth.com/showthread.php?p=754619http://www.caicho.net/showthread.php?t=643,Wireless-LAN-la-gihttp://thegioimang.org/forum/mang-khong-day/856-gioi-thieu-ve-wireless-lan-wlan.htmlhttp://vi.wikipedia.org/wiki/LANhttp://www.thegioiwifi.vn/forum/showthread.php?t=205http://gamek.vn/c185n20101020101345983/cung-tim-hieu-ve-mang-khong-day-wireless-lan.chnhttp://gamek.vn/c185n20101020101345983/cung-tim-hieu-ve-mang-khong-day-wireless-lan.chnhttp://ddth.com/showthread.php?p=754619http://www.caicho.net/showthread.php?t=643,Wireless-LAN-la-gihttp://thegioimang.org/forum/mang-khong-day/856-gioi-thieu-ve-wireless-lan-wlan.htmlhttp://vi.wikipedia.org/wiki/LAN


32/32

http://www.wimaxpro.org/forum/showthread.php?t=85

http://vnexperts.net/bai-viet-ky-thuat/security/573-cac-phng-thc-bo-mt-mng-wlan.html

http://www.free4vn.org/f175/t37235/

http://www.quantrimang.com.vn/

http://www.cuocsongso.com/forum/

http://nhatnghe.com/

http://ictvietnam.net/forum/

http://www.adminvietnam.vn/
http://www.wimaxpro.org/forum/showthread.php?t=85http://vnexperts.net/bai-viet-ky-thuat/security/573-cac-phng-thc-bo-mt-mng-wlan.htmlhttp://www.free4vn.org/f175/t37235/http://www.quantrimang.com.vn/http://www.cuocsongso.com/forum/http://nhatnghe.com/http://ictvietnam.net/forum/http://www.adminvietnam.vn/http://www.wimaxpro.org/forum/showthread.php?t=85http://vnexperts.net/bai-viet-ky-thuat/security/573-cac-phng-thc-bo-mt-mng-wlan.htmlhttp://www.free4vn.org/f175/t37235/http://www.quantrimang.com.vn/http://www.cuocsongso.com/forum/http://nhatnghe.com/http://ictvietnam.net/forum/http://www.adminvietnam.vn/

do an qtm_hĐ-fix

Documents