1 網路實驗 - 安裝無線區域網路網卡以及架設 AP 授課教師 : 侯廷昭 教授. 2...
Preview:
Citation preview
- Slide 1
- 1 - AP :
- Slide 2
- 2 Outline WLAN WEP NAT iptables DHCP Bridge
- Slide 3
- 3 Outline WLAN WEP NAT iptables DHCP Bridge
- Slide 4
- 4 IEEE 802.11 Linux Wireless LAN card PC (Bridge) NAT (Network
Address Translation) Access Point (AP) PC (WEP) Access Point
- Slide 5
- 5 Linux OS 2.6 Public IP address
- Slide 6
- 6 Outline WLAN WEP NAT iptables DHCP Bridge
- Slide 7
- 7 -WLAN Stimulated by availability of unlicensed spectrum U.S.
Industrial, Scientific, Medical (ISM) bands 902-928 MHz,
2.400-2.4835 GHz, 5.725-5.850 GHz IEEE 802 Family Tree
- Slide 8
- 8 -WLAN IEEE 802.11 Standards
- Slide 9
- 9 -WLAN Nomenclature Distribution System: a logical component
of 802.11 used to forward frames to their destinations Access
Points: perform the wireless-to-wired bridging function Wireless
Medium Stations
- Slide 10
- 10 -WLAN Basic Service Set (BSS) Group of stations that
coordinate their access using a given instance of MAC Located in a
Basic Service Area (BSA) Stations in BSS can communicate with each
other Distinct collocated BSSs can coexist
- Slide 11
- 11 -WLAN Types of Networks Independent networks (indep. basic
service set, IBSS), also known as ad hoc networks. Infrastructure
networks
- Slide 12
- 12 -WLAN Infrastructure BSS Two advantages for infrastructure
networks The mobile stations need not to maintain neighbor
relationships. Access points assist with stations attempting to
save power In an infrastructure network, stations must associate
with an AP to obtain network services. (equivalent to plug in the
network cable)
- Slide 13
- 13 -WLAN Extended Service Set An extended service set (ESS) is
created by chaining BSSs together with a backbone network (or
distribution System, DS) All the access points in an ESS are given
the same service set identifier (SSID), which serves as a network
"name" for the users
- Slide 14
- 14 -WLAN
- Slide 15
- 15 -WLAN For stations in an ESS to communicate with each other,
the wireless medium must act like a single layer 2 connection.
Access points act as bridges, so direct communication between
stations in an ESS requires that the backbone network also look
like a layer 2 connection
- Slide 16
- 16 -WLAN Distribution System The distribution system is
responsible for tracking where a station is physically located and
delivering frames appropriately. The backbone Ethernet is the
distribution system medium, but it is not the entire distribution
system.
- Slide 17
- 17 -WLAN The distribution system is composed of the bridging
engine plus the wired backbone network Every frame sent by a mobile
station in an infrastructure network must use the distribution
system.
- Slide 18
- 18 -WLAN Overlapping Network Types
- Slide 19
- 19 -WLAN 802.11 Network Operations 802.11 is sometimes referred
to as "wireless Ethernet Stations are identified by 48-bit IEEE 802
MAC addresses. Conceptually, frames are delivered based on the MAC
address. Frame delivery is unreliable, though 802.11 incorporates
some basic reliability mechanisms to overcome the inherently poor
qualities of the radio channels it uses
- Slide 20
- 20 -WLAN Physical Carrier Sensing Analyze all detected frames
Monitor relative signal strength from other sources Virtual Carrier
Sensing at MAC sublayer Source stations informs other stations of
transmission time (in msec) for an MPDU (MAC PDU) Carried in
Duration field of RTS & CTS & DATA Stations adjust Network
Allocation Vector to indicate when channel will become idle Channel
busy if either sensing is busy
- Slide 21
- 21 -WLAN Distributed Coordination Function (DCF) provides basic
access service Asynchronous best-effort data transfer All stations
contend for access to medium CSMA-CA Ready stations wait for
completion of transmission All stations must wait Interframe Space
(IFS) DIFS PIFS SIFS Contention window Next frame Defer access Wait
for reattempt time Time Busy medium
- Slide 22
- 22 -WLAN Frame Structure MAC Header: 30 bytes Frame Body:
0-2312 bytes CRC: CCITT-32 4 bytes CRC over MAC header & frame
body Address 2 Frame Control Duration/ ID Address 1 Address 3
Sequence control Address 4 Frame body CRC 22666260-23124 MAC header
(bytes)
- Slide 23
- 23 -WLAN Frame Control (1) Protocol version = 0 Type:
Management (00), Control (01), Data (10) Subtype within frame type
Type=00, subtype=association; Type=01, subtype=ACK MoreFrag=1 if
another fragment of MSDU to follow Address 2 Frame Control
Duration/ ID Address 1 Address 3 Sequence control Address 4 Frame
body CRC Protocol version TypeSubtype To DS From DS More frag Retry
Pwr mgt More data WEPRsvd 22666260-23124 2 2 MAC header (bytes)
411111111
- Slide 24
- 24 -WLAN Frame Control (2) Retry=1 if mgmt/control frame is a
retransmission Power Management to put station in/out of sleep mode
More Data =1 to tell station in power-save mode more data buffered
for it at AP WEP=1 if frame body encrypted Address 2 Frame Control
Duration/ ID Address 1 Address 3 Sequence control Address 4 Frame
body CRC Protocol version TypeSubtype To DS From DS More frag Retry
Pwr mgt More data WEPRsvd 22666260-23124 2 2 MAC header (bytes)
411111111
- Slide 25
- 25 Outline WLAN WEP NAT iptables DHCP Bridge
- Slide 26
- 26 -WEP WEP: Wired Equivalent Privacy WEP requires the use of
the RC4 cipher (stream cipher) Generic Stream Cipher Operation
- Slide 27
- 27 -WEP Most stream ciphers operate by taking a relatively
short secret key and expanding it into a pseudorandom keystream the
same length as the message. The pseudorandom random number
generator (PRNG) is a set of rules used to expand the key into a
keystream.
- Slide 28
- 28 -WEP WEP Data Processing
- Slide 29
- 29 -WEP WEP Framing IV header: 24-bit IV pad =0 key id
identifies the default key that was used to encrypt the frame. up
to 4 default keys ICV: a 32-bit CRC of the data frame.
- Slide 30
- 30 -WEP Key Distribution The WEP key must be distributed to all
stations. Typically you type keys into your device drivers or AP by
hand. Key cannot be considered secret If keys are accessible to
user, then all keys must be changed whenever staff members leave
the organization. Publish the key In Aug. 2001, S Fluhrer, I.
Mantin, & A. Shamir describe a theoretical attack on WEP.
- Slide 31
- 31 Outline WLAN WEP NAT iptables DHCP Bridge
- Slide 32
- 32 -NAT Class A, B, and C addresses have been set aside for use
within private internets Packets with private (unregistered)
addresses are discarded by routers in the global Internet NAT (RFC
1631): method for mapping packets from hosts in private internets
into packets that can traverse the Internet A device (computer,
router, firewall) acts as an agent between a private network and a
public network A number of hosts can share a limited number of
registered IP addresses Static/Dynamic NAT: map unregistered
addresses to registered addresses Overloading: maps multiple
unregistered addresses into a single registered address (e.g. Home
LAN)
- Slide 33
- 33 -NAT Hosts inside private networks generate packets with
private IP address & TCP/UDP port #s NAT maps each private IP
address & port # into shared global IP address & available
port # Translation table allows packets to be routed unambiguously
NAT Device Private Network Public Network 192.168.0.13;w
192.168.0.10;x Address Translation Table: 192.168.0.10; x
128.100.10.15; y 192.168.0.13; w 128.100.10.15; z 128.100.10.15;y
128.100.10.15; z
- Slide 34
- 34 iptables iptables IPv4 Target (ACCEPT) (DROP) iptables
NAT
- Slide 35
- 35 iptables structure
- Slide 36
- 36 Iptables Rules/Chains ( Rules ) Iptables (Chains) Iptables
(Built-in Chains) PREROUTING INPUT OUTPUT FORWARD POSTROUTING INPUT
OUTPUT (Local Process) INPUT OUTPUT / FORWARD ( INPUT OUTPUT)
PREROUTING POSTROUTING ( FORWARD OUTPUT )
- Slide 37
- 37 Options -t Iptables mangle nat filter Ip6tables nat Mangle
nat NAT IP filter -A A (Add) D (Delete) -i 1 -s IP 2 IP -d IP 3 IP
-j Target j Jump Target --oif Oif Outgoing Interface ROUTE
Target
- Slide 38
- 38 Outline WLAN WEP NAT iptables DHCP Bridge
- Slide 39
- 39 -DHCP Dynamic Host Configuration Protocol (RFC 2131) BOOTP
(RFC 951, 1542) allows a diskless workstation to be remotely booted
up in a network UDP port 67 (server) & port 68 (client) DHCP
builds on BOOTP to allow servers to deliver configuration
information to a host Used extensively to assign temporary IP
addresses to hosts Allows ISP to maximize usage of their limited IP
addresses
- Slide 40
- 40 -DHCP DHCP Operation Host broadcasts DHCP Discover message
on its physical network Server replies with Offer message (IP
address + configuration information) Host selects one offer and
broadcasts DHCP Request message Server allocates IP address for
lease time T Sends DHCP ACK message with T, and threshold times T1
(=1/2 T) and T2 (=.875T) At T1, host attempts to renew lease by
sending DHCP Request message to original server If no reply by T2,
host broadcasts DHCP Request to any server
- Slide 41
- 41 -DHCP DHCP server: 223.1.2.5 arriving client time DHCP
discover src : 0.0.0.0, 68 dest.: 255.255.255.255,67 yiaddr:
0.0.0.0 transaction ID: 654 DHCP offer src: 223.1.2.5, 67 dest:
255.255.255.255, 68 yiaddrr: 223.1.2.4 transaction ID: 654
Lifetime: 3600 secs DHCP request src: 0.0.0.0, 68 dest::
255.255.255.255, 67 yiaddrr: 223.1.2.4 transaction ID: 655
Lifetime: 3600 secs DHCP ACK src: 223.1.2.5, 67 dest:
255.255.255.255, 68 yiaddrr: 223.1.2.4 transaction ID: 655
Lifetime: 3600 secs
- Slide 42
- 42 Outline WLAN WEP NAT iptables DHCP Bridge
- Slide 43
- 43 -Bridge Operation at data link level must deal with
Difference in MAC formats Difference in data rates; buffering;
timers Difference in maximum frame length PHY MAC LLC Network PHY
MAC LLC 802.3 802.11 802.3 802.11 CSMA/CD CSMA/CA
- Slide 44
- 44 -Bridge Bridge/switch vs. router both store-and-forward
devices routers: network layer devices (examine network layer
headers) switches are link layer devices routers maintain routing
tables, implement routing algorithms switches maintain switch
tables, implement filtering, learning algorithms
- Slide 45
- 45 Kernel network parameters /proc/sys/net
/proc/sys/net/ipv4/ip_forward