bảo mật cho mạng không dây Wi- Fi

Kho lun tt nghip

Trng H Cng Ngh_ HQG H Ni

LI M UTrong thi gian gn y chng ta thng nghe ni v WiFi v Internet khng dy. Thc ra, WiFi khng ch c dng kt ni Internet khng dy m cn dng kt ni hu ht cc thit b tin hc v vin thng quen thuc nh my tnh, my in, PDA, in thai di ng m khng cn dy cp ni, rt thun tin cho ngi s dng. Mng khng dy l mt trong nhng bc tin ln ca ngnh my tnh. Truy cp Internet tr thnh nhu cu quen thuc i vi mi ngi. Tuy nhin, c th kt ni Internet ngi s dng phi truy nhp Internet t mt v tr c nh thng qua mt my tnh kt ni vo mng. iu ny i khi gy ra rt nhiu kh khn cho nhng ngi s dng khi ang di chuyn hoc n mt ni khng c iu kin kt ni vo mng. Xut pht t yu cu m rng Internet, WLAN c nghin cu v trin khai ng dng trong thc t. Vi nhng tnh nng h tr p ng c bng thng, trin khai lp t d dng v p ng c cc yu cu k thut, kinh t. Chng hn vic s dng cng ngh Internet khng dy Wi- Fi cho php mi ngi truy cp v ly thng tin bt k v tr no nh bn xe, nh ga, sn bay, Khi nghin cu trin khai ng dng cng ngh WLAN, ngi ta c bit quan tm ti tnh bo mt an ton thng tin ca n. Do mi trng truyn dn v tuyn nn WLAN rt d b r r thng tin do tc ng ca mi trng bn ngoi, c bit l s tn cng ca cc Hacker. Do , i i vi pht trin WLAN phi pht trin cc kh nng bo mt WLAN an ton, cung cp thng tin hiu qu, tin cy cho ngi s dng. T nhng yu cu , Lun vn ny s trnh by ti v mng cc b khng dy WLAN v mt s vn bo mt cho mng khng dy Wi- Fi vi ni dung gm 3 chng: Chng 1: Tng quan mng cc b khng dy WLAN Chng 2: Cc tiu chun ca mng WLAN Chng 3: Mt s vn bo mt cho mng khng dy Wi- Fi Trong qu trnh thc hin ti, do hn ch v thi gian v lng kin thc cng nh kinh nghim thc t nn lun vn khng trnh khi nhng thiu st. Knh mong s ng gp kin ca thy c v cc bn lun vn c hon thin hn.Em xin chn thnh cm n!

Nguyn Th Huyn_ K49- HTVT 1

Kho lun tt nghip


CHNG 1 TNG QUAN MNG CC B KHNG DY WLAN

1.1 Gii thiuVi s pht trin nhanh chng ca khoa hc, cng ngh thng tin v vin thng, ngy nay cc thit b di ng cng ngh cao nh my tnh xch tay laptop, my tnh b ti palm top, in thoi di ng, my nhn tin khng cn xa l v ngy cng c s dng rng ri trong nhng nm gn y. Nhu cu truyn thng mt cch d dng v t pht gia cc thit b ny dn n s pht trin ca mt lp mng di ng khng dy mi, l mng WLAN. WLAN cho php duy tr cc kt ni mng khng dy, ngi s dng duy tr cc kt ni mng trong phm vi ph sng ca cc im kt ni trung tm. Phng thc kt ni mi ny thc s m ra cho ngi s dng mt s la chn ti u, b xung cho cc phng thc kt ni dng dy. WLAN l m hnh mng c s dng cho mt khu vc c phm vi nh nh mt ta nh, khun vin ca mt cng ty, trng hc. N l loi mng linh hot c kh nng c ng cao thay th cho mng cp ng truyn thng v bt u pht trin vo gia thp k 80 ca th k XX bi t chc FCC (Federal Communications Commission). WLAN s dng sng v tuyn hay hng ngoi truyn v nhn d liu thng qua khng gian, xuyn qua tng trn v cc cu trc khc m khng cn cp. WLAN cung cp tt c cc chc nng v cc u im ca mt mng LAN truyn thng nh Ethernet hay Token Ring nhng li khng b gii hn bi cp. Ngoi ra WLAN cn c kh nng kt hp vi cc mng c sn, WLAN kt hp rt tt vi LAN to thnh mt mng nng ng v n nh hn. WLAN l mng rt ph hp cho vic pht trin iu khin thit b t xa, cung cp mng dch v ni cng cng, khch sn, vn phng. S pht trin ngy cng tng nhanh ca cc my tnh xch tay nh gn hn, hin i hn v r hn thc y s tng trng rt ln trong cng nghip WLAN nhng nm gn y. WLAN s dng bng tn ISM (bng tn phc v cng nghip, khoa hc, y t : 2.4GHz v 5GHz ), v th n khng chu s qun l ca chnh ph cng nh khng cn cp giy php s dng. S dng WLAN s gip cc nc ang pht trin nhanh chng tip cn vi cc cng ngh hin i, nhanh chng xy dng h tng vin thng mt cch thun li v t tn km. Trn th trng hin nay c rt nhiu sn phm phc v cho WLAN theo cc chun khc nhau nh: IrDA (Hng ngoi), OpenAir, BlueTooth, HiperLAN 2, IEEE


Kho lun tt nghip


802.11b, IEEE 802.11a, 802.11g (Wi-Fi), trong mi chun c mt c im khc nhau. IrDA, OpenAir, BlueTooth l cc mng lin kt trong phm vi tng i nh: IrDA (1m), OpenAir(10m), Bluetooth (10m) v m hnh mng l dng peer-to-peer tc l kt ni trc tip khng thng qua bt k mt thit b trung gian no. Ngc li, HiperLAN v IEEE 802.11 l hai mng phc v cho kt ni phm vi rng hn khong 100m, v cho php kt ni 2 dng: kt ni trc tip, kt ni dng mng c s (s dng Access Point) . Vi kh nng tch hp vi cc mng thng dng nh (LAN, WAN), HiperLAN v Wi-Fi c xem l hai mng c th thay th hoc dng m rng mng LAN. ng dng ln nht ca WLAN l vic p dng WLAN nh mt gii php ti u cho vic s dng Internet. Mng WLAN c coi nh mt th h mng truyn s liu mi cho tc cao c hnh thnh t hot ng tng h ca c mng hu tuyn hin c v mng v tuyn. Mc tiu ca vic trin khai mng WLAN cho vic s dng internet l cung cp cc dch v s liu v tuyn tc cao.

1.2 Qu trnh pht trin ca mng WLANMng WLAN, vi c tnh khng dy n rt linh ng trong iu kin ngi dng di ng hay trong cc cu hnh tm thi. Cc mng LAN khng dy ang ngy cng c a chung v pht trin trn th gii. Vi cc u im ni tri nh: d dng ci thin nng sut, ci t nhanh, n gin v linh hot, d cu hnh khng i hi c s h tng cng knh nh cc mng LAN truyn thng, c bit l hiu qu trong cc vng kh thc hin bng dy v i hi c thm m cao, WLAN pht trin rt nhanh chng v ang dn thay th cho cc mng c dy trong nhiu lnh vc khc nhau. Qu trnh pht trin ca cc mng WLAN c s lc qua: Cng ngh WLAN ln u tin xut hin vo cui nm 1990, khi nhng nh sn xut gii thiu nhng sn phm hot ng trong bng tn 900Mhz. Nhng gii php ny (khng c thng nht gia cc nh sn xut) cung cp tc truyn d liu 1Mbps, thp hn nhiu so vi tc 10Mbps ca hu ht cc mng s dng cp hin thi. Nm 1992, nhng nh sn xut bt u bn nhng sn phm WLAN s dng bng tn 2.4Ghz. Mc du nhng sn phm ny c tc truyn d liu cao hn nhng chng vn l nhng gii php ring ca mi nh sn xut khng c cng b rng ri. S cn thit cho vic hot ng thng nht gia cc thit b nhng dy tn


Kho lun tt nghip


s khc nhau dn n mt s t chc bt u pht trin ra nhng chun mng khng dy chung. Nm 1997, Institute of Electrical and Electronics Engineers(IEEE) ph chun s ra i ca chun 802.11, v cng c bit vi tn gi WIFI (Wireless Fidelity) cho cc mng WLAN. Chun 802.11 h tr ba phng php truyn tn hiu, trong c bao gm phng php truyn tn hiu v tuyn tn s 2.4Ghz. Nm 1999, IEEE thng qua hai s b sung cho chun 802.11 l cc chun 802.11a v 802.11b (nh ngha ra nhng phng php truyn tn hiu). V nhng thit b WLAN da trn chun 802.11b nhanh chng tr thnh cng ngh khng dy vt tri. Cc thit b WLAN 802.11b truyn pht tn s 2.4Ghz, cung cp tc truyn d liu c th ln ti 11Mbps. IEEE 802.11b c to ra nhm cung cp nhng c im v tnh hiu dng, thng lng (throughput) v bo mt so snh vi mng c dy thng thng. Nm 2003, IEEE cng b thm mt s ci tin l chun 802.11g m c th truyn nhn thng tin c hai dy tn 2.4Ghz v 5Ghz v c th nng tc truyn d liu ln n 54Mbps. Thm vo , nhng sn phm p dng 802.11g cng c th tng thich ngc vi cc thit b chun 802.11b.Speed Network Radio

860 Kbps c quyn Proprietary 900 MHz

1 &12& 2 Mbps Mbps 2.4 GHz 2.4 GHz

11 Mbps Theo tiu chunIEEE 802.11 c ph chun

198 6

198 8

199 0

199 2

199 4

199 6

199 8

200 0

200 2

Hnh 1.1: Qu trnh pht trin ca mng WLAN

1.3 Phn loi mng WLANCc mng WLAN c th c phn loi thnh mng WLAN v tuyn v WLAN hng ngoi. Cc mng WLAN v tuyn c th da trn qu trnh truyn dn bng hp hay truyn dn tri ph trong khi i vi cc WLAN hng ngoi c th l khuych tn hay c nh hng. Di y cp c bn cc mng WLAN v tuyn v hng ngoi, c nh gi im mnh cng nh im yu ca mi loi.

1.3.1 Cc WLAN v tuyn


Kho lun tt nghip


a s cc h thng mng WLAN s dng cng ngh tri ph. Khi nim v tri ph m bo qu trnh truyn thng tin cy v an ton. Tri ph cp n cc s tn hiu da trn mt s dng m ho (c lp vi thng tin c pht i) v chng s dng bng thng ln hn nhiu so vi yu cu truyn tn hiu. Bng thng ln hn c ngha l nhiu v cc hiu ng fading a ng ch nh hng mt phn n qu trnh truyn dn tri ph. V vy m nng lng tn hiu thu hu nh khng i theo thi gian. iu ny cho php tch sng d dng khi my thu c ng b vi cc tham s ca tn hiu tri ph. Cc tn hiu tri ph c kh nng hn ch nhiu v gy kh khn cho qu trnh pht hin v chn tn hiu trn ng truyn. C hai k thut tri ph: Tri ph chui trc tip (DSSS) v tri ph nhy tn (FHSS).

1.3.1.1 Tri ph chui trc tip (DSSS) y l cng ngh tri ph tn s rng s dng phng php to ra mt mu bt tha cho mi bt s truyn i, bt ny c gi l chp hoc m chp. M chp cng di kh nng khi phc tn hiu gc cng cao. Kh khn trong phng php ny l tn nhiu bng thng. T l chp s dng trn mt bt gi l t l tri ph. T l ny cng cao s gip cho kh nng chng nhiu khi truyn tin hiu, trong khi t l ny thp s gip tng bng thng cho cc thit b di dng. Thut ton c bit c s dng khi phc li thng tin m khng yu cu gi li gi tin C th hiu n gin hn l mi bt c m ho thnh mt chui cc bit V d: v 1 c m ho thnh 10011100011 0 s c m ho l: 01100011100

th khi vic truyn chui 101 i s thnh gi i chui: 100111000110110001110010011100011 Cc m chp thng thng nghch o ln nhau, iu ny lm cho DSSS i ph tt i vi nhiu. Bi v DSSS tri rng trn ton ph, nn s lng cc knh b chng ln nhau trong di tn 2.4 Ghz l rt it (thng thng l ba knh), v vy s lng cc mng cng hot ng c lp trong mt phm vi m khng b nhiu l rt hn ch.

1.3.1.2 Tri ph nhy tn (FHSS)


Kho lun tt nghip


Cng ngh tri ph ny s dng bng tn hp truyn thng tin. Vi FHSS, mt chui gi ngu nhin c s dng thay i t ngt nhng tn s v cho php mt trm nhy t tn s ny sang tn s khc. Tuy nhin mi thit b WLAN vn hnh theo cch ny s thay i tn s s dng cng mt thut ton, thut ton FHSS s pht tn hiu trn mt tn s trong mt thi gian ngn, ri t ng nhy sang tn s khc truyn tn hiu. Cc thit b truyn v nhn tn hiu FHSS s phi c ng b ho sao cho chng c cng tn s ti cng mt thi im, tn hiu c m bo trong sut qu trnh kt ni. Theo FHSS, n c kh nng hn ch ti a nhiu trn bng tn hp t bn ngoi. Bi v nu FHSS b nhiu ti mt knh no th n s chuyn sang knh tn khc gi tn hiu. Theo quy nh ca FCC s lng knh ti thiu c s dng trong FHSS l 75 knh, sau ny gim xung cn 15 v tr ti a l 400ms trn mi knh. Phng php FHSS cho php xy dng nhiu knh m khng chng ln ln nhau, n cng cho php s dng nhiu im truy cp trong mt vng lm vic nu nh cn tng thm lng bng thng hoc cn tng thm s ngi truy nhp ti a. Cui cng l s khuych i cng sut l rt hiu qu, cc thit b FHSS s tiu th t nng lng hn, v nh vy cc thit b nh cc thit b di dng s c th kt ni vi thi gian lu hn m khng phi thay sc pin.

1.3.2 Cc mng WLAN hng ngoi Mng WLAN u tin c pht trin s dng truyn dn hng ngoi cch y khong chng 20 nm. Cc h thng ny khai thc cc im thun li do s dng v tuyn hng ngoi nh l mt mi trng cho truyn dn v tuyn. Chng hn, tia hng ngoi c bng thng khng cp php rt di do, n loi b c nhiu v tuyn, cc thit b hng ngoi nh v tiu th t cng sut. Khng ging nh cc sng v tuyn, cc tn s hng ngoi l qu cao thc hin iu ch ging nh i vi cc tn s v tuyn. V vy, cc ng truyn hng ngoi thng da trn c s iu ch xung bt- tt v tch sng tn hiu quang. Qu trnh truyn dn xung bt- tt c thc hin bng cch bin i cng (bin ) dng in trong my pht hng ngoi nh l laser diode hay diode pht quang chng hn. Theo cch ny, d liu c mang i bi cng (ch khng phi l pha hay tn s) ca sng nh sng. Cc h thng hng ngoi s dng hai thnh phn vt l


Kho lun tt nghip


khc nhau (cc b pht v cc b tch) pht v thu tn hiu sng quang. iu ny tri ngc vi cc h thng v tuyn v s dng mt anten chung pht v thu tn hiu. Cc mng WLAN hng ngoi khc vi cc mng WLAN v tuyn nhiu im. Ni chung, cc h thng v tuyn lun to ra vng ph rng hn. Mt khc, tn hiu v tuyn lun c rng bng thng hp hn cc tn hiu quang mc d cc h thng thng mi vn cha khai thc c ht bng thng tn hiu quang.

1.4 ng dng ca h thng mng WLANLc u WLAN ch c s dng bi cc t chc, cng ty ln nhng ngy nay, th WLAN c gi c chp nhn c m ta c th s dng. Sau y l mt s ng dng chung v ph hp ca WLAN.

1.4.1 Vai tr truy cp (Access role) WLAN ngy nay hu nh c trin khai lp access, ngha l chng c s dng mt im truy cp vo mng c dy thng thng. Wireless l mt phng php n gin ngi dng c th truy cp vo mng. Cc WLAN l cc mng lp data- link nh tt c nhng phng php truy cp khc. V tc thp nn WLAN t c trin khai core v distribution. Cc WLAN cung cp gii php cho mt vn kh kh l: kh nng di ng. Gii php s dng cellular c tc thp v mc. Trong khi WLAN th c cng s linh hot nhng li r hn. Cc WLAN nhanh, r v c th xc nh mi ni.

Hnh 1.2: Access Role


Kho lun tt nghip


1.4.2 M rng mng (Network extension) Cc mng khng dy c th c xem nh mt phn m rng ca mt mng c dy. Khi mun m rng mt mng hin ti, nu ci t thm ng cp th s rt tn km. Hay trong nhng to nh ln, khong cch c th vt qu khong cch ca CAT5 cho mng Ethernet. C th ci t cp quang nhng nh th s yu cu nhiu thi gian v tin bc hn, cng nh phi nng cp switch hin ti h tr cp quang. Cc WLAN c th c thc thi mt cch d dng. V t phi ci t cp trong mng khng dy.

Hnh 1.3: M rng mng

1.4.3 Kt ni cc to nh Trong mi trng mng campus hay trong mi trng c 2 to nh st nhau, c th c trng hp nhng ngi dng t to nh ny mun truy cp vo ti nguyn ca to nh khc. Trong qu kh th trng hp ny c gii quyt bng cch i mt ng cp ngm gia 2 to nh hay thu mt ng leases- line t cng ty in thoi. S dng k thut WLAN, thit b c th c ci t mt cch d dng v nhanh chng cho php 2 hay nhiu to nh chung mt mng. Vi cc loi anten khng dy ph hp, th bt k to nh no cng c th kt ni vi nhau vo cng mt mng trong mt khong cch cho php. C 2 loi kt ni: P2P v P2MP. Cc lin kt P2P l cc kt ni khng dy gia 2 to nh. Loi kt ni ny s dng cc loi anten trc tip hay bn trc tip mi u lin kt.


Kho lun tt nghip


Hnh 1.4: Kt ni cc to nh Cc lin kt P2MP l cc kt ni khng dy gia 3 hay nhiu to nh, thng dng hub- and- spoke hay kiu kt ni star, trong mt to nh ng vai tr trung tm tp trung cc im kt ni. To nh trung tm ny s c core network, kt ni internet, v server farm. Cc lin kt P2MP gia cc to nh thng s dng cc loi anten a hng trong to nh trung tm v anten chung hng trn cc spoke. C hai kiu kt ni ny: 1.4.3.1 Phn pht d liu dm cui (Last Mile Data Delivery) Wireless Internet Service Provider (WISP) cung cp cc dch v phn pht d liu trn last-mile cho cc khch hng ca h. Last mile cp n h tng giao tip c dy hay khng dy tn ti gia telco hay cng ty cp v ngi dng cui.

Hnh 1.5: Dch v dm cui Trong trng hp nu c cng ty cp v telco u gp kh khn trong vic m rng mng ca h cung cp cc kt ni bng thng rng cho nhiu ngi dng hn na. Nu sng trong khu vc nng thn th kh c th truy cp vo kt ni bng thng rng (nh cable modem hay xDSL). S kinh t hn rt nhiu nu cc WISP a ra gii php truy cp khng dy vo nhng ni xa v cc WISP s khng gp nhng kh khn nh ca cc cng ty cp hay telco v khng phi ci t nhiu thit b. Cc WISP cng gp phi mt s tr ngi. Nh cc nh cung cp xDSL gp phi vn l khong cch vt qu 5.7 km t CO n nh cung cp cp, cn vn ca WISP chnh l cc vt cn nh mi nh, cy,...


Kho lun tt nghip


1.4.3.2 S di ng (Mobility) Ch l mt gii php lp access, nn WLAN khng th thay th mng c dy trong tc truyn. Mt mi trng khng dy s dng cc kt ni khng lin tc v c t l li cao. Do , cc ng dng v giao thc truyn d liu c thit k cho mng c dy c th hot ng km trong mi trng khng dy. Li ch m cc mng khng dy mang li chnh l tng kh nng di ng b li tc v QoS.

Hnh 1.6: S di ng

Trong tng trng hp, cc mng wireless to nn kh nng truyn d liu m khng cn yu cu thi gian v sc ngi a d liu, cng nh gim c cc thit b c kt ni vi nhau nh mng c dy. Mt trong nhng k thut mi nht ca wireless l cho php ngi dng c th roam, ngha l di chuyn t khu vc khng dy ny sang khu vc khc m khng b mt kt ni, ging nh in thoi di ng, ngi dng c th roam gia cc vng di ng khc nhau. Trong mt t chc ln, khi phm vi ph sng ca wireless rng th vic roaming kh quan trng v ngi dng c th vn gi kt ni vi mng khi h ra ngoi. 1.4.4 Vn phng nh- Vn phng gia nh (Small Office-Home Office) Trong mt s doanh nghip ch c mt vi ngi dng v h mun trao i thng tin gia cc ngi dng v ch c mt ng ra Internet. Vi nhng ng dng ny (Small office-home office-SOHO), th mt ng wireless LAN l rt n gin v hiu qu. Cc thit b wireless SOHO th rt c ch khi nhng ngi dng mun chia s mt kt ni Internet.


Kho lun tt nghip


Hnh 1.7: SOHO WLAN

1.4.5 Vn phng di dng (Mobile Offices) Cc vn phng di ng cho php ngi dng c th di chuyn n mt v tr khc mt cch d dng. V tnh trng qu ti ca cc lp hc, nhiu trng hin nay ang s dng lp hc di ng. c th m rng mng my tnh ra nhng to nh tm thi, nu s dng cp th rt tn chi ph. Cc kt ni WLAN t to nh chnh ra cc lp hc di ng cho php cc kt ni mt cch linh hot vi chi ph c th chp nhn c.

Hnh 1.8: Vn phng di ng

1.5 u, nhc im ca mng WLAN1.5.1 u im Mng khng dy khng dng cp cho cc kt ni, thay vo , chng s dng sng Radio. u th ca mng khng dy l kh nng di ng v s t do, ngi dng khng b hn ch v khng gian v v tr kt ni. Nhng u im ca mng khng dy bao gm: - Kh nng di ng v s t do- cho php kt ni bt k u trong khu vc trin khai mng. Vi s gia tng ngi s dng my tnh xch tay l mt iu rt thun li..


Kho lun tt nghip


- Khng b hn ch v khng gian v v tr kt ni: Ngi dng c th duy tr kt ni mng khi h di chuyn t ni ny n ni khc. - D lp t v trin khai. p ng tc thi khi gia tng s lng ngi dng. - Tit kim thi gian lp t dy cp. - Khng lm thay i thm m, kin trc ta nh. - Gim chi ph bo tr, bo dng h thng. - Vi nhng cng ty m v tr khng tt cho vic thi cng cp nh ta nh c, khng c khong khng gian thi cng cp hoc thu ch t vn phng, - Hin nay, cng ngh mng khng dy ang dn dn thay th cc h thng c dy v tnh linh ng v nng cp cao. 1.5.2 Nhc im - Nhiu: Nhc im ca mng khng dy c th k n nht l kh nng nhiu sng radio do thi tit, do cc thit b khng dy khc, hay cc vt chn (nh cc nh cao tng, a hnh i ni) - Bo mt: y l vn rt ng quan tm khi s dng mng khng dy. Vic v tnh truyn d liu ra khi mng ca cng ty m khng thng qua lp vt l iu khin khin ngi khc c th nhn tn hiu v truy cp mng tri php. Tuy nhin WLAN c th dng m truy cp mng ngn cn truy cp, vic s dng m tu thuc vo mc bo mt m ngi dng yu cu. Ngoi ra ngi ta c th s dng vic m ha d liu cho vn bo mt. - Phm vi: Mt mng chun 802.11g vi cc thit b chun cng ch hot ng tt trong phm vi vi chc met. N ch ph hp cho khng gian khong cch nh. Nu mun s dng phi s dng thm thit b: Repeater hay AP. Dn n chi ph gia tng.


Kho lun tt nghip


CHNG 2 CC TIU CHUN CA MNG WLANCng vi s pht trin mnh m ca mng khng dy, cc chun (v ng thi l cc thit b) cho mng khng dy WLAN ln lt ra i v ngy cng c nng cp, ci tin. Nhng chun ra i sm nht nh IEEE 802.11 tr nn ph bin. Sau l HiperLAN, HomeRF, OpenAir v gn y l Bluetooth. Mi chun u mang mt s c tnh, u im ring ca n.

2.1 Cc chun IEEE 802.112.1.1 Ngun gc ra i ca chun IEEE 802.11

IEEE (Institute of Electrical and Electronic Engineers) l t chc i tin phong trong lnh vc chun ho mng cc b. n IEEE 802 c trin khai t nhng nm 1980 m kt qu l s ra i ca chun thuc h 802.x. y l chun p dng ring cho mng cc b. Nm 1990, Vin cc k s in v in t IEEE thnh lp mt u ban pht trin tiu chun cho cc mng WLAN hot ng tc t 1 n 2 Mbps. Qu trnh pht trin chun IEEE 802.11 b nh hng mnh bi cc sn phm ca mng WLAN c mt trn th trng. V vy, mc d cn kh nhiu thi gian hon thin cc tiu chun (do c kh nhiu xut mang nng tnh cnh tranh t pha cc nh cung cp thit b), n vn l tiu chun ph bin nht cho n nay. H tiu chun 802.11 do IEEE pht trin nh ngha giao din v tuyn gia trm v tuyn v trm gc hay gia hai trm v tuyn vi nhau. Chun u tin m IEEE cho ra i l IEEE 802.11 vo nm 1997. Tc t c l 2Mbps s dng phng php tri ph trong bng tn ISM khng qun l (bng tn dnh cho cng nghip, khoa hc v y hc). H tiu chun 802.11 c nhiu phn m rng trong ba tiu chun IEEE 802.11b, IEEE 802.11a, IEEE 802.11g l quan trng nht, v mi y nht l s ra i ca chun IEEE 802.11i v IEEE 802.11n.

2.1.2 IEEE 802.11b c a vo nm 1999, tiu chun IEEE 802.11b hay Wi- fi, l phn m rng ca tiu chun 802.11. Chun ny cung cp vic truyn d liu trong di tn 2.4 Ghz , vi cc tc 1- 2 Mbps


Kho lun tt nghip


IEEE 802.11b s dng phng php tri ph trc tip DSSS. Tiu chun 802.11b c xy dng 2 lp di cng ca m hnh OSI: PHY v lp con MAC thuc lp lin kt d liu. tng tc truyn ln cho chun 802.11b, vo nm 1998, Lucent v Harris xut cho IEEE mt chun c gi l Complementary Code Keying(CCK). CCK s dng mt tp 64 t cc m 8 bit, do 6 bit c th c i din bi bt k t m no. V l mt tp hp nhng t m ny c cc c tnh ton hc duy nht cho php chng c bn nhn nhn ra mt cch chnh xc vi cc k thut khc, ngay c khi c s hin din ca nhiu. Vi tc 5.5 Mbps s dng CCK m ho 4 bit mi sng mang, v vi tc 11 Mbps m ho 8 bit mi sng mang. C hai tc u s dng QPSK lm k thut iu ch v tn hiu 1.375 MSps. V FCC iu chnh nng lng u ra thnh 1 watt Effective Isotropic Radiated Power(EIRP). Do vi nhng thit b 802.11, khi di chuyn ra khi sng radio, radio c th thch nghi v s dng k thut m ho t phc tp hn gi d liu v kt qu l tc chm hn. Mt trong nhng nhc im ca IEEE 802.11b l bng tn d b nghn v h thng d b nhiu bi cc h thng mng khc, l vi ba, cc loi in thoi hot ng tn s 2.4 GHz v cc mng Bluetooth. ng thi IEEE 802.11b cng c nhng hn ch nh: thiu kh nng kt ni gia cc thit b truyn ging ni, khng cung cp dch v QoS (Quality of Service) cho cc phng tin truyn thng. Mc d vn cn mt vi hn ch v nhc im nhng chun 802.11b (thng gi l Wifi) l chun thng dng, c s dng ph bin nht hin nay vi s lng ln cc nh cung cp cho cc i tng khch hng l cc doanh nghip, gia nh hay cc vn phng nh.

Hnh 2.1: Cc la chn chun IEEE 802.11b

IEEE 802.11b+: TI (Texas Instruments) pht trin mt k thut iu ch gi l PBCC (Packet Binary Convolutional Code) m n c th cung cp cc tc tn


Kho lun tt nghip


hiu 22Mbps v 33Mbps. TI sn xut cc chipset da trn 802.11b cn h tr PBCC 22Mbps.Cc sn phm kt hp cc chipset ny c bit nh l cc thit b 802.11b+. Chng hon ton tng thch vi 802.11b, v khi giao tip vi nhau c th t c tc tn hiu 22Mbps. Mt s tng cng m TI c th c s dng gia cc thit b 802.11b+ l ch 4x, n s dng kch thc gi tin ti a ln hn (4000 byte) gim chng lp v tng thng lng. 2.1.3 IEEE 802.11a Chun 802.11b s dng k thut m ho da trn DSSS, mt k thut c pht trin bi qun i. Khng ging 802.11b, 802.11a c thit k hot ng bng tn 5 GHz Unlicensed National Information Infrastructure (UNII). Khng ging nh bng tn ISM (khong 83 MHz trong ph 2.4 GHz), 802.11a s dng gp 4 ln bng tn ISM v UNII s dng ph khng nhiu 300MHz.

Hnh 2.2: Di tn 5 GHz ch li u tin ca 802.11a so vi 802.11b l chun hot ng ph 5.4 GHz, cho php n c hiu sut tt hn v c tn s cao hn. ch li th hai da trn k tht m ho s dng bi 802.11a. 802.11a s dng mt phng thc m ho c gi l coded orthogonal FDM(COFDM hay OFDM). Mi knh ph trong s thc thi COFDM c rng khong 300 kHz. COFDM hot ng bng cch chia nh knh truyn d liu tc cao thnh nhiu knh truyn ph c tc thp hn, v sau s c truyn song song. Mi knh truyn tc cao c rng l 20MHz v c chia nh thnh 52 knh ph, mi ci c rng khong 300 kHz. COFDM s dng 48 knh ph cho vic truyn d liu, v 4 knh cn li c s dng cho sa li. COFDM c tc truyn cao hn v c kh nng phc hi li tt hn, nh vo k thut m ho v sa li ca n. Mi knh ph c rng khong 300


Kho lun tt nghip


kHz. m ho 125 kbps th BPSK c s dng cho tc khong 6000 kbps. S dng QPSK th c kh nng m ho l6n ti 250 kbps mi knh, cho tc khong 12Mbps. Bng cch s dng QAM 16 mc m ho 4bit/Hertz, v t c tc 24 Mbps. Tc 54 Mbps t c bng cch s dng 64 QAM, cho php t 8-10 bit cho mi vng, v tng cng ln n 1.125 Mbps cho mi knh 300 kHz. Vi 48 knh cho tc 54 Mbps, tuy nhin, tc ti a theo l thuyt ca COFDM l 108 Mbps.Tt c cc bng tn dng cho Wireless LAN l khng cn ng k, v th n d dng dn n s xung t v nhiu. trnh s xung t ny, c 802.11a v 802.11b u c s iu chnh gim cc mc ca tc truyn d liu. Trong khi 802.11b c cc tc truyn d liu l 5.5, 2 v 1 Mbps th 802.11a c by mc (48, 36, 24, 18, 12, 9, v 6 )..

2.1.4 IEEE 802.11g Chun IEEE 802.11g l mt chun mi, c khi tho t nm 2001 nhng mi n nm 2003 mi hon thnh. Mc d chun 802.11a c tc nhanh (54 Mbps), hot ng ti bng tn cao (5 GHz ) nhng nhc im ln nht ca n l khng tng thch vi chun 802.11b. V th s khng th thay th h thng ang dng 802.11b m khng phi tn km qu nhiu. IEEE cho ra i chun 802.11g nhm ci tin 802.11b v tc truyn cng nh bng thng. 802.11g c hai c tnh chnh sau y: S dng k thut OFDM (Orthogonal Frequency Division Multiplexing), c th cung cp cc dch v c tc ln ti 54Mbps. Trc y, FCC (Federal Communication Commission- USA) c cm s dng OFDM ti 2,4GHz. Nhng hin nay FCC cho php s dng OFDM ti c hai bng tn 2.4GHz v 5GHz. Tng thch vi cc h thng 802.11b tn ti trc. Do , 802.11g cng c h tr CCK v thit b 802.11g cng c th giao tip vi thit b 802.11b c sn Mt thun li r rng ca 802.11g l tng thch vi 802.11b (c s dng rt rng ri ) v c c tc truyn cao nh 802.11a . Tuy nhin s knh ti a m 802.11g c s dng vn l 3 nh 802.11b. Bn cnh , do hot ng tn s 2,4 GHz nh 802.11b, h thng s dng 802.11g cng d b nhiu nh 802.11b.

IEEE 802.11g+: c ci tin t chun 802.11g, hon ton tng thch vi 802.11a v 802.11b, c pht trin bi TI. Khi cc thit b 802.11g+ hot ng vi nhau th thng lng t c c th ln n 100Mbps. Tm hot ng trung bnh ca cc chun c th t n 90 mt, ty theo tiu chun, tc v iu kin mi trng lm vic.


Kho lun tt nghip


Bng1: Bng tm tt thng s cc chun 802.11 thng dng Chun WiFi IEEE 802.11a Tn s (GHz) 5 Tc (Mbps) 54 Khong cch (m) 12m: 54Mb/s 90m: 6Mb/s 30m: 11Mb/s 90m: 1Mb/s 15m: 54Mb/s 45m: 11Mb/s

EEE 802.11b

2.4

11

IEEE 802.11g

2.4

54

2.1.5 IEEE 802.11i N l chun b sung cho cc chun 802.11a, 802.11b, 802.11g v vn bo mt. N m t cch m ha d liu truyn gia cc h thng s dng cc chun ny. 802.11i nh ngha mt phng thc m ho mnh m gm Temporal Key Integrity Protocol (TKIP) v Advanced Encryption Standard (AES).

2.1.6 IEEE 802.11n Mt chun Wi-Fi mi ang c Lin minh WWiSE a ra xin ph chun (d kin vo nm 2008), vi mc tiu a kt ni khng dy bng thng rng ln mt tm cao mi. Cng ngh ny ha hn s y mnh ng k tc ca cc mng cc b khng dy (WLAN). Lin minh WWiSE (WorldWide Spectrum Efficiency), bao gm cc cng ty: Airgo Networks, Bermai, Broadcom, Conexant Systems, STMicroelectronics v Texas Instruments, cho bit cng ngh Wi-Fi mi ang c nhm tho lun 802.11n ca Vin K thut in v in t (IEEE) xem xt. y l b phn gim st mt chun Wi-Fi th h k tip c kh nng duy tr tc trao i d liu khng dy vt mc 100Mbps. Chun Wi- Fi xut da trn cng ngh MIMO- OFDM ( multiple input, multiple output- orthogonal frequency division multiplexing), cung cp tc cao hn bng cch s dng hai anten mi u ca tn hiu (mt truyn, mt nhn), thay v mt anten mi u nh hin nay.


Kho lun tt nghip


Cng ngh MIMO s l thnh phn ct yu ca chun 802.11n, cung cp phm vi ph sng WLAN n nh hn vi t l truyn d liu siu nhanh. N s cho php ngi dng thc hin nhiu cng vic hn vi Wi- Fi, c bit trong cc ng dng a phng tin. WWiSE cho bit cng ngh mi c th t t l truyn ti a ln n 135Mbps trong cu hnh ti thiu 2 ni 2 (two- by- two), v t l ny c th ln ti 540Mbps qua 1 cu trc MIMO 4 ni 4 (four- by- four) v rng knh truyn 40MHz.

2.1.7 Cu trc c bn ca WLAN IEEE 802.11 Mt mng WLAN 802.11 thng thng gm bn thnh phn chnh: H thng phn phi (DS), im truy nhp (AP), Mi trng v tuyn (WM) v Cc trm STA

:

Hnh.2.3: Cc thnh phn vt l c bn ca WLAN

2.1.7.1 H thng phn phi (Distribution System) Thnh phn kin trc dng kt ni cc nhm dch v vi nhau v tch hp vi cc mng LAN to thnh mt mng m rng c gi l H thng phn phi DS. Hay ni cch khc, DS s dng kt ni cc BSS vi nhau, iu phi thng tin n cc trm ch. Mt DS cho php h tr cc thit b di ng bng cch cung cp cc dch v logic cn thit gim st a ch chuyn i ch v tch hp nhiu BSS. D liu di chuyn gia mt BSS v DS qua mt AP. Cc a ch c AP s dng trao i thng tin trn mi trng v tuyn WM v trn mi trng h thng phn phi DSM khng nht thit phi ging nhau.


Kho lun tt nghip


WLAN phn tch mt cch logic mi trng v tuyn vi mi trng h thng phn phi. Mi mi trng logic khc nhau c s dng cho mi mc ch khc nhau bi mt thnh phn kin trc khc nhau. Trong thc t, h thng phn phi c xem nh s kt hp gia cu ni (bridge) v mi trng h thng phn phi. N l cc mng xng sng (backbone), s dng chuyn cc gi tin gia cc im truy nhp. 2.1.7.2 im truy nhp (Access Points) Thit b gi l im truy nhp ng vai tr nh l cu ni gia mng WLAN vi trng bn ngoi. Chc nng chnh ca im truy nhp l m rng mng (m rng mt vng ph sng v tuyn). Cc im truy nhp b sung c th c trin khai trong mt to nh hay khun vin trng i hc nhm to ra cc vng truy nhp v tuyn rng ln. im truy nhp h tr kh nng truy nhp ti h thng phn phi bng cch cung cp cc dch v b sung n hot ng nh mt trm c s. Ngoi ra im truy nhp cng ng vai tr phn b trong cc cu hnh mng khng ngang hng. 2.1.7.3 Mi trng v tuyn (Wireless Medium) L mi trng truyn cc sng in t mang thng tin t trm ny n trm khc. y chnh l mi trng khng kh. 2.1.7.4 Cc trm (Station) Cc mng WLAN c thit k v xy dng nhm mc ch kt ni cc trm vi nhau. Trm c th l nhng thit b nh my tnh, in thoi cm tay hay bt c thit b no c giao din v tuyn. Basic service set (BSS)

802.11 nh ngha BSS nh mt khi kt cu c bn ca mng WLAN. Hnh 2.4 biu din hai BSS, mi BSS c hai trm.STA1`

BSS1

STA2`

STA3`

BSS2

`

STA4

Hnh 2.4: Cu trc c bn ca WLAN


Kho lun tt nghip


BSS ch gm mt nhm cc trm khng dy truyn thng vi nhau trong mt phm vi gii hn, c xc nh bi cc c tnh ca mi trng truyn. Khi mt trm nm trong vng phc v, n c th lin lc vi tt c cc thnh phn khc trong BSS. Nu mt trm di chuyn ra ngoi BSS ca n, n s khng lin lc trc tip c vi cc thnh vin khc ca BSS.

2.1.8 M hnh ca WLAN IEEE 802.11Hai m hnh c bn s dng cho WLAN l mng Ad- hoc v mng c s h tng (Infrastructure). Hai m hnh ny c s khc bit nhau r rng v gii hn khng gian s dng, cch qun l mng, kin trc mng.

2.1.8.1 Ad- hoc hay cn gi l IBSS (Independent Basic Service Set) Ad- hoc l m hnh mng m trong ch bao gm cc my trm, khng c Access Point. Mi thit b kt ni trc tip vi cc thit b khc trong mng, cc nt di ng trao i thng tin trc tip vi nhau thng qua cc b bin i v tuyn..V c bn, hai my tnh c trang b thm Card adapter v tuyn c th hnh thnh mt mng c lp khi chng trong di tn ca nhau. M hnh ny rt thch hp cho vic kt ni mt nhm nh cc thit b v khng cn phi giao tip vi cc h thng mng khc, nh trong cc hi ngh thng mi hoc trong cc nhm lm vic tm thi. Cc mng hnh thnh theo nhu cu nh vy khng cn thit phi qun l hay thit lp cu hnh t trc. Nt di ng c th truy cp vo cc ti nguyn ca cc my khc m khng phi qua mt my ch trung tm. Tuy nhin chng c th c nhng nhc im v vng ph sng b gii hn, mi ngi s dng u nghe c ln nhau.

Hnh 2.5: M hnh Ad- hoc


Kho lun tt nghip


2.1.8.2 M hnh mng c s h tng (Infrastructure Basic Service Set) Infrastructure BSS l mt m hnh m rng ca mt mng WLAN c bng cch s dng im truy cp Access Point, cc thit b di ng khng giao tip trc tip vi nhau m giao tip vi cc im truy nhp. im truy cp AP ng vai tr va l cu ni ca mng WLAN vi cc mng khc va l trung tm iu khin s trao i thng tin trong mng. im truy cp gip truyn v nhn d liu gia cc thit b trong mt vng ln hn. Phm vi v s thit b s dng trong mng c s h tng tu thuc vo chun s dng v sn phm ca cc nh sn xut. Trong m hnh mng c s h tng c th c nhiu AP to ra mt mng hot ng trn phm vi rng hay ch c duy nht mt Access Point cho mt phm vi nh nh trong mt cn nh, mt to nh. Mng c s h tng c hai li th chnh so vi mng c lp IBSS: Infrastructure c thit lp ph thuc vo tm hot ng ca AP. V vy, mun thit lp WLAN tt c cc thit b di ng bt buc phi nm trong vng ph sng ca AP v mi cng vic giao tip mng u phi thng qua AP. Ngc li, kt ni trc tip IBSS trong mng ad- hoc gip hn ch thng tin truyn v nhn ca mng nhng chi ph li gia tng tng vt l bi v tt cc thit b u lun lun phi duy tr kt ni vi tt c cc thit b khc trong vng dch v. Trong mng c s h tng , AP cn cho php cc station chuyn sang ch

tit kim nng lng. Cc AP c thng bo khi mt station chuyn sang ch tit kim nng lng v to frame m cho chng. Cc thit b ch trng s dng nng lng (Battery- operated) c th chuyn b thu pht tn hiu ca mnh sang ch ngh v khi hot ng li s nhn c tn hiu c khi phc t cc frame m lu trong AP.

Hnh 2.6: M hnh mng c s h tng Infratructure


Kho lun tt nghip


Cc cell c th chng ln ln nhau khong 10-15 % cho php cc trm di ng c th di chuyn m khng b mt kt ni v tuyn v cung cp vng ph sng vi chi ph thp nht. Cc my trm s chn AP tt nht kt ni.

Vic thit k WLAN s tng i n gin nu thng tin v mng v qun l cng nm trong mt vng. Mt im truy nhp nm trung tm c th iu khin v phn phi truy nhp cho cc nt tranh chp, cung cp truy nhp ph hp vi mng ng trc, n nh cc a ch v cc mc u tin, gim st lu lng mng, qun l chuyn i cc gi v duy tr theo di cu hnh mng. Tuy nhin giao thc a truy nhp tp trung khng cho php cc nt di ng truyn trc tip ti nt khc nm trong cng vng vi im truy nhp nh trong m hnh mng Ah- hoc. Trong trng hp ny, mi gi s phi c pht i 2 ln (t nt pht gc v sau l im truy nhp) trc khi n ti nt ch, qu trnh ny s lm gim hiu qu truyn dn v tng tr truyn dn. Tuy nhin cc h thng nh vy thng cung cp cc thng lng d liu cao hn, vng ph sng rng hn v c th phc v cc lu lng video, thoi vi thi gian thc. Ngoi ra mt im truy nhp nm v tr thch hp c th gim ti thiu c cng sut pht v gii quyt c cc vn ca nt n mt cch hiu qu. V WLAN s dng cc giao thc a truy nhp cm nhn sng mang CSMA/CA nn c th cc nt trong mng c s yu cu ch truyn gi ti im truy nhp. Sau im truy nhp s chuyn tip cc gi ti ng a ch ch.

2.1.8.3 M hnh mng m rng ESS (Extended Service Set) Mng 802.11 m rng phm vi di ng ti mt phm vi bt k thng qua ESS. Mt ESS l mt tp hp ca cc Infrastructure BSS ni m cc Access Point giao tip vi nhau chuyn lu lng t mt BSS ti mt BSS khc lm cho vic di chuyn d dng ca cc trm gia cc BSS Access Point thc hin vic giao tip thng qua h thng phn phi. H thng phn phi l mt lp mng trong mi Access Point m n xc nh ch n cho lu lng c nhn t mt BSS. H thng phn phi xc nh lu lng nn c tip sng tr li mt ch n trong cng mt BSS, chuyn tip trn h thng phn phi ti mt Access Point khc, hoc gi ti mng c dy ti ch n khng nm trong ESS. Cc thng tin nhn bi Access Point t h thng phn phi c truyn ti BSS c nhn bi trm ch.


Kho lun tt nghip


Hnh 2.7: M hnh ESS V d v m hnh hon chnh:

Hnh 2.8: Mng WLAN hon chnh tng qut


Kho lun tt nghip


2.1.9 M hnh tham chiu WLAN IEEE 802.11H thng bao gm hai phn chnh:

Lp MAC ca lp lin kt d liu Lp vt l PHY

Nhng lp ny tng ng vi cc lp thp nht trong m hnh tham chiu c bn OSI.

Lp lin kt d liu

Phn lp M AC

Qun l phn lp M AC Qun l trm

Phn lp hm hi t lp vt l PLCP Lp vt l Phn lp ph thuc lp vt l PM D

Q un l phn lp vt l PHY

Hnh 2.9: M hnh tham chiu c s IEEE 802.11

2.1.9.1 Phn lp vt l PHY Lp vt l ca IEEE 802.11 tng ng hon ton vi lp vt l trong m hnh OSI chun. Lp vt l cung cp s kt ni cho php truyn cc khung d liu MAC t trm ny n trm khc qua mi trng truyn. Lp vt l PHY c chia thnh 2 phn lp v thc th chc nng qun l lp vt l: - PMD (Physical Medium Depentdant): Phn lp ph thuc mi trng vt l. X l cc thuc tnh ca mi trng v tuyn (tc l cc phng php tri ph) v xc nh cch pht v thu d liu thng qua mi trng (v d nh iu ch v m ho). - PLCP (Physical Layer Covergence Procedure): Phn lp hi t lp vt l.


Kho lun tt nghip


Xc nh phng php chuyn i cc n v d liu giao thc phn lp MAC vo mt khun dng gi thch hp cho phn lp PMD. N cng c th thc hin cm bin sng mang (n nh knh) cho phn lp MAC. + PLME: Chc nng qun l lp vt l. Thc hin qun l cc chc nng lp vt l kt hp vi cc thc th qun l MAC Tm li PHY cung cp ba chc nng: u tin, PHY cung cp mt giao din trao i cc frame vi lp MAC trn cho vic truyn v nhn d liu. Th hai, PHY s dng iu ch sng mang tn hiu v ph tri rng truyn cc frame d liu qua mi trng v tuyn. Th ba, PHY cung cp mt du hiu cm ng sng mang tr li MAC kim tra hot ng trn mi trng. 802.11 cung cp ba nh ngha PHY khc nhau: c FHSS v DSSS h tr tc d liu 1 Mbps v 2 Mbps. Mt s m rng ca kin trc 802.11 (802.11a) nh ngha cc k thut a thnh phn c th t c tc d liu ti 54 Mbps. Mt s m rng khc (802.11b) nh ngha tc d liu 11 Mbps v 5.5 Mbps tn dng mt s m rng ti DSSS c gi l High Rate DSSS (HR/DSSS). 802.11b cn nh ngha mt k thut thay i tc m t mng 11 Mbps xung cn 5.5 Mbps, 2 Mbps, hoc 1 Mbps di cc iu kin nhiu hoc hot ng vi cc lp PHY 802.11 tha k. Khc vi cc mng c dy truyn thng, mng khng dy truyn d liu thng qua mi trng mng qua hnh thc pht x sng in t trng. Yu cu chung l vng ph sng phi rng, p ng c cc nhu cu ca ngi s dng. Hai loi mi trng c s dng rng ri nht cho cc ng dng vng cc b l sng hng ngoi v sng v tuyn. Hu ht cc my tnh c nhn hin nay u c cng hng ngoi cho php kt ni nhanh ti my in v cc thit b ngoi vi khc. Tuy nhin sng hng ngoi c mt s hn ch, n s d b cn tr bi tng ngn hoc vt cn. Cn sng v tuyn li c th xm nhp qua hu ht cc vt chng ngi trong phng v cho vng bao ph rng. Do , hu ht cc sn phm 802.11 trn th trng hin nay u s dng sng v tuyn truyn pht thng tin.

2.1.9.2 Phn lp iu khin truy nhp mi trng MAC


Kho lun tt nghip


c trng nht ca IEEE 802.11 chnh l lp con MAC. Lp con MAC quy nh cc phng thc truy nhp knh, truyn khung d liu v tng tc vi mi trng mng bn ngoi. Ging nh Ethernet, 802.11 s dng phng thc a truy cp cm nhn sng mang iu khin vic truy nhp mi trng truyn. Tuy nhin, do s phc tp ca mi trng v tuyn nn giao thc ca n cng phc tp hn.

2.1.9.2.1 Chc nng lp con MAC Kin trc ca lp con MAC trong tiu chun IEEE 802.11 bao gm hai chc nng phi hp c bn (Hnh 2.9): - Chc nng phi hp phn b DCF (Distribution Coordiration Funtion). - Chc nng phi hp theo im PCF (Point Coordiration Funtion). Mi chc nng nh ngha mt phng thc hot ng khc nhau cho trm mun truy nhp vo mi trng khng dy. Chc nng phi hp c hiu nh l chc nng quyt nh vic khi no mt trm trong BSS c php truyn hay nhn mt phn on n v d liu giao thc MAC (MPDU) mi trng v tuyn.

Ch hot ng DCF l bt buc i vi tt c cc ng dng, cn chc nng PCF l tu chn, DCF khng s dng bt c loi iu kin trung tm no, bn cht ca n l mt giao thc MAC a truy cp cm nhn sng mang c trnh xung t CSMA/CA. Ch cn li PCF s dng trm nn iu khin ton b cc hot ng trong , n hot ng tng t nh mt h h vng.

Y u c u c h o d c h v k h n g ca n h tran h

S d n g ch o c c d c h v c n h tran h v c s c h o PCF

M AC E x t en t

Chc nng phi hp i m(P C F ) C h c n n g p h i h p p h(DnCt n F )

Hnh 2.10: M hnh phn lp MAC


Kho lun tt nghip


2.1.9.2.2 n v d liu giao thc MAC 802.11 tng qutT y nd n ru 1 h oc 2 Mp bs

T u M D i P U (3 o te ) 0 c t

D li n i d n u g g (0-2 1 3 2 o te ) c t

C u i k mtrak u g h i hn (4 o te ) c t

uk i i h n kug hn (2 o te ) c t

N d n hn g kon hg th i g n ia (2 o te ) c t

c a h 1 (6 o te ) c t

c a h 2 (6 o te ) c t

c a h 3 (6 o te ) c t

Cu i u h i k i h n (2 o te ) c t

c a h 4 (6 o te ) c t

Hnh 2.10: Khun dng n v d liu giao thc MAC tng qut

Bng 2: Thng tin cho cc trng d liu khc nhau trong phn tiu MPDUTrng iu khin khung Thng tin Phin bn hin ti ca tiu chun, cc gi c nhn hoc gi i ti h thng phn phi, qun l ngun, phn mnh, gi m ho v nhn thc. Khong thi gian ca vector phn phi mng, nhn dng nt ang hot ng ch bo v ngun. Cc a ch ca BSSID, ch, ngun, b pht, v b thu. Chui s ca gi v phn on gi.

Khong thi gian/Nhn dng Cc trng a ch 1-4 Chui iu khin

Hnh 2.10 biu din khun dng ca n v d liu giao thc MAC 802.11 tng qut (MPDU). Cc trng a ch 2, a ch 3, iu khin chui, a ch 4 v d liu ngi dng ch c trong mt s trng hp nht nh. MPDU c bo v c lp bi cc bit kim tra li. C ba kiu gi: Cc gi d liu; Cc gi iu khin (v d nh cc gi RTS, CTS, ACK);

RTS: gi yu cu gi, s dng khai bo cho cc trm trnh ng .


Kho lun tt nghip


CTS: xa gi, gi CTS c truyn t trm khai bo trong gi tin RTS cc trm khc bit c 1 gi tin sp c truyn. ACK: gi tin c s dng xc nhn gi tin c nhn thnh cng. Cc gi qun l (v d nh n hiu).

Thng tin cho bi cc trng khc nhau trong phn tiu MPDU c lit k trong Bng 2

2.1.9.2.3 Cc khong thi gian lin khung Quyn u tin truy nhp ti mi trng v tuyn c iu khin thng qua cc khong khng gian gia cc khung truyn, gi l cc khong thi gian lin khung IFS (Inter Frame Space). Cc gi tr IFS c xc nh bi lp vt l. Mt trm xc nh xem mi trng c ri khng thng qua chc nng pht hin sng mang trong khong thi gian ch nh. C ba loi thi gian lin khung thng c s dng cung cp cc mc logic u tin khc nhau cho vic truy nhp n phng tin v tuyn l:-

SIFS (Short Inter Frame Space) khong thi gian lin khung ngn.

SIFS l khong thi gian ngn nht, thng s dng cho khung ACK, CTS, MPDU th hai hoc tip sau ca mt khi phn on. SIFS s c s dng khi cc trm chim c mi trng v cn gi trong mt khong thi gian thc hin trao i khung. S dng khe thi gian ngn nht gia cc ln truyn khung s ngn cho cc trm khc c gng truy nhp mi trng, nhng trm ny c yu cu ch trong mt khong thi gian di hn, iu ny to iu kin u tin hon thnh mt chu trnh trao i khung. PIFS (PCF Inter Frame Space) khong thi gian lin khung PCF

PIFS s c s dng trong cc hot ng ca cc trm theo PCF tng quyn u tin truy nhp n phng tin ti thi im u ca khong tranh chp. Mt trm s dng PCF s c cho php truyn sau khi c ch cm nhn sng mang ca n xc nhn rng DIFS (DCF Inter Frame Space) khong thi gian lin khung DCF

c s dng trong khung hot ng ca cc trm di DCF truyn cc khung d liu MPDU v khung qun l. Mt trm s dng DCF s c cho php truyn sau khi c ch cm nhn sng mang ca n xc nhn rng mi trng ri sau mt khong thi gian.


Kho lun tt nghip


2.1.9.2.4 Chc nng phi hp phn b DCF Phng thc truy nhp c bn ca MAC WLAN IEEE 802.11 l DCF c bit vi di tn a truy nhp cm nhn sng mang vi c ch trnh xung t. DCF c th c p dng tt c cc STA, s dng cho c cu hnh IBSS ln cu hnh mng c s h tng.

Hnh 2.11: Chc nng phi hp phn b DCF

Khi mt STA mun truyn tn hiu, n s nghe mi trng xc nh xem liu c mt STA khc ang truyn hay khng. Nu mi trng c xc nh l khng bn, qu trnh chuyn i c th din ra. C ch trruy nhp CSMA/CA bt buc phi c mt khe thi gian ti thiu tn ti gia cc khung truyn i lin tc. Mt STA ang truyn phi m bo rng mi trng ang ri trong khong thi gian ny trc khi truyn. Nu mi trng c xc nh l bn, STA s ch cho kt thc qu trnh truyn hin ti. Sau khi ch, hoc trc khi c gng truyn li ngay lp tc sau mt ln truyn thnh cng, STA s chn mt khong thi gian ngng (backoff) ngu nhin v s gim b m thi gian ngng. Giao thc truy nhp mi trng c s l DCF, n cho php chia s phng tin t ng gia cc PHY tng thch thng qua s dng c ch CSMA/CA v mt thi gian ngng ngu nhin sau mt trng thi mi trng bn. Thm vo tt c cc lu lng trc tip s dng xc nhn (khung ACK) tch cc m ti vic truyn dn li c ln k hoch bi bn gi nu khng nhn c ACK no. Giao thc CSMA/CA c thit k gim xc sut xung t gia nhiu STA cng truy nhp mt mi trng, ti thi im xung t c kh nng xy ra ln.


Kho lun tt nghip


Ch ngay sau khi phng tin chuyn sang ri l thi im m xc sut xy ra xung t ln nht. iu ny xy ra l do c nhiu STA ang ch mi trng tr li. y l tnh hung i hi th tc ngng ngu nhin gii quyt cc xung t mi trng.

Pht hin sng mang c th thc hin bng c ch vt l hoc c ch o. C ch pht hin sng mang o t c bng cch phn tn thng tin yu cu gi trc, thng tin ny thng bo v s dng sp ti ca mi trng. Trao i cc khung RTS v CTS trc khung d liu thc s l cch phn tn thng tin gi trc mi trng. Cc khung RTS v CTS cha mt trng thi gian/ID nh ngha khong thi gian m mi trng s c gi trc truyn khung gi liu thc v tr v khung ACK. Tt c cc trm STA nm trong phm vi nhn ca STA ngun (truyn RTS) hoc STA ch (truyn CTS) s bit c yu cu gi mi trng . Do mt STA c th khng phi l ch nhn d liu ca STA ngun vn c th bit c v s s dng mi trng trc mt. Mt cch khc phn tn thng tin ginh trc mi trng l trng thi gian/ ID trong khung trc tip. Trng ny a ra thi gian m mi trng s b chim, hoc l ti thi im kt thc ca ACK tip theo, hoc trong trng hp chui phn on l thi im kt thc ca ACK tip sau phn on k tip. Vic trao i RTS/CTS thc hin theo kiu xem xt xung t nhanh v kim tra ng truyn dn. Nu STA pht RTS khng nhn c CTS, STA ngun c th lp li qu trnh nu khung d liu di c truyn i v khng nhn c ACK. Mt li im khc na ca c ch RTS/CTS l khi nhiu BSS tn dng cng mt knh xp chng. C ch gi trc mi trng lm vic qua cc ranh gii BSA. C ch RTS/CTS cng c th tng cng kh nng hot ng trong mt iu kin c th khi tt c cc STA u c th nhn t AP, nhng khng th nhn t cc STA khc trong BSS.

2.1.9.2.5 Chc nng phi hp im PCF Ngoi DCF, MAC cng c th kt hp mt phng php truy nhp tu chn gi l PCF, n ch c th s dng trn cc cu hnh mng c s h tng. Phng php truy nhp ny s dng mt b phi hp im PC (Point Coordiration) hot ng ti im truy nhp ca BSS xc nh trm no s c php truyn. V c bn, giao thc ny hot ng ging nh s thm d (Polling), trong PC ng vai tr ca b phn iu khin thm d.


Kho lun tt nghip


Hnh 2.12: Chc nng phi hp im PCF

PCF s dng c ch pht hin sng mang o c h tr bi mt c ch u tin truy nhp. PCF s phn tn thng tin trong cc khung qun l (Beacom Frame), thu c quyn qun l mi trng bng cch t ra cc vector cp pht mng NAV trong cc trm. Thm vo , tt c cc truyn dn khung di s iu khin ca PCF u s dng khong thi gian lin khung IFS nh hn thi gian IFS cho cc khung c truyn i thng qua DCF. Vic s dng thi gian lin khung IFS nh hn c ngha l lu lng phi hp im s c quyn u tin truy nhp phng tin truyn thng ln hn cc trm trong ch hot ng trong BSS di phng php truy nhp DCF. u tin truy nhp PCF c th c tn dng to ra mt phng php truy nhp khng tranh chp (CF Contension Free). PC s iu khin vic truyn dn khung ca cc trm loi b tranh chp trong mt khong thi gian gii hn no .

2.1.9.2.6 Phn mnh Trong tt c cc qu trnh truyn dn gi trong mng WLAN, cc bn tin c di thay i c s dng trong tiu chun IEEE 802.11. Theo cch ny, tng s cc gi tin pht i l nh nht. iu ny tr nn quan trng t c thng lng cao do rt nhiu thit b mng b gii hn bi s lng gi tin m chng c th x l trong mt giy. Vic phn mnh d liu c th c ch khi p dng cho cc thit b di ng di chuyn tc trung bnh. Qu trnh phn mnh gi c th lm gim tc ng ca xung t v l mt la chn tt s dng RTS/CTS. Chun 802.11 khuyn ngh chiu di gi c phn mnh nn nh hn 3,5 ms (tc l di gi gm 400 octet c tc d liu 1 Mbps). Tuy nhin, qu trnh phn mnh ho yu cu phn thng tin ph nhiu hn do s lng cc gi tin v cc gi ACK c x l tng ln, do phn


Kho lun tt nghip


thng tin mo u v thng tin tiu trong mi gi tin c phn mnh v do cc SIFS b sung.D S IF

M nh 1 (N A ) t

S S IF

M nh 2 (N A ) t

S S IF

M nh 3 (N A ) t

NtA

S S IF

A K 1 C

S S IF

A K 2 C

S S IF A K 3 C

NtB

Hnh 2.13: Qu trnh phn mnh mt gi d liu unicast t c nhng thun li ny, mt c ch phn mnh/ti kt hp n gin c a vo trong lp MAC 802.11 (xem Hnh 1.12). Mi gi bao gm mt chui s s dng cho vic ti kt hp. Mt ngng phn mnh xc nh di ln nht ca gi trn c phn mnh.2.2 Tiu chun HiperLAN

S pht trin ca thng tin v tuyn bng rng t ra nhng yu cu mi v mng LAN v tuyn. l nhu cu cn h tr v QoS, bo mt, quyn s dng, ETSI (European Telecommunications Standards Institute- Nm 1992, Vin cc tiu chun Vin thng Chu u thnh lp hip hi xy dng tiu chun WLAN dng cho cc mng LAN v tuyn (HiperLAN) hot ng hiu sut cao (High Performance LAN), tiu chun ny xoay quanh m t cc giao tip mc thp v m ra kh nng pht trin mc cao hn.

Hnh 2.14: M hnh HiperLAN v OSI


Kho lun tt nghip


Chun HiperLAN ging nh chun 802.11, chun ny phc v cho c cc mng c lp v cc mng c cu hnh c s. HiperLAN hot ng bng tn 5,15 n 5,3 GHz (bng tn c chia thnh 5 knh tn s) vi mc cng sut nh thp khong 1W. Tc d liu v tuyn ti a c th h tr l khong 23,5 Mbps v chun ny cng h tr cho cc ngi dng di ng tc thp (khong 1,4 m/s).. C 4 loi HIPERLAN c a ra: HIPERLAN/1, HIPERLAN/2, HIPERCESS (3) v HIPERLINK (4).vo nm 1996. Bng 3: c tnh ca chun HiperLAN

Trong cc chun ca HiperLAN, HiperLAN2 l chun c s dng rng ri nht bi nhng c tnh k thut ca n. Nhng c tnh k thut ca HiperLAN2: Truyn d liu vi tc cao Kt ni c nh hng. H tr QoS. Cp pht tn s t ng H tr bo mt Mng v ng dng c lp Tit kim nng lng Tc truyn d liu ca HiperLAN2 c th t ti 54 Mbps. S d c th t c tc v HiperLAN2 s dng phng php gi l OFDM (Orthogonal Frequence Digital Multiplexing dn knh phn chia tn s). OFDM c hiu qu trong c cc mi trng m sng radio b phn x t nhiu im.


Kho lun tt nghip


HiperLAN Access Point c kh nng h tr vic cp pht tn s t ng trong vng ph sng ca n. iu ny c thc hin da vo chc nng DFS (Dynamic Frequence Selection) Kin trc HiperLAN2 thch hp vi nhiu loi.mng khc nhau. Tt c cc ng dng chy c trn mt mng thng thng th c th chy c trn h thng mng HiperLAN2.

2.3 Tiu chun OpenAir Mt nhm cc nh cung cp sn phm tnh ton di ng thnh lp mt t chc c tn l WLIF Din n tng h cc mng WLAN. Hin nay, WLIF c 38 thnh vin, cc cng ty thnh vin cung cp nhiu sn phm dch v WLAN tng h vi nhau, v th m thc y s pht trin ca ngnh cng nghip mng WLAN. WLIF cng b giao din OpenAir cho php cc b phn c lp c th pht trin cc sn phm tng thch v thit lp tin trnh cp bng xc nhn cho cc c tnh tng h ca cc sn phm WLAN. Cc c t WLIF da trn mng WLAN FHSS 2,4 GHz gii thiu vo u nm 1994. H thng ny hot ng tc 1,6 Mbps trn mi mu nhy tn. Vi 15 mu c lp, tc d liu tng ln n 2,4 Mbps (15 x 1,6 Mbps). Chun OpenAir hon thnh vo nm 1996. OpenAir MAC da trn CSMA/CA v RTS/CTS nh 802.11. Tuy nhin OpenAir khng thc hin vic m ha ti lp MAC, nhng li c ID mng da trn mt khu. OpenAir cng khng cung cp chc nng tit kim cng sut.

2.4 Tiu chun HomeRF HomeRF l mt cng ngh c s dng trong truyn thng khng dy, c s dng ch yu trong cc h thng mng gia nh. HomeRF l tn vit tt ca cm t Home Radio Frequency, mt loi mng cc b s dng tn s Radio kt ni v trao i d liu gia cc phn t ca mng. Cc phn t ca mng ny rt a dng: c th l cc my tnh PC, cc thit b Mobile, cc loi thit b cm tay khc (c giao din v tuyn). HomeRF c nu ln vo nm 1998. C nhiu tp on cng nghip nh: Compaq, IBM, Intel, Microsoft tp trung nghin cu. Mc ch chung ca h l pht trin mt giao thc chun chung cho mng khng dy trong di tn 2.4GHz v t l d liu l 1- 2 Mbps, s dng k thut lai TDMA/ CSMA. Giao thc truy nhp v tuyn dng chung SWAP- Shared Wireless Access Protocol (Lp MAC trong HomeRF), c thit k cho c d liu v ting ni. Chun ny cng c th tng h


Kho lun tt nghip


vi mng in thoi chuyn mch cng cng v mng Internet. Cc sn phm theo chun SWAP hot ng di tn 2,4 GHz s dng FHSS. Cng ngh SWAP bt ngun t cc tiu chun in thoi khng dy tin tin dng k thut s v chun WLAN IEEE 802.11 hin c. SWAP cho php cung cp cc dch v khng dy mi trong nh, SWAP h tr TDMA ( cung cp thoi tng tc v cc dch v thi gian) v CSMA/CA ( cung cp truyn thng cc gi s liu tc cao khng ng b). Bng 4: Cc thng s chnh ca h thng HomeRFTham s Tc nhy Vng tn s Cng sut v tuyn pht Tc s liu Vng ph S lng nt Cc kt ni thoi li 1 Mbps (2-FSK), 2 Mbps (4-FSK) Ti 50m Ti 127 thit b cho mt mng Ti 6 phin m thoi song cng c kim tra c t 50mu/s (cng cc mu nhy nh 802.11) Bng 2,4 GHz ISM 20 dBm

2.5 Tiu chun Bluetooth Nhm chuyn trch Bluetooth c thnh lp vo nm 1998 bi cc cng ty ln (Intel, IBM, Toshiba) v cc cng ty in thoi t bo (Nokia, Ericsson) cung cp kt ni v tuyn gia c s my tnh PC di ng, in thoi t bo v cc thit b in t khc. Bluetooth l cng ngh radio phm vi hp kt ni gia cc thit b khng dy. Hot ng trong di bng tn ISM (2.4 GHz). Chun ny xc nh mt ng truyn v tuyn phm vi hp song cng tc 1Mbps kt ni c ti 8 thit b v tuyn cm tay. Phm vi ca Bluetooth ph thuc vo nng lng ca lp radio. Mng Bluetooth c gi l Piconet. Trng hp n gin n l 2 thit b c ni trc tip vi nhau. Mt thit b l Master (ch), cn thit b kia l Slave (t). ng dng ch yu l ng dng im- im. y chnh l cu trc Ad- hoc trong mng WLAN. Kt ni Bluetooth l kt ni Ad- hoc in hnh. iu c ngha l mng c thit lp ch cho nhim v hin ti v c g b kt ni sau khi d liu truyn xong. Cng ngh Bluetooth s dng k thut tri ph nhy tn, ngha l cc gi c truyn trong nhng tn s khc nhau. Trong hu ht cc quc gia, 79 knh c s dng. Vi t l nhy nhanh (1600 ln nhy trn giy) vic chng nhiu t kt qu tt.


Kho lun tt nghip


2.6 Bng tm tt cc chun Bng 5: Bng tm tt cc chun Chun Tc Cc truyn d ch liu Ti a 2 FHSS Mbps ti hay bng tn DSSS 2.4 Ghz Ti a 54 Mbps ti bng tn 5GHz OFDM c mt c WEP & ci tin v m rng WPA 802.11b Sn s WEP & phm dng chun WPA ny c chng nhn Wi- Fi Sn s WEP & phm dng chun WPA ny c chng nhn Wi- Fi Bo Ghi ch

IEEE 802.11

IEEE802.11a (Wi-Fi)

IEEE802.11b (Wi-Fi)

Ti 11Mbps bng tn

a ti

DSSS vi CCK

2.4 GHz

IEEE802.11g (Wi-Fi)

Ti a OFDM 54 Mbps ti cho tc trn Sn bng tn 20 Mbps s WEP & phm 2.4 Ghz dng chun DSSS WPA ny c vi CCK cho chng nhn tc di 20 Wi- Fi Mbps Tc t a 1.6Mbps ti bng tn 2.4 GHz FHSS Gn ging 802.11, khng c c ch bo mt

OpenAir


Kho lun tt nghip


HomeRF

Ti a 10 Mbps ti bng tn 2.4 GHz

FHSS

a ch IP c lp cho mi mng. Dng 56 bit cho m ho d liu nh Ch s dang v m dng Chu ho cho mi u secsion Ch s Bo mt dng Chu u. ng cao dng cho mng ATM

HiperLAN/1

Ti a 20 Mbps ti CSMA/ bng tn CA 5 GHz Ti 54Mbps bng tn a ti OFDM

HiperLAN/2

5 GHz

CHNG 3: MT S VN BO MT CHO MNG KHNG DY WI- FI3.1 Gii thiuBo mt l vn ht sc quan trng i vi ngi dng trong tt c cc h thng mng (LAN, WLAN). Nhng do bt ngun t tnh c hu ca mi trng khng dy. kt ni ti mt mng LAN hu tuyn cn phi truy cp theo ng


Kho lun tt nghip


truyn bng dy cp, phi kt ni mt PC vo mt cng mng. Vi mng khng dy Wi- Fi ch cn c thit b trong vng sng l c th truy cp c nn vn bo mt cho mng khng dyWi- Fi l cc k quan trng v lm au u nhng ngi s dng mng. iu khin cho mng hu tuyn l n gin: ng truyn bng cp thng thng c i trong cc ta nh cao tng v cc port khng s dng c th lm cho n disable bng cc ng dng qun l. Cc mng khng dy (hay v tuyn) s dng sng v tuyn xuyn qua vt liu ca cc ta nh v nh vy s bao ph l khng gii hn bn trong mt ta nh. Sng v tuyn c th xut hin trn ng ph, t cc trm pht t cc mng Wi- Fi ny, v nh vy ai cng c th truy cp nh vo cc thit b thch hp. Do mng khng dy ca mt cng ty cng c th b truy cp t bn ngoi ta nh cng ty ca h. Hnh 3.1 th hin mt ngi l c th truy cp n mt LAN khng dy t bn ngoi nh th no. Gii php y l phi lm sao c c s bo mt cho mng chng c vic truy cp theo kiu ny.

Hnh 3.1: Mt ngi l truy cp vo mng Khng ging nh cc h thng hu tuyn c bo v vt l, cc mng v tuyn khng c nh trong mt phm vi. Chng c di chuyn ra xa khong 1000 bc chn ngoi ranh gii ca v tr gc vi mt laptop v mt anten thu. Nhng iu ny lm cho mng Wi- Fi rt d b xm phm. Bo mt l vn rt quan trng v c bit rt c s quan tm ca nhng doanh nghip. Khng nhng th, bo mt cng l nguyn nhn khin doanh nghip e ngi khi ci t mng cc b khng dy WLAN. H lo ngi v nhng im yu trong bo mt WEP (Wired Equivalent Privacy), v quan tm ti nhng gii php bo mt mi thay th an ton hn. IEEE v Wi-Fi Alliance pht trin cc gii php c tnh bo mt hn l: Bo v truy cp WPA (Wi-Fi Protected Access), v IEEE 802.11i (hay cn c gi l


Kho lun tt nghip


WPA2), bo mt bng xc thc 802.1x v mt gii php tnh th khc mang tn VPN Fix cng gip tng cng bo mt mng khng dy cho mi trng mng khng dy cc b. Theo nh Webtorial, WPA v 802.11i c s dng tng ng l 29% v 22%. Mt khc, 42% c s dng cho cc "gii php tnh th" khc nh: bo mt h thng mng ring o VPN (Vitual Private Network) qua mng cc b khng dy.

3.2 Mt s hnh thc tn cng xm nhp mng Wi- Fi ph bin3.2.1 Tn cng khng qua chng thc Tn cng khng qua chng thc (Deauthentication attack) l s khai thc gn nh hon ho li nhn dng trong mng 802.11. Trong mng 802.11 khi mt nt mi gia nhp vo mng n s phi i qua qu trnh xc nhn cng nh cc qu trnh c lin quan khc ri sau mi c php truy cp vo mng. Bt k cc nt v tr no cng c th gia nhp vo mng bng vic s dng kho chia s ti v tr nt bit c mt khu ca mng. Sau qu trnh xc nhn, cc nt s i ti cc qu trnh c lin quan c th trao i d liu v qung b trong ton mng. Trong sut qu trnh chng thc ch c mt vi bn tin d liu, qun l v iu khin l c chp nhn. Mt trong cc bn tin mang li cho cc nt kh nng i hi khng qua chng thc t mi nt khc. Bn tin c s dng khi mt nt mun chuyn gia hai mng khng dy khc nhau. V d nu trong cng mt vng tn ti nhiu hn mt mng khng dy th nt s s dng bn tin ny. Khi mt nt nhn c bn tin khng qua chng thc ny n s t ng ri khi mng v quay tr li trng thi gc ban u ca n. Trong tn cng khng qua chng thc, tin tc s s dng mt nt gi mo tm ra a ch ca AP ang iu khin mng. Khng qu kh tm ra a ch ca AP bi n khng c bo v bi thut ton m ho, a ch ca chng c th c tm thy nu chng ta lng nghe lu lng gia AP v cc nt khc. Khi tin tc c c a ch ca AP, chng s gi qung b cc bn tin khng chng thc ra ton mng khin cho cc nt trong mng ngay lp tc dng trao i tin vi mng. Sau tt c cc nt s c kt ni li, chng thc li v lin kt li vi AP tuy nhin do vic truyn cc bn tin khng qua chng thc c lp li lin tc khin cho mng ri vo tnh trng b dng hot ng.


Kho lun tt nghip


3.2.2 Tn cng truyn li Tn cng truyn li (Replay Attack) l tin tc ng chn ngang vic truyn thng tin hp l v ri s dng li n. Tin tc khng thay i bn tin m ch gi li n trong thi im thch hp theo s la chn ca tin tc. Trong mng 802.11, tn cng truyn li to ra kiu tn cng t chi dch v v khi nt nhn c mt bn tin hp l n s chim dng bng thng v tnh ton thi gian gii m bn tin . Cc li d b tn cng nht trong 802.11 rt nhy vi hnh thc tn cng ny l cc bn tin khng c th t mt cch r rng. Trong 802.11 khng c cch no d v loi b cc bn tin b truyn li.

3.2.3 Gi mo AP Gi mo AP l kiu tn cng man in the middle c in. y l kiu tn cng m tin tc ng gia v trm lu lng truyn gia 2 nt. Kiu tn cng ny rt mnh v tin tc c th trm tt c lu lng i qua mng. Rt kh khn to mt cuc tn cng man in the middle trong mng c dy bi v kiu tn cng ny yu cu truy cp thc s n ng truyn. Trong mng khng dy th li rt d b tn cng kiu ny. Tin tc cn phi to ra mt AP thu ht nhiu s la chn hn AP chnh thng. AP gi ny c th c thit lp bng cch sao chp tt c cc cu hnh ca AP chnh thng l: SSID, a ch MAC ... Bc tip theo l lm cho nn nhn thc hin kt ni ti AP gi. Cch th nht l i cho ngui dng t kt ni. Cch th hai l gy ra mt cuc tn cng t chi dch v DoS trong AP chnh thng do vy ngui dng s phi kt ni li vi AP gi. Trong mng 802.11 s la chn AP c thc hin bi cng ca tn hiu nhn. iu duy nht tin tc phi thc hin l chc chn rng AP ca mnh c cng tn hiu mnh hn c. c c iu tin tc phi t AP ca mnh gn ngi b la hn l AP chnh thng hoc s dng k thut anten nh hng. Sau khi nn nhn kt ni ti AP gi, nn nhn vn hot ng nh bnh thng do vy nu nn nhn kt ni n mt AP chnh thng khc th d liu ca nn nhn u i qua AP gi. Tin tc s s dng cc tin ch ghi li mt khu ca nn nhn khi trao i vi Web Server. Nh vy tin tc s c c tt c nhng g anh ta mun ng nhp vo mng chnh thng. Kiu tn cng ny tn ti l do trong 802.11 khng yu cu chng thc 2 hng gia AP v nt. AP pht qung b ra ton mng. iu ny rt d b tin tc nghe trm v do vy tin tc c th ly c tt c cc thng tin m chng cn. Cc nt trong mng s dng WEP chng thc chng vi AP nhng WEP cng c nhng l hng


Kho lun tt nghip


c th khai thc. Mt tin tc c th nghe trm thng tin v s dng b phn tch m ho trm mt khu ca ngi dng.

3.2.4 Tn cng da trn s cm nhn sng mang lp vt l Tn s l mt nhc im bo mt trong mng khng dy. Mc nguy him thay i ph thuc vo giao din ca lp vt l. C mt vi tham s quyt nh s chu ng ca mng l: nng lng my pht, nhy ca my thu, tn s RF, bng thng v s nh hng ca anten. Trong 802.11 s dng thut ton a truy cp cm nhn sng mang (CSMA) trnh xung t. CSMA l mt thnh phn ca lp MAC. CSMA c s dng chc chn rng s khng c xung t d liu trn ng truyn.. Kiu tn cng ny khng s dng tp m to ra li cho mng nhng n s li dng chnh chun . Thm ch l k thut s dng tri ph tun t trc tip (DSSS), m sa sai FEC hay CRC u v ch vi kiu tn cng ny. C nhiu cch khai thc giao thc cm nhn sng mang vt l. Cch n gin l lm cho cc nt trong mng u tin tng rng c mt nt ang truyn tin ti thi im hin ti. Cch d nht t c iu ny l to ra mt nt gi mo truyn tin mt cch lin tc. Mt cch khc l s dng b to tn hiu RF. Mt cch tn cng tinh vi hn l lm cho card mng chuyn vo ch kim tra m n truyn i lin tip mt mu kim tra. Tt c cc nt trong phm vi ca mt nt gi l rt nhy vi sng mang v trong khi c mt nt ang truyn th s khng c nt no c truyn. Theo nh tin tc th l kiu rt d b tn cng v n khng i hi thit b c bit.

3.2.5 Gi mo a chi MAC Trong 802.11 a ch MAC l mt cch ngn ngi dng bt hp php gia nhp vo mng. Vic gi a ch MAC l mt nhim v kh d dng i vi tin tc. Trong khi gi tr c m ho trong phn cng l khng th thay i th gi tr c a ra trong phn sn (chng trnh c s) ca phn cng li c th thay i c. C nhiu chng trnh s dng cho cc h iu hnh khc nhau c th thay i c a ch MAC c a ra trong b iu hp mng. Th tc ny thc s l rt d v c th c thc hin trong vi pht. Thm ch sau khi gi a ch MAC tr nn ph bin, 802.11 vn cn s dng phng php chng thc ny bi v a ch MAC 48 bit l di ngn chn cc cuc tn cng vo n. Nhiu chng trnh mi c to ra cho php tin tc vt qua c s kh khn ny. Tin tc khng phi i tm a ch


Kho lun tt nghip


MAC bi v n c pht qung b ra ton mng do chun 802.11 yu cu nh vy. Ch c mt vi gi tin m tin tc cn chn li ly a ch MAC v do vy bng vic gi mo a ch MAC tin tc c nhn dng nh mt ngi dng hp php ca mng.

3.2.6 Tn cng t chi dch v y l hnh thc tn cng lm cho cc mng khng dy khng th phc v c ngi dng, t chi dch v vi nhng ngi dng hp php. Trong mng c dy c cc hnh thc tn cng t chi dch v DoS (Denial of Service) ph bin nh Ping of Death, SYN Flooding. Cc hnh thc ny da trn c ch ca b giao thc TCP/IP, c th khin cho my ch b treo. Mng khng dy tn ti nhng im yu tn cng DoS khc vi mng c dy v d nh khi sng radio truyn trong mi trng, n rt d b nh hng bi cc yu t khch quan cng nh ch quan. Mt k tn cng c th to ra cc sng c cng tn s vi tn s truyn tn hiu gy nhiu cho ng truyn. iu ny i hi mt b pht sng m bo tn hiu n nh cho mng.

3.3 Mt s phng php bo mt cho mng khng dy Wi- FiAn ton truy cp v bo mt cho khng dy Wi- Fi s dng cc phng php thuc 3 nhm sau: Firewall, phng php lc - S dng phng php lc gi tin, kha port, lc a ch MAC Xc thc - S dng cc phng php: VPN Fix (Virtual Private Network Fix), 802.1x. M ha d liu truyn - S dng cc phng php: WEP (Wired Equivalent Privacy), WPA (Wifi Protected Access), 802.11i (WPA2).


Kho lun tt nghip


Hnh 3.2: M hnh bo mt Wi- Fi

3.3.1 Firewall, cc phng php lc Lc (Filtering) l mt c ch bo mt cn bn m c th dng b sung cho WEP v/hoc AES. Lc theo ngha en l chn nhng g khng mong mun v cho php nhng g c mong mun. Filter lm vic ging nh l mt danh sch truy nhp trn router: bng cch xc nh cc tham s m cc trm phi gn vo truy cp mng. Vi Wi- Fi th vic xc nh xem cc my trm l ai v phi cu hnh nh th no. C ba loi cn bn ca Filtering c th thc hin trn Wi- Fi: - Lc SSID. - Lc a ch MAC. - Lc giao thc. Mc ny s miu t mi loi ny l g, n c th lm g cho ngi qun tr v phi cu hnh n nh th no.

3.3.1.1 Lc SSID Lc SSID (SSID Filtering) l mt phng php lc s ng nn c dng cho hu ht cc iu khin truy nhp. SSID (Service Set Identifier) ch l mt thut ng khc cho tn mng. SSID ca mt trm Wi- Fi phi khp vi SSID trn AP (ch c s, infracstructure mode) hoc ca cc trm khc (ch c bit, Ad-hoc mode) chng thc v lin kt Client thit lp dch v.


Kho lun tt nghip


V l do SSID c pht qung b trong nhng bn tin dn ng m AP hoc cc Station gi ra, nn d dng tm c SSID ca mt mng s dng mt b phn tch mng, Sniffer. Nhiu AP c kh nng ly cc SSID ca cc khung thng tin dn ng (beacon frame). Trong trng hp ny client phi so khp SSID lin kt vi AP. Khi mt h thng c cu hnh theo kiu ny, n c gi l h thng ng, closed system. Lc SSID c coi l mt phng php khng tin cy trong vic hn ch nhng ngi s dng tri php ca Wi- Fi. Mt vi loi AP c kh nng g b SSID t nhng thng tin dn ng hoc cc thng tin kim tra. Trong trng hp ny, gia nhp dch v mt trm phi c SSID c cu hnh bng tay trong vic thit t cu hnh driver.

Mt vi li chung do ngi s dng Wi- Fi to ra khi thc hin SSID l: - S dng SSID mc nh: S thit lp ny l mt cch khc a ra thng tin ca mng. N n gin s dng mt b phn tch mng ly a ch MAC khi ngun t AP, v sau xem MAC trong bng OUI ca IEEE, bng ny lit k cc tin t a ch MAC khc nhau m c gn cho cc nh sn xut. Cch tt nht khc phc li ny l: Lun lun thay i SSID mc nh. - Lm cho SSID c g lin quan n cng ty: Loi thit lp ny l mt mo him v bo mt v n lm n gin ha qu trnh mt hacker tm thy v tr vt l ca cng ty. Khi tm kim Wi- Fi trong mt vng a l c bit th vic tm thy v tr vt l ca cng ty hon thnh mt na cng vic. Khi mt ngi qun tr s dng SSID m t tn lin quan n tn cng ty hoc t chc, vic tm thy Wi- Fi s l rt d dng. Do hy nh rng: lun lun s dng SSID khng lin quan n Cng ty. - S dng SSID nh nhng phng tin bo mt mng Wi- Fi: SSID phi c ngi dng thay i trong vic thit lp cu hnh vo mng. N nn c s dng nh mt phng tin phn on mng ch khng phi bo mt, v th hy: lun coi SSID ch nh mt ci tn mng. - Khng cn thit qung b cc SSID: Nu AP ca mng c kh nng chuyn SSID t cc thng tin dn ng v cc thng tin phn hi kim tra th hy cu hnh chng theo cch . Cu hnh ny ngn cn nhng ngi nghe v tnh khi vic gy ri hoc s dng WLAN. Khi m truyn i chng SSID c tc dng lm cho ngi dng trong mng d dng kt ni ti mng hn. Vic truyn di chng nh vy cng lm cho ngi dng khc trong khu vc cng kt ni d dng. Mc ch ca truyn i chng l lm cho


Kho lun tt nghip


mng rng m. Nhng phn ln thi gian bn mun Wi- Fi ch c sn i vi mt nhm ngi dng gii hn v v l do th bn nn ngng truyn i chng. Ch l cc nh cung cp AP th li khng quan trng trong vic truyn i chng SSID l vn c bit. V vy m cc AP thng c cu hnh mc nh cho vic kch hot truyn i chng. Tc dng ca vic tt ch truyn i chng l bn cn phi bit SSID ca mng trc khi kt ni vi n, nh vy s lm tng tnh bo mt.

3.3.1.2 Lc a ch MAC Wi- Fi c th lc da vo a ch MAC ca cc trm khch. Hu ht tt c cc AP, thm ch c nhng ci r tin, u c chc nng lc MAC. Ngi qun tr mng c th bin tp, phn phi v bo tr mt danh sch nhng a ch MAC c php v lp trnh chng vo cc AP. Nu mt Card PC hoc nhng Client khc vi mt a ch MAC m khng trong danh sch a ch MAC ca AP, n s khng th n c im truy nhp .

Hnh 3.3: Lc a ch MAC Tt nhin, lp trnh cc a ch MAC ca cc Client trong mng WLAN vo cc AP trn mt mng rng th khng thc t. B lc MAC c th c thc hin trn vi RADIUS Server thay v trn mi im truy nhp. Cch cu hnh ny lm cho lc MAC l mt gii php an ton, v do c kh nng c la chn nhiu hn. Vic nhp a ch MAC cng vi thng tin xc nh ngi s dng vo RADIUS kh l n gin, m c th phi c nhp bng bt c cch no, l mt gii php tt. RADIUS Server thng tr n cc ngun chng thc khc, v vy cc ngun chng thc khc phi c h tr b lc MAC. B lc MAC c th lm vic tt trong ch ngc li. Xt mt v d, mt ngi lm thu b vic v mang theo c Card Lan khng dy ca h. Card Wlan ny nm gi c cha kha WEP v b lc MAC v th khng th h cn


Kho lun tt nghip


c quyn s dng. Khi ngi qun tr c th loi b a ch MAC ca my khch ra khi danh sch cho php. Mc d Lc MAC trng c v l mt phng php bo mt tt, chng vn cn d b nh hng bi nhng thm nhp sau: - S n trm mt Card PC trong c mt b lc MAC ca AP. - Vic thm d Wi- Fi v sau gi mo vi mt a ch MAC thm nhp vo mng. Vi nhng mng gia nh hoc nhng mng trong vn phng nh, ni m c mt s lng nh cc trm khch, th vic dng b lc MAC l mt gii php bo mt hiu qu. V khng mt hacker thng minh no li tn hng gi truy nhp vo mt mng c gi tr s dng thp.

3.3.1.3 Circumventing MAC Filters a ch MAC ca Client Wi- Fi thng c pht qung b bi cc AP v Bridge, ngay c khi s dng WEP. V th mt hacker m c th nghe c lu lng trn mng ca ta c th nhanh chng tm thy hu ht cc a ch MAC m c cho php trn mng khng dy ca ta. mt b phn tch mng thy c a ch MAC ca mt trm, trm phi truyn mt khung qua on mng khng dy, y chnh l c s a n vic xy dng mt phng php bo mt mng, to ng hm trong VPN, m s c cp phn sau. Mt vi card PC khng dy cho php thay i a ch MAC ca h thng qua phn mm hoc thm ch qua cch thay i cu hnh h thng. Mt hacker c danh sch cc a ch MAC cho php, c th d dng thay i a ch MAC ca card PC ph hp vi mt card PC trn mng ca ta, v do truy nhp ti ton b mng khng dy ca ta. Do hai trm vi cng a ch MAC khng th ng thi tn ti trn mt Wi- Fi, hacker phi tm mt a ch MAC ca mt trm m hin thi khng trn mng. Chnh trong thi gian trm di ng hoc my tnh xch tay khng c trn mng l thi gian m hacker c th truy nhp vo mng tt nht. Lc MAC nn c s dng khi kh thi, nhng khng phi l c ch bo mt duy nht trn my ca ta.

3.3.1.4 Lc giao thc Mng WLan c th lc cc gi i qua mng da trn cc giao thc lp 2-7. Trong nhiu trng hp, cc nh sn xut lm cc b lc giao thc c th nh hnh c lp cho c nhng on mng hu tuyn v v tuyn ca AP. Tng tng mt hon cnh, trong mt nhm cu ni khng dy c t trn mt Remote building


Kho lun tt nghip


trong mng Wi- Fi ca mt trng i hc m kt ni li ti AP ca ta nh k thut trung tm. V tt c nhng ngi s dng trong remote building chia s bng thng 5Mbs gia nhng ta nh ny, nn mt s lng ng k cc iu khin trn cc s dng ny phi c thc hin. Nu cc kt ni ny c ci t vi mc ch c bit ca s truy nhp Internet ca ngi s dng, th b lc giao thc s loi tr tt c cc giao thc, ngoi tr SMTP, POP3, HTTP, HTTPS, FTP. . .

Hnh 3.4: Lc giao thc 3.3.2 Xc thc 3.3.2.1 Phng php VPN Fix Phng php ny ch c xem nh l mt gii php tnh th v khi nhn ra s yu km ca WEP, nhng ngi s dng doanh nghip khm ph ra mt cch hiu qu bo v mng khng dy Wi- Fi ca mnh, c gi l VPN Fix. tng c bn ca phng php ny l coi nhng ngi s dng Wi- Fi nh nhng ngi s dng dch v truy cp t xa. Trong cch cu hnh ny, tt cc nhng im truy cp Wi- Fi, v cng nh cc my tnh c kt ni vo cc im truy cp ny, u c nh ngha trong mt mng LAN o (Vitual LAN). Trong c s h tng bo mt, cc thit b ny c i x nh l "khng tin tng". Trc khi bt c cc thit b Wi- Fi c kt ni, chng s phi c s cho php t thnh phn bo mt ca mng LAN. D liu cng nh kt ni ca cc thit b s phi chy qua mt my ch xc thc nh RADIUS chng hn... Tip , kt ni s c thit lp thnh mt tuyn kt ni bo mt c m ho bi mt giao thc bo mt v d nh IPSec, ging nh khi s dng cc dch v truy cp t xa qua Internet. Tuy nhin, gii php ny cng khng phi l hon ho, VPN Fix cn lu lng VPN ln hn cho tng la, v cn phi to cc th tc khi to cho tng ngi s dng. Hn na, IPSec li khng h tr nhng thit b c nhiu chc nng ring nh


Kho lun tt nghip


thit b cm tay, my qut m vch... Cui cng, v quan im kin trc mng, cu hnh theo VPN ch l mt gii php tnh th.

3.3.2.2 Phng php 802.1x Chun WLAN 802.11 khng c s xc nhn thng minh, v vy chun cng nghip thng qua giao thc 802.1x cho s xc nhn ca n. 802.1x a ra cch thc iu khin truy cp mng c bn, n s dng EAP (Extensible Authentication Protocol) v RADIUS server. 802.1x khng a ra giao thc xc nhn mt cch c th nhng ch r EAP trong vic h tr s lng cc giao thc xc nhn nh l CHAPMD5, TLS v Kerberos. EAP c th c m rng v vy cc giao thc xc nhn mi c th c h tr nh trong cc phin bn sau ca n. EAP c a ra hot ng trn giao thc Point- to- Point (PPP); n tng thch vi cc giao thc ca lp lin kt d liu khc (nh l Token Ring 802.5 hay Wireless LANs 802.11) EAP Over LANs (EAPOL) c pht trin.:

Hnh 3.5: M hnh xc nhn 802.1x EAP-TLS c s dng trong cc mi trng c bn v an ton cao. S trao i ca cc message EAP-TLS cung cp s xc nhn ln nhau, s bt tay ca giao thc m ha v s trao i kha bo v gia mt client Wi- Fi v mng. EAP-TLS l mt k thut cung cp cc kha m ha ng cho ngi dng v session. iu ny ci thin mt cch ng k v vt qua nhiu im yu trong cc mng khng dy. Hnh di y ch ra mt chui cc s kin xut hin khi mt Client c xc nhn bng 802.1x EAP-TLS. Hai chng ch digital c yu cu y: mt trn RADIUS server (v d EAS) v mt trn Client khng dy. Ch rng s truy cp khng dy c cung cp cho ti khi s xc nhn thnh cng v cc kha WEP ng c thit lp.


Kho lun tt nghip


1

Hnh 3.6: Xc nhn 802.1x EAP-TLS

802.1x EAP-TLS vi EAS trong Controller Mode c th hin trn hnh sau. Client khng dy c chng ch digital (c ci t t trc). Client khng dy truyn thng vi EAS thng qua AP. Tt c ba thnh phn (Wireless client, AP v EAS) h tr qu trnh 802.1x EAP-TLS. Client khng dy c th s dng Windows XP (c xy dng h tr cho 802.1x EAP-TLS) hay Windows 98/Me/2000 bng vic s dng Madge Wireless LAN Utility (WLU). Khi xc nhn, d liu ngi dng cng c th c s dng EAS m c cu hnh trong Gateway Mode.

1

Hnh 3.7: 802.1x EAP-TLS trong controller mode

3.3.3 M ha d liu truyn 3.3.3.1 WEP


Kho lun tt nghip


Khi thit k cc yu cu k thut cho mng khng dy, chun 802.11 ca IEEE tnh n vn bo mt d liu ng truyn qua phng thc m ha WEP. Phng thc ny c a s cc nh sn xut thit b khng dy h tr nh mt phng thc bo mt mc nh. Tuy nhin, nhng pht hin gn y v im yu ca chun 802.11 WEP gia tng s nghi ng v mc an ton ca WEP v thc y s pht trin ca chun 802.11i. Tuy vy, a phn cc thit b khng dy hin ti v ang s dng WEP v n s cn tn ti kh lu trc khi chun 802.11i trin khai rng ri. Giao thc WEP WEP (Wired Equivalent Privacy) ngha l bo mt tng ng vi mng c dy (Wired LAN). Khi nim ny l mt phn trong chun IEEE 802.11. Theo nh ngha, WEP c thit k m bo tnh bo mt cho mng khng dy t mc nh mng ni cp truyn thng. i vi mng LAN (nh ngha theo chun IEEE 802.3), bo mt d liu trn ng truyn i vi cc tn cng bn ngoi c m bo qua bin php gii hn vt l, tc l hacker khng th truy xut trc tip n h thng ng truyn cp. Do chun 802.3 khng t ra vn m ha d liu chng li cc truy cp tri php. i vi chun 802.11, vn m ha d liu c u tin hng u do c tnh ca mng khng dy l khng th gii hn v mt vt l truy cp n ng truyn, bt c ai trong vng ph sng u c th truy cp d liu nu khng c bo v.

0

Hnh 3.8: Quy trnh m ha WEP s dng RC4

Nh vy, WEP cung cp bo mt cho d liu trn mng khng dy qua phng thc m ha s dng thut ton i xng RC4 (Hnh 3-5), c Ron Rivest, thuc hng RSA Security Inc ni ting pht trin. Thut ton RC4 cho php chiu di ca kha thay i v c th ln n 256 bit. Chun 802.11 i hi bt buc cc thit b


Kho lun tt nghip


WEP phi h tr chiu di kha ti thiu l 40 bit, ng thi m bo ty chn h tr cho cc kha di hn. Hin nay, a s cc thit b khng dy h tr WEP vi ba chiu di kha: 40 bit, 64 bit v 128 bit. Vi phng thc m ha RC4, WEP cung cp tnh bo mt v ton vn ca thng tin trn mng khng dy, ng thi c xem nh mt phng thc kim sot truy cp. Mt my ni mng Wi- Fi khng c kha WEP chnh xc s khng th truy cp n Access Point (AP) v cng khng th gii m cng nh thay i d liu trn ng truyn. Tuy nhin, c nhng pht hin ca gii phn tch an ninh cho thy nu bt c mt s lng ln nht, nh d liu m ha s dng WEP v s dng cng c thch hp, c th d tm c chnh xc kha WEP trong thi gian ngn. im yu ny l do l hng trong cch thc WEP s dng phng php m ha RC4. Hn ch ca WEP Do WEP s dng RC4, mt thut ton s dng phng thc m ha dng (stream cipher), nn cn mt c ch m bo hai d liu ging nhau s khng cho kt qu ging nhau sau khi c m ha hai ln khc nhau. y l mt yu t quan trng trong vn m ha d liu nhm hn ch kh nng suy on kha ca hacker. t mc ch trn, mt gi tr c tn Initialization Vector (IV) c s dng cng thm vi kha nhm to ra kha khc nhau mi ln m ha. IV l mt gi tr c chiu di 24 bit v c chun IEEE 802.11 ngh (khng bt buc) phi thay i theo tng gi d liu. V my gi to ra IV khng theo nh lut hay tiu chun, IV bt buc phi c gi n my nhn dng khng m ha. My nhn s s dng gi tr IV v kha gii m gi d liu. Cch s dng gi tr IV l ngun gc ca a s cc vn vi WEP. Do gi tr IV c truyn i dng khng m ha v t trong header ca gi d liu 802.11 nn bt c ai ly c d liu trn mng u c th thy c. Vi di 24 bit, gi tr ca IV dao ng trong khong 16.777.216 trng hp. Nhng chuyn gia bo mt ti i hc California-Berkeley pht hin ra l khi cng gi tr IV c s dng vi cng kha trn mt gi d liu m ha (va chm IV), hacker c th bt gi d liu v tm ra c kha WEP. Thm vo , ba nh phn tch m ha Fluhrer, Mantin v Shamir (FMS) pht hin thm nhng im yu ca thut ton to IV cho RC4. FMS vch ra mt phng php pht hin v s dng nhng IV li nhm tm ra kha WEP. Thm vo , mt trong nhng mi nguy him ln nht l nhng cch tn cng dng hai phng php nu trn u mang tnh cht th ng. C ngha l k tn cng ch cn thu nhn cc gi d liu trn ng truyn m khng cn lin lc vi Access Point. iu ny khin kh nng pht hin cc tn cng tm kha WEP y kh khn v gn nh khng th pht hin c.


Kho lun tt nghip


Hin nay, trn Internet sn c nhng cng c c kh nng tm kha WEP nh AirCrack , AirSnort, dWepCrack, WepAttack, WepCrack, WepLab. Tuy nhin, s dng nhng cng c ny i hi nhiu kin thc chuyn su v chng cn c hn ch v s lng gi d liu cn bt c. Gii php WEP ti u Vi nhng im yu nghim trng ca WEP v s pht tn rng ri ca cc cng c d tm kha WEP trn Internet, giao thc ny khng cn l gii php bo mt c chn cho cc mng c mc nhy cm thng tin cao. Tuy nhin, trong rt nhiu cc thit b mng khng dy hin nay, gii php bo mt d liu c h tr ph bin vn l WEP. D sao i na, cc l hng ca WEP vn c th c gim thiu nu c cu hnh ng, ng thi s dng cc bin php an ninh khc mang tnh cht h tr. gia tng mc bo mt cho WEP v gy kh khn cho hacker, cc bin php sau c ngh: S dng kha WEP c di 128 bit: Thng cc thit b WEP cho php cu hnh kha ba di: 40 bit, 64 bit, 128 bit. S dng kha vi di 128 bit gia tng s lng gi d liu hacker cn phi c phn tch IV, gy kh khn v ko di thi gian gii m kha WEP. Nu thit b khng dy ch h tr WEP mc 40 bit (thng gp cc thit b khng dy c), cn lin lc vi nh sn xut ti v phin bn cp nht firmware mi nht. Thc thi chnh sch thay i kha WEP nh k: Do WEP khng h tr phng thc thay i kha t ng nn s thay i kha nh k s gy kh khn cho ngi s dng. Tuy nhin, nu khng i kha WEP thng xuyn th cng nn thc hin t nht mt ln trong thng hoc khi nghi ng c kh nng b l kha. S dng cc cng c theo di s liu thng k d liu trn ng truyn khng dy: Do cc cng c d kha WEP cn bt c s lng ln gi d liu v hacker c th phi s dng cc cng c pht sinh d liu nn s t bin v lu lng d liu c th l du hiu ca mt cuc tn cng WEP, nh ng ngi qun tr mng pht hin v p dng cc bin php phng chng kp thi.

3.3.3.2 WPA (Wifi Protected Access) Wi-Fi Alliance a ra gii php gi l Wi-Fi Protected Access (WPA). Mt trong nhng ci tin quan trng nht ca WPA l s dng hm thay i kho TKIP (Temporal Key Integrity Protocol). WPA cng s dng thut ton RC4 nh WEP, nhng m ho y 128 bit. V mt c im khc l WPA thay i kho cho mi


Kho lun tt nghip


gi tin. Cc cng c thu thp cc gi tin ph kho m ho u khng th thc hin c vi WPA. Bi WPA thay i kho lin tc nn hacker khng bao gi thu thp d liu mu tm ra mt khu. Khng nhng th, WPA cn bao gm kim tra tnh ton vn ca thng tin (Message Integrity Check). V vy, d liu khng th b thay i trong khi ang trn ng truyn. Mt trong nhng im hp dn nht ca WPA l khng yu cu nng cp phn cng. Cc nng cp min ph v phn mm cho hu ht cc card mng v im truy cp s dng WPA rt d dng v c sn. Tuy nhin, WPA cng khng h tr cc thit b cm tay v my qut m vch. Theo Wi-Fi Alliance, c khong 200 thit b c cp chng nhn tng thch WPA. WPA c sn 2 la chn: WPA Personal v WPA Enterprise. C 2 la chn ny u s dng giao thc TKIP, v s khc bit ch l kho khi to m ho lc u. WPA Personal thch hp cho gia nh v mng vn phng nh, kho khi to s c s dng ti cc im truy cp v thit b my trm. Trong khi , WPA cho doanh nghip cn mt my ch xc thc v 802.1x cung cp cc kho khi to cho mi phin lm vic. Trong khi Wi-Fi Alliance a ra WPA, v c coi l loi tr mi l hng d b tn cng ca WEP, nhng ngi s dng vn khng thc s tin tng vo WPA. C mt l hng trong WPA v li ny ch xy ra vi WPA Personal. Khi m s dng hm thay i kho TKIP c s dng to ra cc kho m ho b pht hin, nu hacker c th on c kho khi to hoc mt phn ca mt khu, h c th xc nh c ton b mt khu, do c th gii m c d liu. Tuy nhin, l hng ny cng s b loi b bng cch s dng nhng kho khi to khng d on (ng s dng nhng t nh "PASSWORD" lm mt khu). iu ny cng c ngha rng k thut TKIP ca WPA ch l gii php tm thi , cha cung cp mt phng thc bo mt cao nht. WPA ch thch hp vi nhng cng ty m khng truyn d liu "mt" v nhng thng mi, hay cc thng tin nhy cm... WPA cng thch hp vi nhng hot ng hng ngy v mang tnh th nghim cng ngh.

3.3.3.3 802.11i (WPA2) Mt gii php v lu di l s dng 802.11i tng ng vi WPA2, c chng nhn bi Wi-Fi Alliance. Chun ny s dng thut ton m ho mnh m v c gi l Chun m ho nng cao AES (Advanced Encryption Standard). AES s dng thut


Kho lun tt nghip


ton m ho i xng theo khi Rijndael, s dng khi m ho 128 bit, v 192 bit hoc 256 bit. nh gi chun m ho ny, Vin nghin cu quc gia v Chun v Cng ngh ca M, NIST (National Institute of Standards and Technology), thng qua thut ton m i xng ny. V chun m ho ny c s dng cho cc c quan chnh ph M bo v cc thng tin nhy cm. Trong khi AES c xem nh l bo mt tt hn rt nhiu so vi WEP 128 bit hoc 168 bit DES (Digital Encryption Standard). m bo v mt hiu nng, qu trnh m ho cn c thc hin trong cc thit b phn cng nh tch hp vo chip. Tuy nhin, rt t ngi s dng mng khng dy quan tm ti vn ny. Hn na, hu ht cc thit b cm tay Wi-Fi v my qut m vch u khng tng thch vi chun 802.11i. Mt s sai lm ph bin v bo mt cho mng Wi- Fi: C 5 ngi dng mng khng dy ti nh th c n 4 ngi khng kch hot bt k ch bo mt no. Mc nh, cc nh sn xut tt ch bo mt cho vic thit lp ban u c d dng, khi s dng phi m li. Tuy nhin, cn phi cn thn khi kch hot tnh nng bo mt, di y l mt s sai lm thng gp phi. Khng thay i mt khu ca nh sn xut. Khi ln u tin ci t router khng dy (AP router) hay Access Point, chng ta rt d qun thay i mt khu mc nh ca nh sn xut. Nu khng thay i, c th ngi khc s dng mt khu mc nh truy cp vo router v thay i cc thit lp thoi mi truy cp vo mng. V vy nn lun thay i mt khu mc nh. Khng kch hot tnh nng m ha. Nu khng kch hot tnh nng m ha, chng ta s qung b mt khu v e-mail ca mnh n bt c ai trong tm ph sng, ngi khc c th c tnh dng cc phm mm nghe ln min ph nh AirSnort (airsnort.shmoo.com) ly thng tin ri phn tch d liu. V vy hy bt ch m ha truyn d liu an ton. Khng kim tra ch bo mt. Chng ta mua mt router khng dy, kt ni Internet bng rng, lp c my in vo, ri c th mua thm nhiu thit b khng dy khc na. C th vo mt ngy no , my in s t ng in ht giy bi v chng ta khng thit lp cc tnh nng bo mt. V vy khng nn cho rng mng ca chng ta an ton. Hy nh nhng ngi am hiu kim tra h. Qu tch cc vi cc thit lp bo mt. Mi card mng khng dy u c mt a ch phn cng (a ch MAC) m router khng dy c th dng kim sot nhng


Kho lun tt nghip


my tnh no c php ni vo mng. Khi bt ch lc a ch MAC, c kh nng chng ta s qun thm a ch MAC ca my tnh chng ta ang s dng vo danh sch, nh th s t c lp chnh mnh, tng t nh b cha kha trong xe hi ri cht ca li. V vy phi kim tra cn thn khi thit lp tnh nng bo mt. Cho php mi ngi truy cp. C th chng ta l ngi u tin c mng khng dy v mun 'khoe' bng cch t tn mng l 'truy cp thoi mi' chng hn. Hng xm c th dng kt ni ny ti rt nhiu phim nh v mng s tr nn chm chp. V vy mng khng dy gip chia s kt ni Internet d dng, tuy nhin, ng b ng v s c ngi lm dng.

3.4 Bo mt trong thc tMt cch tng qut, c s tho hip gia kh nng bo mt v gi thnh sn phm, hiu nng v cch s dng n gin. Mng c bo mt tt hn th chi ph thc hin s ln hn, c kh nng l kh khn hn khi s dng v lo ngi v hiu nng mng thp hn. Trong mi mi trng, tu thuc vo mc yu cu ca ngi s dng c nhng i hi nht nh v mc bo mt, y xem xt mt vi trng hp nh sau: 3.4.1 Khu vc nh v vn phng nh Yu cu an ninh thp i vi ngi s dng trong phm vi nh v vn phng nh chi ph trin khai mng l mt vn , ngi s dng c cc server nhn thc trung tm hoc cc thnh phn h tng trung tm khc. H thng khng c ngun ti nguyn thng tin no kh dng. Cc vic lm sau y cho php bo v an ninh cp 1: Phn mm: Cp nht cc NIC v cc im truy nhp ti phn mm gn y nht. Khi ng khi mua thit b v kim tra thng xuyn. Kch hot WEP: Thit lp kch thc kho mt m cao nht c th c. Trong khi vn tn ti cc im yu th i vi cc hacker mc trung bnh vic b gy WEP l tng i kh khn nht l trong cc mi trng m lu lng truyn ti thp. Thay i tn mc nh SSID thnh mt tn duy nht. Khng s dng cc tn gi c gi nh tn ng ph hay a ch, cng ty hay nh ring. Khng kch hot SSID qung b: Windows XP v cc cng c gim st khc s t ng d tm cc khung n hiu 802.11 thu c SSID. Khi qu trnh


Kho lun tt nghip


qung b SSID b ngt, im truy nhp s khng cha SSID trong mt khung n hiu lm cho hu ht cc cng c d tm tr nn v dng. Lc a ch MAC: Mt vi im truy nhp c kh nng chp nhn cc kt ni ch i vi cc a ch MAC ng tin cy l cc a ch duy nht trn mng (khng trng khp nhau). Thc hin iu ny l rt kh khn trong mt mi trng ng vi hn 20 ngi s dng do vic thit lp im truy nhp rt mt thi gian i vi tt c cc khch hng tin cy. Tuy nhin, n c th c thit lp mt cch n gin trong mi trng nh v mi trng vn phng nh.

Cc tng la phn cng c lp mt mng WLAN v gi chng trnh xa ngi s dng khng c php.

S dng WPA khi kh dng. Hu ht cc nh cung cp thit b s dng WPA thng qua qu trnh nng cp phn mm.

3.4.2 Vn phng nh v ngi dng xa Yu cu an ninh trung bnh Cc vn phng nh v ngi dng xa c th l mt phn ca mt t chc ln hn. m bo an ninh thng tin l vn quan trng v phi cn bng vi nng sut tng v s liu ln hn nhng ngi s dng. Phn mm: Cp nht NIC v cc im truy nhp ti phn mm gn nht. Khi ng khi mua thit b v kim tra thng xuyn. Kch hot WEP: Thit lp kch thc kho m ho cao nht c th c. Trong khi vn tn ti nhng im yu th i vi cc hacker mc trung bnh vic b gy WEP vn cn kh khn nht l trong cc mi trng lu lng d liu thp. VPN: Trong trng hp c th c s dng cc im truy nhp kch hot IPSec hoc cc tng la m chng c th thit lp cc ng ng VPN t ngi dng u cui ti im truy nhp. Phn mm VPN cho php qu trnh nhn thc v m ho hiu qu hn trong mng cng cng bao gm cc thnh phn v tuyn v hu tuyn. S dng WPA khi c th.

Cc im truy nhp: Gn cc mt khu hu ch cho cc im truy nhp, thay i mt khu mc nh ca nh sn xut. Chng rt ph bin nn ngi s dng c th d dng thay i cc tham s cu hnh im truy nhp thun li khi s dng.


Kho lun tt nghip


m bo cc mt khu c m ho trc khi truyn qua mng. Khi gi mt khu ti ngi s dng, s dng mt chng trnh tng t nh PGP m bo rng cc mt khu khng bao gi c gi i mt cch r rng m nhng ngi s dng khc c th hiu c. Mt vi im truy nhp s tr li cc thit lp mc nh (khng c kh nng m bo an ninh) khi c mt ai nhn vo nt reset im truy nhp. iu ny lm cho im truy nhp d b tn cng bi cc hacker, khi cc hacker c th m rng tm vi ca h vo trong mng.

Cho php kh nng an ninh tng ng i vi phn cng im truy nhp.

3.4.3 Ngi s dng ca cc t chc/tp on Yu cu an ninh cao Cc mng WLAN yu cu cng mt mc an ninh ging nh ngi s dng hu tuyn. Ngoi cc khuyn ngh cho vn phng nh v ngi dng xa (nh trn), y xem xt cc yu t sau: Gim st cc im truy nhp b mt. Thit b mng Wi- Fi khng c gi thnh cao v d dng khi ci t. Tn dng cc cng c h tr vn hnh gim st mng mt cch lin tc v kim tra cc im truy nhp khng tun th cc nguyn tc v cu hnh. Mt vi im truy nhp khng tng ng vi cc thit lp an ninh xc nh hu nh s b reset, hoc n c th l mt im truy nhp b mt thit lp bi mt hacker hoc mt ngi s dng khng mong mun kt hp vi cc thng tin ring. Cc cng c pht hin xm nhp tri php c th gip nhn dng s xut hin ca hacker, da trn cc a ch MAC hoc cc yu t khc. Cc b iu khin truy nhp: Cc im truy nhp ch theo chun 802.11 cho php nhn thc khng y . Thc t th 802.11 ch thc hin nhn thc mt NIC v tuyn ti mt im truy nhp ch khng ti im no khc xung quanh n. Trong nhng trng hp nh vy ngi ta xem xt s dng mt b iu khin truy nhp do cc nh sn xut thit b cung cp nh l ReefEdge, Bluesocket, v Nomadix. Cc thit b ny cho php kh nng iu khin truy nhp chc chn vo mng, trong khi thc hin giao din vi cc server nhn thc nh RADIUS. Cc b iu khin truy nhp cho php iu khin tng phn khi thc hin i vi mt s lng ln ngi s dng v im truy nhp. Nhn thc: Tch hp cc mng WLAN vo trong c ch nhn thc cc t chc ln, s dng RADIUS hoc LDAP. EAP c th p dng cho qu trnh nhn thc cc giao thc thch hp i vi mi ngi dng, ph thuc vo cc yu t an ninh


Kho lun tt nghip


ring bit. 802.1x cho php iu khin truy nhp thc hin trn cng v qu trnh nhn thc hai chiu gia khch hng v im truy nhp thng qua mt server nhn thc (RADIUS). Cc mt khu v tn ngi s dng c th c m ho hoc cc chng ch s c th c s dng nng cao kh nng nhn thc. iu khin sng v tuyn: Ti thiu ho qu trnh truyn sng v tuyn trong cc khu vc khng c ngi s dng nh cc khu vc xe hay cc khu vc ln cn vn phng. Th nghim cc anten trnh cc vng ph bn ngoi cc bin gii iu khin v mt vt l trong iu kin thut li. Nu c th, khng t cc im truy nhp ti bin ca khu vc nh hay vn phng. Mt vi b iu khin truy nhp c th lm gim cng sut im truy nhp. Phn mnh: Cch lm hiu qu l a cc im truy nhp vo mt DMZ, v lm cho ngi s dng v tuyn to ng ng trong mng dng mt mng VPN. Hn ch cc c quyn ca ngi s dng mng Wi- Fi khi thch hp. bo v chng li nhng k xm nhp tri php truy nhp vo cc ti nguyn thng tin ca t chc m bo rng cc im truy nhp mng WLAN khng b thay i bn ngoi tng la. Thit lp cu hnh cho tng la cho php truy nhp i vi ngi s dng hp l da trn cc a ch MAC, lm cho cc hacker kh khn hn khi tn cng vo mng. DHCP: Theo mc nh hu ht cc mng Wi- Fi s dng DHCP t ng gn cc a ch IP cho cc thit b ngi dng. Tuy nhin, DHCP khng to ra khc bit gia ngi s dng v hacker. Vi mt nhn dng SSID ng, bt c ai thc hin giao thc DHCP s thu c a ch IP mt cch t ng v tr thnh mt nt xc thc trong mng. Khi khng kch hot DHCP v gn cc a ch IP tnh ti tt c ngi s dng v tuyn, cc nh qun tr mng c th ti thiu ho kh nng mt hacker thu c a ch IP c hiu lc. Cng nh vy y cng xem xt vic thay i a ch IP ca mng con. Nhiu router v tuyn nhn gi tr mc inh 192.168.0.1, v s dng cc a ch tng t nh l router mc nh. Vic thay i a ch mng con xit cht kh nng an ninh ca mng.

3.4.4 An ninh truy nhp cng cng S thun li ca cc im hot spot im truy nhp mc cao l kh hn ch - ngi s dng c th kim tra th in t trong khi hng cafe hoc trnh cc bn bo co khi sn bay. Nhng mt s lng ln cc in hot spot cng cng khng c bt c c ch an ninh no ngoi tr vic bit c i tng gi i cc ho n thanh ton. Rt nhiu ngi

Documents

bảo mật cho mạng không dây Wi- Fi