keamanan jaringan
DESCRIPTION
secure networkTRANSCRIPT
-
IEEE 802.11 (Wireless Local area networkWLAN)
IEEE 802.15 (Wireless Personal area network WPAN)
IEEE 802.16 (Wireless Metropolitan area IEEE 802.16 (Wireless Metropolitan area network - WMAN)
IEEE 802.20 (Wireless Mobility)
IEEE 802.21 (Hand-off/Interoperability Between Networks)
IEEE 802.22 (Wireless Regional area network WRAN).
IEEE 802.11 (Wireless Local area network-
IEEE 802.15 (Wireless Personal area network -
IEEE 802.16 (Wireless Metropolitan area IEEE 802.16 (Wireless Metropolitan area
IEEE 802.20 (Wireless Mobility)
off/Interoperability
IEEE 802.22 (Wireless Regional area network -
-
Peer-to-peer
LAN
Hotspots
-
Point-to-point bridge
Point-to-multipoint bridge
Ethernet to wireless bridge
point bridge
multipoint bridge
Ethernet to wireless bridge
-
WLAN menggunakanradio (RF) untuk mengirimdata melalui udara,didefinisikan oleh standaryaitu IEEE 802.11.yaitu IEEE 802.11.
menggunakan teknologi frekuensimengirim dan menerima
udara, dengan cara yangstandar untuk wireless
-
Wireless end stations
Access points
Basic service sets
Wireless end stations
-
Laptop, komputer, printer dllLaptop, komputer, printer dll
-
Bertindak sebagai penghubung antara WLAN dengan Wired LANBertindak sebagai penghubung antara WLAN dengan Wired LAN
-
logical component of wireless architecture.logical component of wireless architecture.
-
The station broadcasts a probe request frame on every channel, allowing the station to quickly locate either a specific station (via SSID) or any WLAN within range.
Access points within range respond with a Access points within range respond with a probe response frame. The response is from the access point in an infrastructure BSS.
The client decides which access point (AP) is the best for access and sends an authentication request.
The station broadcasts a probe request frame on every channel, allowing the station to quickly locate either a specific station (via SSID) or any WLAN within range.
Access points within range respond with a Access points within range respond with a probe response frame. The response is from the access point in an infrastructure BSS.
The client decides which access point (AP) is the best for access and sends an authentication request.
-
The access point sends an authentication reply. This response includes an authentication algorithm ID for open systems.
Upon successful authentication, the client Upon successful authentication, the client sends an association request frame to the access point. This is an important step to ensure that anyone who wants to send data to the wireless station knows to send data through the access point.
The access point replies with an association response.
The access point sends an authentication reply. This response includes an authentication algorithm ID for open
Upon successful authentication, the client Upon successful authentication, the client sends an association request frame to the access point. This is an important step to ensure that anyone who wants to send data to the wireless station knows to send data through the access point.The access point replies with an association response.
-
SSID Vulnerabilities
Open Authentication Vulnerabilities
Shared Authentication Vulnerabilities
WEP Protocol VulnerabilitiesWEP Protocol Vulnerabilities
Open Authentication Vulnerabilities
Shared Authentication Vulnerabilities
WEP Protocol VulnerabilitiesWEP Protocol Vulnerabilities
-
Confidentiality
Access control
Data integrity
-
The client sends an authentication request to the access point requesting shared key authentication.
The access point uses the WEP algorithm to generate a random number used in the authentication response containing a challenge authentication response containing a challenge text.
The client uses its locally configured WEP key to encrypt the challenge text and reply with a subsequent authentication request.
If the access point can decrypt the authentication request and retrieve the original challenge text, it responds with an authentication response that grants the client access.
The client sends an authentication request to the access point requesting shared key
The access point uses the WEP algorithm to generate a random number used in the authentication response containing a challenge authentication response containing a challenge
The client uses its locally configured WEP key to encrypt the challenge text and reply with a subsequent authentication request. If the access point can decrypt the authentication request and retrieve the original challenge text, it responds with an authentication response that grants the client access.
-
Authentication framework
Authentication algorithm
Data privacy or encryption algorithm
Authentication framework
Authentication algorithm
Data privacy or encryption algorithm
-
Access point recommendations: Enable centralized user authentication (RADIUS, TACACS+) for the management interface.
Consider using Simple Network Management Protocol (SNMP) Read Only if your management infrastructure (SNMP) Read Only if your management infrastructure allows it.
Enable wireless frame encryption where available.
Physically secure the access point.
Access point recommendations:Enable centralized user authentication (RADIUS, TACACS+) for the management interface.
Consider using Simple Network Management Protocol (SNMP) Read Only if your management infrastructure (SNMP) Read Only if your management infrastructure
Enable wireless frame encryption where available.
Physically secure the access point.
-
Station recommendations:
Enable wireless frame encryption where available.
Use password protection for all your wireless devices.devices.
Building
Use WIPS to detect unauthorized Access Point
Station recommendations:
Enable wireless frame encryption where
Use password protection for all your wireless
Use WIPS to detect unauthorized Access Point