Báo cáo word wlan

8/3/2019 Bo co word wlan

1/31

Mc LcI.Gii thiu v Wireless Lan.

1. Wireless l g?....................................................................................22. Lch s ra i..2

II. Cc m hnh WLAN

1.M hnh mng c lp.3

2.M hnh mng c s3

3.M hnh mng m rng...4

4.u nhc im ca WLAN.5

III. Cc thit b h tng mng WLAN.

1. im truy cpAP...............................................................................6

2. Cc ch hot ng caAP.............................................................7

IV. Bo mt...10

V. Cc gii php bo mt..14

VI . M Ha...17

VII. Cc kiu tn cng trong mng WLAN...20

VIII. Wireless IDS.

1. Khi nim..24

Cng Ngh Mng 1


2/31

2. Nhim v ca IDS.25

3.M hnh hot ng ca IDS...25

I. Gii thiu v WIRELESS LAN(WLAN):

1. Wireless LAN l g?

WLAN l mt loi mng my tnh nhng vic kt ni gia cc thnh phn trong mng khng sdng cc loi cp nh mt mng thng thng, mi trng truyn thng ca cc thnh phntrong mng l khng kh. Cc thnh phn trong mng s dng sng in t truyn thng vinhau.

2. Lch s ra i:

Cng ngh WLAN ln u tin xut hin vo cui nm 1990, khi nhng nh sn xut giithiu nhng sn phm hot ng trong bng tn 900Mhz. Nhng gii php ny (khng cthng nht gia cc nh sn xut) cung cp tc truyn d liu 1Mbps, thp hn nhiu so vi

tc 10Mbps ca hu ht cc mng s dng cp hin thi.

Nm 1992, nhng nh sn xut bt u bn nhng sn phm WLAN s dng bng tn2.4Ghz. Mc du nhng sn phm ny c tc truyn d liu cao hn nhng chng vn lnhng gii php ring ca mi nh sn xut khng c cng b rng ri. S cn thit cho vichot ng thng nht gia cc thit b nhng dy tn s khc nhau dn n mt s t chc btu pht trin ra nhng chun mng khng dy chung.

Nm 1997, Institute of Electrical and Electronics Engineers(IEEE) ph chun s ra i cachun 802.11, v cng c bit vi tn gi WIFI (Wireless Fidelity) cho cc mng WLAN.

Chun 802.11 h tr ba phng php truyn tn hiu, trong c bao gm phng php truyntn hiu v tuyn tn s 2.4Ghz.

Nm 1999, IEEE thng qua hai s b sung cho chun 802.11 l cc chun 802.11a v 802.11b(nh ngha ra nhng phng php truyn tn hiu). V nhng thit b WLAN da trn chun802.11b nhanh chng tr thnh cng ngh khng dy vt tri. Cc thit b WLAN 802.11btruyn pht tn s 2.4Ghz, cung cp tc truyn d liu c th ln ti 11Mbps. IEEE 802.11b

Cng Ngh Mng 2


3/31

c to ra nhm cung cp nhng c im v tnh hiu dng, thng lng (throughput) v bomt so snh vi mng c dy.

Nm 2003, IEEE cng b thm mt s ci tin l chun 802.11g m c th truyn nhn thngtin c hai dy tn 2.4Ghz v 5Ghz v c th nng tc truyn d liu ln n 54Mbps. Thmvo , nhng sn phm p dng 802.11g cng c th tng thch ngc vi cc thit b chun802.11b. Hin nay chun 802.11g t n tc 108Mbps-300Mbps.

II. Cc m hnh mng WLAN:

1. M hnh mng c lp (Independent Basic Service sets (IBSSs) ):

Cc nt di ng(my tnh c h tr card mng khng dy) tp trung li trong mt khnggian nh hnh thnh nn kt ni ngang cp (peer-to-peer) gia chng. Cc nt di ng c

card mng wireless l chng c th trao i thng tin trc tip vi nhau , khng cn phiqun tr mng. V cc mng ad-hoc ny c th thc hin nhanh v d dng nn chng thngc thit lp m khng cn mt cng c hay k nng c bit no v vy n rt thch hp s dng trong cc hi ngh thng mi hoc trong cc nhm lm vic tm thi. Tuy nhinchng c th c nhng nhc im v vng ph sng b gii hn, mi ngi s dng uphi nghe c ln nhau.

Cng Ngh Mng 3


4/31

2.M hnh mng c s(Basic service sets (BSSs) ):

Bao gm cc im truy nhp AP (Access Point) gn vi mng ng trc hu tuyn v giaotip vi cc thit b di ng trong vng ph sng ca mt cell. AP ng vai tr iu khin cell viu khin lu lng ti mng. Cc thit b di ng khng giao tip trc tip vi nhau m giaotip vi cc AP.Cc cell c th chng ln ln nhau khong 10-15 % cho php cc trm di ngc th di chuyn m khng b mt kt ni v tuyn v cung cp vng ph sng vi chi ph thpnht. Cc trm di ng s chn AP tt nht kt ni. Mt im truy nhp nm trung tm cth iu khin v phn phi truy nhp cho cc nt tranh chp, cung cp truy nhp ph hp vimng ng trc, n nh cc a ch v cc mc u tin, gim st lu lng mng, qun lchuyn i cc gi v duy tr theo di cu hnh mng. Tuy nhin giao thc a truy nhp tp trungkhng cho php cc nt di ng truyn trc tip ti nt khc nm trong cng vng vi im truynhp nh trong cu hnh mng WLAN c lp. Trong trng hp ny, mi gi s phi c phti 2 ln (t nt pht gc v sau l im truy nhp) trc khi n ti nt ch, qu trnh ny slm gim hiu qu truyn dn v tng tr truyn dn.

Cng Ngh Mng 4


5/31

3.M hnh mng m rng ( Extended Service Set (ESSs)): Mng 802.11 m rng phm vi di ng ti mt phm vi bt k thng qua ESS. Mt ESSs lmt tp hp cc BSSs ni m cc Access Point giao tip vi nhau chuyn lu lng t mtBSS ny n mt BSS khc lm cho vic di chuyn d dng ca cc trm gia cc BSS,Access Point thc hin vic giao tip thng qua h thng phn phi. H thng phn phi l mtlp mng trong mi Access Point m n xc nh ch n cho mt lu lng c nhn t mtBSS. H thng phn phi c tip sng tr li mt ch trong cng mt BSS, chuyn tip trnh thng phn phi ti mt Access Point khc, hoc gi ti mt mng c dy ti ch khng nmtrong ESS. Cc thng tin nhn bi Access Point t h thng phn phi c truyn ti BSS s

c nhn bi trm ch.

Cng Ngh Mng 5


6/31

4.u im v nhc dim ca WLAN:

a. u im:

+ S tin li: Mng khng dy cng nh h thng mng thng thng. N cho php ngidng truy xut ti nguyn mng bt k ni u trong khu vc c trin khai(nh hay vnphng). Vi s gia tng s ngi s dng my tnh xch tay(laptop), l mt iu rt thun li.

+ Kh nng di ng: Vi s pht trin ca cc mng khng dy cng cng, ngi dng c thtruy cp Internet bt c u. Chng hn cc qun Cafe, ngi dng c th truy cp Internetkhng dy min ph.

Cng Ngh Mng 6


7/31

+ Hiu qu: Ngi dng c th duy tr kt ni mng khi h i t ni ny n ni khc.

+ Trin khai: Vic thit lp h thng mng khng dy ban u ch cn t nht 1 access point.Vi mng dng cp, phi tn thm chi ph v c th gp kh khn trong vic trin khai h thngcp nhiu ni trong ta nh.

+ Kh nng m rng: Mng khng dy c th p ng tc th khi gia tng s lng ngidng. Vi h thng mng dng cp cn phi gn thm cp.

b. Nhc im ca WLAN:

+ Bo mt: Mi trng kt ni khng dy l khng kh nn kh nng b tn cng ca ngidng l rt cao.

+ Phm vi: Mt mng chun 802.11g vi cc thit b chun ch c th hot ng tt trongphm vi vi chc mt. N ph hp trong 1 cn nh, nhngvi mt ta nh ln th khng p ng

c nhu cu. p ng cn phi mua thm Repeater hay access point, dn n chi ph giatng.

+ tin cy: V s dng sng v tuyn truyn thng nn vic b nhiu, tn hiu b gim dotc ng ca cc thit b khc(l vi sng,.) l khng trnh khi. Lm gim ng k hiu quhot ng ca mng.

+ Tc : Tc ca mng khng dy (1- 125 Mbps) rt chm so vi mng s dngcp(100Mbps n hng Gbps).

III. Cc thit b h tng khng dy:

1. im truy cp: AP(access point):

Cung cp cho cc my khch(client) mt im truy cp vo mng "Ni m cc my tnhdng wireless c th vo mng ni b ca cng ty". AP l mt thit b song cng(Fullduplex) c mc thng minh tng ng vi mt chuyn mch Ethernet phctp(Switch).

Cng Ngh Mng 7


8/31

2. Cc ch hot ng ca AP:

AP c th giao tip vi cc my khng dy, vi mng c dy truyn thng v vi cc APkhc. C 3 Mode hot ng chnh ca AP:

+ Ch gc (Root mode): Root mode c s dng khi AP c kt ni vi mng backbonec dy thng qua giao din c dy (thng l Ethernet) ca n. Hu ht cc AP s h tr ccmode khc ngoi root mode, tuy nhin root mode l cu hnh mc nh. Khi mt AP c kt nivi phn on c dy thng qua cng Ethernet ca n, n s c cu hnh hot ng trongroot mode. Khi trong root mode, cc AP c kt ni vi cng mt h thng phn phi c dyc th ni chuyn c vi nhau thng qua phn on c dy. Cc client khng dy c th giao

Cng Ngh Mng 8


9/31

tip vi cc client khng dy khc nm trong nhng cell ( t bo, hay vng ph sng ca AP)khc nhau thng qua AP tng ng m chng kt ni vo, sau cc AP ny s giao tip vinhau thng qua phn on c dy.

+ Ch cu ni(bridge Mode): Trong Bridge mode, AP hot ng hon ton ging vi mtcu ni khng dy. AP s tr thnh mt cu ni khng dy khi c cu hnh theo cch ny. Chmt s t cc AP trn th trng c h tr chc nng Bridge, iu ny s lm cho thit b c gicao hn ng k. Chng ta s gii thch mt cch ngn gn cu ni khng dy hot ng nh thno.

Cng Ngh Mng 9


10/31

+ Ch lp(repeater mode): AP c kh nng cung cp mt ng kt ni khng dy upstreamvo mng c dy thay v mt kt ni c dy bnh thng. Mt AP hot ng nh l mt root APv AP cn li hot ng nh l mt Repeater khng dy. AP trong repeater mode kt ni vi ccclient nh l mt AP v kt ni vi upstream AP nh l mt client.

Cng Ngh Mng 10


11/31

IV Bo mt trong WLAN:1. Ti sao phi bo mt mng khng dy(WLAN):

kt ni ti mt mng LAN hu tuyn ta cn phi truy cp theo ng truyn bng dy cp,phi kt ni mt PC vo mt cng mng. Vi mng khng dy ta ch cn c my ca ta trongvng sng bao ph ca mng khng dy. iu khin cho mng c dy l n gin: ng truynbng cp thng thng c i trong cc ta nh cao tng v cc port khng s dng c th lmcho n disable bng cc ng dng qun l. Cc mng khng dy (hay v tuyn) s dng sng vtuyn xuyn qua vt liu ca cc ta nh v nh vy s bao ph l khng gii hn bn trongmt ta nh. Sng v tuyn c th xut hin trn ng ph, t cc trm pht t cc mng LANny, v nh vy ai c th truy cp nh thit b thch hp. Do mng khng dy ca mtcng ty cng c th b truy cp t bn ngoi ta nh cng ty ca h.

Cng Ngh Mng 11


12/31

cung cp mc bo mt ti thiu cho mng WLAN th ta cn hai thnh phn sau:

+ Cch thc xc nh ai c quyn s dng WLAN - yu cu ny c tha mn bng c chxc thc( authentication) .+ Mt phng thc cung cp tnh ring t cho cc d liu khng dy yu cu ny ctha mn bng mt thut ton m ha ( encryption).

Cng Ngh Mng 12


13/31

2. Bo mt mng khng dy(WLAN):

Mt WLAN gm c 3 phn: Wireless Client, Access Points v Access Server.

+ Wireless Client in hnh l mt chic laptop vi NIC (Network Interface Card) khng

dy c ci t cho php truy cp vo mng khng dy.+ Access Points (AP) cung cp s bao ph ca sng v tuyn trong mt vng no (c bit n nh l cc cell (t bo)) v kt ni n mng khng dy.+ Cn Access Server iu khin vic truy cp. Mt Access Server (nh l EnterpriseAccess Server (EAS) ) cung cp s iu khin, qun l, cc c tnh bo mt tin tin chomng khng dy Enterprise.

Mt b phn khng dy c th c kt ni n cc mng khng dy tn ti theo mts cch. Kin trc tng th s dng EAS trong Gateway Mode hay Controller Mode.Trong Gateway Mode ( hnh 3-4) EAS c t gia mng AP v phn cn li camng Enterprise. V vy EAS iu khin tt c cc lung lu lng gia cc mng khng

dy v c dy v thc hin nh mt tng la.

Cng Ngh Mng 13


14/31

Trong Controll Mode (hnh 3-3), EAS qun l cc AP v iu khin vic truy cp n mngkhng dy, nhng n khng lin quan n vic truyn ti d liu ngi dng. Trong ch ny,mng khng dy c th b phn chia thnh mng dy vi firewall thng thng hay tch hphon ton trong mng dy Enterprise. Kin trc WLAN h tr mt m hnh bo mt c thhin trn hnh 4. Mi mt phn t bn trong m hnh u c th cu hnh theo ngi qun lmng tha mn v ph hp vi nhng g h cn.

Cng Ngh Mng 14


15/31

+ Device Authorization: Cc Client khng dy c th b ngn chn theo a ch phn cng ca h(v d nh a ch MAC). EAS duy tr mt c s d liu ca cc Client khng dy c cho phpv cc AP ring bit kha hay lu thng lu lng ph hp.

+ Encryption: WLAN cng h tr WEP, 3DES v chun TLS(Transport Layer Sercurity) s

dng m ha trnh ngi truy cp trm. Cc kha WEP c th to trn mt per-user, persession basic.+Authentication: WLAN h tr s y quyn ln nhau (bng vic s dng 802.1x EAP-TLS)

bo m ch c cc Client khng dy c y quyn mi c truy cp vo mng. EAS s dngmt RADIUS server bn trong cho s y quyn bng vic s dng cc chng ch s. Cc chngch s ny c th t c t quyn chng nhn bn trong (CA) hay c nhp t mt CA bnngoi. iu ny tng ti a s bo mt v gim ti thiu cc th tc hnh chnh.

+Firewall: EAS hp nht packet filtering v port blocking firewall da trn cc chui IP. Viccu hnh t trc cho php cc loi lu lng chung c enable hay disable.

+VPN: EAS bao gm mt IPSec VPN server cho php cc Client khng dy thit lp ccsession VPN vng chc trn mng.

Cng Ngh Mng 15


16/31

V. Cc gii php bo mt:

1. WLAN VPN:

Mng ring o VPN bo v mng WLAN bng cch to ra mt knh che chn d liu khicc truy cp tri php. VPN to ra mt tin cy cao thng qua vic s dng mt c ch bo mt

nh IPSec (Internet Protocol Security). IPSec dng cc thut ton mnh nh Data EncryptionStandard (DES) v Triple DES (3DES) m ha d liu, v dng cc thut ton khc xcthc gi d liu. IPSec cng s dng th xc nhn s xc nhn kha m (public key). Khic s dng trn mng WLAN, cng kt ni ca VPN m nhn vic xc thc, ng gi v mha.

2. TKIP (Temporal Key Integrity Protocol)

L gii php ca IEEE c pht trin nm 2004. L mt nng cp cho WEP nhm v nhngvn bo mt trong ci t m dng RC4 trong WEP. TKIP dng hm bm(hashing) IV chng li vic gi mo gi tin, n cng cung cp phng thc kim tra tnh ton vn cathng ip MIC(message integrity check ) m bo tnh chnh xc ca gi tin. TKIP s dngkha ng bng cch t cho mi frame mt chui s ring chng li dng tn cng gi mo.

3. AES(Advanced Encryption Standard)

L mt chc nng m ha c ph chun bi NIST(Nation Instutute of Standard andTechnology). IEEE thit k mt ch cho AES p ng nhu cu ca mng WLAN. Ch ny c gi l CBC-CTR(Cipher Block Chaining Counter Mode) vi CBC-MAC(CipherBlock Chaining Message Authenticity Check). T hp ca chng c gi l AES-CCM . Ch CCM l s kt hp ca m ha CBC-CTR v thut ton xc thc thng ip CBC-MAC. Skt hp ny cung cp c vic m ha cng nh kim tra tnh ton vn ca d liu gi.

Cng Ngh Mng 16


17/31

M ha CBC-CTR s dng mt bin m b sung cho chui kha. Bin m s tng ln 1sao khi m ha cho mi khi(block). Tin trnh ny m bo ch c duy nht mt kha cho mikhi. Chui k t cha c m ha s c phn mnh ra thnh cc khi 16 byte.

CBC-MAC hot ng bng cch s dng kt qu ca m ha CBC cng vi chiu di frame,a ch ngun, a ch ch v d liu. Kt qu s cho ra gi tr 128 bit v c ct thnh 64 bit

s dng lc truyn thng.AES-CCM yu cu chi ph kh ln cho c qu trnh m ha v kim tra tnh ton vn ca d

liu gi nn tiu tn rt nhiu nng lc x l ca CPU kh ln.

4 . 802.1x v EAP

802.1x l chun c t cho vic truy cp da trn cng(port-based) c nh ngha bi IEEE.Hot ng trn c mi trng c dy truyn thng v khng dy. Vic iu khin truy cp cthc hin bng cch: Khi mt ngi dng c gng kt ni vo h thng mng, kt ni ca ngidng s c t trng thi b chn(blocking) v ch cho vic kim tra nh danh ngi dng

hon tt.

Cng Ngh Mng 17


18/31

5. WPA (Wi-Fi Protected Access)

WEP c xy dng bo v mt mng khng dy trnh b nghe trm. Nhng nhanh chngsau ngi ta pht hin ra nhiu l hng cng ngh ny. Do , cng ngh mi c tn giWPA (Wi-Fi Protected Access) ra i, khc phc c nhiu nhc im ca WEP.

Trong nhng ci tin quan trng nht ca WPA l s dng hm thay i kho TKIP (Temporal

Key Integrity Protocol). WPA cng s dng thut ton RC4 nh WEP, nhng m ho y 128 bit. V mt c im khc l WPA thay i kho cho mi gi tin. Cc cng c thu thp ccgi tin ph kho m ho u khng th thc hin c vi WPA. Bi WPA thay i kho lintc nn hacker khng bao gi thu thp d liu mu tm ra mt khu.

Khng nhng th, WPA cn bao gm kim tra tnh ton vn ca thng tin (Message IntegrityCheck). V vy, d liu khng th b thay i trong khi ang trn ng truyn. WPA c sn 2la chn: WPA Personal v WPA Enterprise. C 2 la chn u s dng giao thc TKIP, v skhc bit ch l kho khi to m ho lc u. WPA Personal thch hp cho gia nh v mngvn phng nh, kho khi to s c s dng ti cc im truy cp v thit b my trm.Trong khi , WPA cho doanh nghip cn mt my ch xc thc v 802.1x cung cp cckho khi to cho mi phin lm vic.

C mt l hng trong WPA v li ny ch xy ra vi WPA Personal. Khi m s dng hmthay i kho TKIP c s dng to ra cc kho m ho b pht hin, nu hacker c th onc kho khi to hoc mt phn ca mt khu, h c th xc nh c ton b mt khu, do c th gii m c d liu. Tuy nhin, l hng ny cng s b loi b bng cch s dngnhng kho khi to khng d on (ng s dng nhng t nh "PASSWORD" lm mtkhu).

C mt l hng trong WPA v li ny ch xy ra vi WPA Personal. Khi m s dng hmthay i kho TKIP c s dng to ra cc kho m ho b pht hin, nu hacker c th onc kho khi to hoc mt phn ca mt khu, h c th xc nh c ton b mt khu, do

c th gii m c d liu. Tuy nhin, l hng ny cng s b loi b bng cch s dngnhng kho khi to khng d on (ng s dng nhng t nh "PASSWORD" lm mtkhu).

VI. M Ha:

M ha l bin i d liu ch c cc thnh phn c xc nhn mi c th gii m c n.Qu trnh m ha l kt hp plaintext vi mt kha to thnh vn bn mt (Ciphertext). Sgii m c bng cch kt hp Ciphertext vi kha ti to li plaintext gc. Qu trnh xpxp v phn b cc kha gi l s qun l kha.

Cng Ngh Mng 18


19/31

a.Mt m dng:

Mt m dng phng thc m ha theo tng bit, mt m dng pht sinh chui kha lin tcda trn gi tr ca kha, v d mt mt m dng c th sinh ra mt chui kha di 15 byte mha mt frame v mt chui kha khc di 200 byte m ha mt frame khc.

Mt m dng l mt thut ton m ha rt hiu qu, t tiu tn ti nguyn (CPU).

Cng Ngh Mng 19


20/31

b. Mt m khi:

Mt m khi sinh ra mt chui kha duy nht v c kch thc c nh(64 hoc 128 bit). Chuik t cha c m ha( plaintext) s c phn mnh thnh nhng khi(block) v mi khi sc trn vi chui kha mt cch c lp. Nu nh khi plaintext nh hn khi chui kha thplaintext s c m thm vo c c kch thc thch hp. Tin trnh phn mnh cng vimt s thao tc khc ca mt m khi s lm tiu tn nhiu ti nguyn CPU.

Tin trnh m ha dng v m ha khi cn c gi l ch m ha khi m in t ECB(Electronic Code Block). Ch m ha ny c c im l cng mt u vo plaintext ( inputplain) s lun lun sinh ra cng mt u ra ciphertext (output ciphertext). y chnh l yu t mk tn cng c th li dng nhn dng ca ciphertext v on c plaintext ban u.

Cng Ngh Mng 20


21/31

VII. Cc kiu tn cng trong mng WLAN:

1.Access Point:

a. nh ngha:

Access Point gi mo c dng m t nhng Access Point c to ramt cch v tnh hay c lm nh hng n h thng mng hin c. Nc dng ch cc thit b hot ng khng dy tri php m khng quantm n mc ch s dng ca chng.

2.Phn loi:

a)Access Point c cu hnh khng hon chnh

Mt Access Point c th bt ng tr thnh 1 thit b gi mo do sai sttrong vic cu hnh. S thay i trong Service Set Identifier(SSID), thit lpxc thc, thit lp m ha, iu nghim trng nht l chng s khng thchng thc cc kt ni nu b cu hnh sai.

V d: trong trng thi xc thc m(open mode authentication) cc ngidng khng dy trng thi 1(cha xc thc v cha kt ni) c th gi ccyu cu xc thc n mt Access Point v c xc thc thnh cng schuyn sang trang thi 2 (c xc thc nhng cha kt ni). Nu 1 AccessPoint khng xc nhn s hp l ca mt my khch do li trong cu hnh, ktn cng c th gi mt s lng ln yu cu xc thc, lm trn bng yucu kt ni ca cc my khch Access Point , lm cho Access Point t chi

Cng Ngh Mng 21


22/31

truy cp ca cc ngi dng khc bao gm c ngi dng c php truycp.

b) Access Point gi mo t cc mng WLAN ln cn

Cc my khch theo chun 802.11 t ng chn Access Point c sngmnh nht m n pht hin c kt ni.V d: Windows XP t ng kt ni n kt ni tt nht c th xung quanhn. V vy, nhng ngi dng c xc thc ca mt t chc c th kt nin cc Access Point ca cc t chc khc ln cn. Mc d cc Access Pointln cn khng c thu ht kt ni t cc ngi dng, nhng kt ni vtnh l nhng d liu nhy cm.

c)Access Point gi mo do k tn cng to ra

Gi mo AP l kiu tn cng man in the middle c in. y l kiu tncng m tin tc ng gia v trm lu lng truyn gia 2 nt. Kiu tncng ny rt mnh v tin tc c th trm tt c lu lng i qua mng.Rt kh khn to mt cuc tn cng man in the middle trong mng cdy bi v kiu tn cng ny yu cu truy cp thc s n ng truyn.Trong mng khng dy th li rt d b tn cng kiu ny. Tin tc cn phito ra mt AP thu ht nhiu s la chn hn AP chnh thng. AP gi ny cth c thit lp bng cch sao chp tt c cc cu hnh ca AP chnhthng l: SSID, a ch MAC v.v..Bc tip theo l lm cho nn nhn thchin kt ni ti AP gi.

Cch th nht l i cho ngui dng t kt ni.

Cch th hai l gy ra mt cuc tn cng t chi dch v DoS trong APchnh thng do vy ngui dng s phi kt ni li vi AP gi.

Trong mng 802.11 s la chn AP c thc hin bi cng ca tnhiu nhn. iu duy nht tin tc phi thc hin l chc chn rng AP camnh c cng tn hiu mnh hn c. c c iu tin tc phi tAP ca mnh gn ngi b la hn l AP chnh thng hoc s dng k thutanten nh hng. Sau khi nn nhn kt ni ti AP gi, nn nhn vn hotng nh bnh thng do vy nu nn nhn kt ni n mt AP chnh thngkhc th d liu ca nn nhn u i qua AP gi. Tin tc s s dng cc tinch ghi li mt khu ca nn nhn khi trao i vi Web Server. Nh vy tintc s c c tt c nhng g anh ta mun ng nhp vo mng chnhthng. Kiu tn cng ny tn ti l do trong 802.11 khng yu cu chngthc 2 hng gia AP v nt. AP pht qung b ra ton mng. iu ny rt

Cng Ngh Mng 22


23/31

d b tin tc nghe trm v do vy tin tc c th ly c tt c cc thng tinm chng cn. Cc nt trong mng s dng WEP chng thc chng vi APnhng WEP cng c nhng l hng c th khai thc. Mt tin tc c th nghetrm thng tin v s dng b phn tch m ho trm mt khu ca ngidng.

d)Access Point gi mo c thit lp bi chnh nhn vin ca cng ty:V s tin li ca mng khng dy mt s nhn vin ca cng ty t

trang b Access Point v kt ni chng vo mng c dy ca cng ty. Dokhng hiu r v nm vng v bo mt trong mng khng dy nn h vtnh to ra mt l hng ln v bo mt. Nhng ngi l vo cng ty vhacker bn ngoi c th kt ni n Access Point khng c xc thc nh cp bng thng, nh cp thng tin nhy cm ca cng ty, s dng hthng mng ca cng ty tn cng ngi khc,

Cng Ngh Mng 23


24/31

2. De-authentication Flood Attack(tn cng yu cu xc thc li ):

- K tn cng xc nh mc tiu tn cng l cc ngi dng trong mngwireless v cc kt ni ca h(Access Point n cc kt ni ca n).- Chn cc frame yu cu xc thc li vo mng WLAN bng cch gi moa ch MAC ngun v ch ln lt ca Access Point v cc ngi dng.- Ngi dng wireless khi nhn c frame yu cu xc thc li th ngh rng

chng do Access Point gi n.- Sau khi ngt c mt ngi dng ra khi dch v khng dy, k tn cngtip tc thc hin tng t i vi cc ngi dng cn li.- Thng thng ngi dng s kt ni li phc hi dch v, nhng k tncng nhanh chng tip tc gi cc gi yu cu xc thc li cho ngidng.

Cng Ngh Mng 24


25/31

4. Tn cng da trn s cm nhn sng mang lp vt l:Ta c th hiu nm na l : K tt cng li dng giao thc chng ng CSMA/CA, tc l n

s lm cho tt c ngi dng ngh rng lc no trong mng cng c 1 my tnh ang truynthng. iu ny lm cho cc my tnh khc lun lun trng thi ch i k tn cng y truynd liu xong => dn n tnh trng ngn trong mng.

Tn s l mt nhc im bo mt trong mng khng dy. Mc nguy

him thay i ph thuc vo giao din ca lp vt l. C mt vi tham squyt nh s chu ng ca mng l: nng lng my pht, nhy camy thu, tn s RF, bng thng v s nh hng ca anten. Trong 802.11 sdng thut ton a truy cp cm nhn sng mang (CSMA) trnh va chm.CSMA l mt thnh phn ca lp MAC. CSMA c s dng chc chnrng s khng c va chm d liu trn ng truyn. Kiu tn cng nykhng s dng tp m to ra li cho mng nhng n s li dng chnhchun . C nhiu cch khai thc giao thc cm nhn sng mang vt l.Cch n gin l lm cho cc nt trong mng u tin tng rng c mt ntang truyn tin ti thi im hin ti. Cch d nht t c iu ny l tora mt nt gi mo truyn tin mt cch lin tc. Mt cch khc l s dngb to tn hiu RF. Mt cch tn cng tinh vi hn l lm cho card mngchuyn vo ch kim tra m n truyn i lin tip mt mu kim tra.Tt c cc nt trong phm vi ca mt nt gi l rt nhy vi sng mang vtrong khi c mt nt ang truyn th s khng c nt no c truyn.

5. Tn cng ngt kt ni (Disassociation flood attack)

Cng Ngh Mng 25


26/31

C th ta s rt d nhm ln gia 2 kiu tn cng :Disassociation floodattack v De-authentication Flood Attack .

+ Ging nhau : v hnh thc tn cng , c th cho rng chng ging nhau v nging nh mt i bc 2 nng , va tn cng Access Point va tn cng Client. V

quan trng hn ht , chng "n pho" lin tc.+ Khc nhau :

- De-authentication Flood Attack : yu cu c AP v client gi li frame xc thc=>xc thc failed- Disassociation flood attack : gi disassociation frame lm cho AP vclient tin tng rng kt ni gia chng b ngt.

VIII. Wireless IDS:

1.Wireless IDS l g?IDS trong mng WLAN(WIDS) lm vic c nhiu khc bit so vi mi trng mng LAN c

dy truyn thng.Trong WLAN, mi trng truyn l khng kh, cc thit b c h tr chun 802.11 trong phm viph sng u c th truy cp vo mng. Do cn c s gim st c bn trong v bn ngoi hthng mng. Mt h thng WIDS thng l mt h thng my tnh c phn cng v phn mmc bit pht hin cc hot ng bt thng. Phn cng wireless c nhiu tnh nng so vicard mng wireless thng thng , n bao gm vic gim st tn s sng(RF_Radio frequency),pht hin nhiu,. Mt WIDS bao gm mt hay nhiu thit b lng nghe thu thp a chMAC (Media Access Control), SSID, cc c tnh c thit lp cc trm, tc truyn, knhhin ti, trng thi m ha, ..

Tm li Wireless IDS c :+ V tr cn phi gim st (rt cht ch) : bn trong v bn ngoi mng.+Thit b v chc nng : phn cng v phn mm chuyn dng c nhiu tn nng : thuthp a ch MAC, SSID, c tnh : thit lp cc trm + tc truyn + knh + trng thim ha.

Cng Ngh Mng 26


27/31

2.Nhim v ca WIDS:

Gim st v phn tch cc hot ng ca ngi dng v h thng.

Nhn din cc loi tn cng bit.Xc nh cc hot ng bt thng ca h thng mng.

Xc nh cc chnh sch bo mt cho WLAN.

Thu thp tt c truyn thng trong mng khng dy v a ra cccnh bo da trn nhng du hiu bit hay s bt thng trongtruyn thng.

3.M hnh hot ng:

a. WIDS tp trung (centralized WIDS):WIDS tp trung c mt b tp trung thu thp tt c cc d liu ca cc cm bin mng

ring l v chuyn chng ti thit b qun l trung tm, ni d liu IDS c lu tr v x l.Hu ht cc IDS tp trung u c nhiu cm bin c th pht hin xm nhp trong phm viton mng. Cc log file v cc tn hiu bo ng u c gi v thit b qun l trung tm, thitb ny c th dng qun l cng nh cp nht cho tt c cc cm bin. WIDS tp trung ph hpvi mng WLAN phm vi rng v d qun l v hiu qu trong vic x l d liu.

Cng Ngh Mng 27


28/31

b. WIDS phn tn (decentralize WIDS):WIDS phn tn thc hin c chc nng cm bin v qun l. M hnh ny

ph hp vi mng WLAN nh v c t Access Point, wireless IDS phn tn titkim chi ph hn so vi WIDS tp trung.

Cng Ngh Mng 28


29/31

4. Gim st lu lng mng( Traffic monitoring):

a. Xy dng h thng WIDS phn tch hiu sut hot ng ca mngwireless

Phn tch kh nng thc thi ca mng wireless l cp n vic thu thpgi v gii m. Sau ti hp gi li thc hin kt ni mng. Vic phntch gip ta bit c s c xy ra i vi mng ang hot ng.

H thng WIDS gim st ton b WLAN, chuyn tip lu lng c tnghp v thu thp lu lng t cc b cm bin. Sau phn tch lu lng thu thp c. Nu lu lng c phn tch c s bt thng th cnhbo s c hin th.Lu lng thu thp c c th c lu tr trn mt h thng khc hocc log vo database.

Cng Ngh Mng 29


30/31

b. H thng WIDS c th gi cnh bo trong mt s trng hp sau:

AP b qu ti khi c qu nhiu trm kt ni vo.

Knh truyn qu ti khi c qu nhiu AP hoc lu lng s dng cng knh.

AP c cu hnh khng thch hp hoc khng ng nht vi cc AP khc trongh thng mng.

S cc gi fragment qu nhiu.WIDS d ra c cc trm n.

S ln thc hin kt ni vo mng qu nhiu.

c. Lp bo co v kh nng thc thi mngThng tin thu thp c bi WIDS to ra c s d liu c s dng lp

bo co v tnh trng hot ng ca mng v lp ra k hoch cho h thngmngBo co ca WIDS c th bao gm 10 AP c cnh bo nhiu nht, biu hot ng ca cc trm theo thi gian, cch s dng tri ph

Xu hng gi cnh bo l khi AP biu hin mt s vn mi, hay l hotng mng b gin on. Kho st cnh bo ca cc AP khc cng v trgip ta nhn ra c s khc nhau ca cc thit b bt thng v iu kinmi trng lm nh hng n mi AP trong vng nh th no. Mt khc,so snh cnh bo ca cc AP qua nhiu v tr c th gip ta xc nh cvn gy ra do bi s khc nhau v cc dng sn phm, phin bn v phnmm h thng( firmware), v v cu hnh.

n y chng ta hu nh c ci nhn s b v WIDS, v vic cn lml dng nhng thit b WIDS p dng vo mng khng dy ca doanh

nghip.

Cng Ngh Mng 30


31/31

Báo cáo word wlan

Documents

Transcript of Báo cáo word wlan