Bảo mật mạng không dây

8/4/2019 Bo mt mng khng dy

1/17

Bo mt mng khng dy

I. Gii thiu v Wireless Cng ngh khng dy l mt phng thc chuyn giao t im ny n im khc m khngdng ng truyn vt l, m s dng radio, cell, hng ngoi v v tinh. Mng khng dy ngnay bt ngun t nhiu giai on pht trin ca thng tin v tuyn v nhng ng dng in bv radio. Mc d mt vi pht minh xut hin t nhng nm 1900, nhng s pht trin ni bt c vo k nguyn ca cng ngh in t v chu nh hng ln ca nn kinh t hc hii, cng nh cc khm ph trong lnh vc vt l hc. Cho n nay, mng khng dy t c nhng bc pht trin ng k. Ti mt s nc cnn cng ngh thng tin pht trin, mng khng dy thc s i vo cuc sng. Ch cn mtlaptop, PDA, hoc mt phng tin truy cp mng khng bt k no l bn c th truy cp

mng bt c ni u, trn c quan, trong nh, ngoi ng, trong qun c ph, trn my manh ga, khch sn,... bt c u trong phm vi ph sng ca WLAN. Tuy nhin chnh s h trtruy cp cng cng, cc phng tin truy cp li a dng, t n gin n phc tp, kch c cnhiu loi lm cho cc nh qun tr au u trong vic bo mt. Lm th no tch hp cc bin php bo mt vo cc phng tin truy cp m vn m bo nhng tin ch nh nhgn, gi thnh thp m vn m bo h tr truy cp cng cng. c ph chun bi IEEE (Institute of Electrical and Electronic Engineers) vo nm 1999, IE802.11 hay Wireless LAN (gi tc l WLAN) tr nn pht trin mnh v ph bin trn thgii, tuy nhin mt s nc m nn cng ngh thng tin mi pht trin nh Vit Nam hinth WLAN vn cn kh mi m cn c nghin cu v u t thch ng.

Cc ng dng ca WLAN
https://9rrv3w.bay.livefilestore.com/y1m2Acg95HyuUtaRz3qR1q-z8PoUf8LyPobaax_1lGibfdc9MPdTV7BuPF2JU8iTlDWF7kdUUQwy8mq7YGVj19FAeMyJcPc6ctObBciWoatL-sYjGriNfZzdTwC5aTqqWiywdxoxbh8gww7qhU7RobR5Q/cac%20ung%20dung%20cua%20WLAN.jpg


2/17

II.Cc ki u t n cng c th xy ra i mng WLAN

Mt s tn cng c c th gy v hiu ha hoc c th tm cch truy nhp WLAN tri php

theo mt vi cch. Tn cng theo kiu t chi dch v (Denial of Services Attack ). Tn cng b ng (Nghe trm) Passive attacks. Tn cng ch ng (kt ni, d v cu hnh mng) Active attacks. Tn cng kiu chn p, Jamming attacks. Tn cng theo kiu thu ht, Man-in-the-middle attacks.

Trn y ch lit k mt vi kiu tn cng, trong mt vi kiu c th thc hin c theonhiu cch khc nhau.

n ng theo ki u t h i d h v e uthenti tion tt k nd epl y tt k Deauthentication Attack Kiu tn cng deauthetication l phng php khai thc hiu qu mt li xut hin trong chu802.11. Trong mt mng 802.11, khi mt node mi mun tham gia vo mng li th n s phitin hnh cc quy trnh xc thc v lien kt. Sau khi p ng c cc yu cu th node s cp php truy cp vo mng. C 2 loi xc thc.1 loi l Open, loi xc thc ny cho phpnode c th tham gia vo mng. 1 loi l Share key loi ny i hi node phi c password cmng. Sau khi xc thc, cc node s thc hin cc quy trnh lien kt, kt qu mang li cho nokh nng c th trao i d liu v broadcast n ton mng. Trong sut qu trnh xc thc vlien kt th ch c mt vi thng ip iu khin v qun l l c php . Mt trong s ccthng ip ny cung cp cho node kh nng yu cu deauthetication gia node v Access Poi

(AP) . Thng ip ny c s dng khi mt node mun chuyn i gia cc mng wireless vinhau. iu ny c thc hin khi trong mt khu vc tn ti nhiu hn mt mng wireless, k node s s dng thng ip ny. Ngay khi nhn c thng ip deauthentication mt nodri khi mng v thit lp v trng thi ban u. Trong kiu tn cng deauthentication, k tn cng s s dng mt node gi mo tm kimch ca Access Point (AP) ang iu khin mng m k mun tn cng. Nh chng ta cp trn, AP trong chun 802.11 cng tng t nh BS trong chun 802.16. Ngha l cc Amt phn ca mt mng Lan khng dy hoc c dy, y cng chnh l im yu ca h thnmng Lan s dng AP. Nguy him y chnh l ta c th d dng tm c a ch ca AP mkhng phi gp bt c kh khn no, bi v n khng c m ha bo v. Mt vi AP c hnh n trn mng, tuy nhin iu ny cng khng ngn c vic k tn cng c th tm t

c a ch ca AP thng qua vic lng lu thng trn ng mng gia AP v cc node. Tath d dng c c a ch ip ca AP bi v a ch ca AP c s dng trong mng wirelessch nhm mc ch gip cho cc thnh vin tham gia trong mng c th xc nh c chnh xmng mnh ang tham gia thng qua c th deauthentication , v n khng c bo v b bt quy trnh xc thc no c.Quy trnh ny chnh l im yu m nhng k tn cng c th khai thc, khi k tn cng bitc a ch ca AP, n s s dng a ch broadcast gi thng ip deauthentication n ctt c cc node bn trong mng. Cc node s chp nhn cc thng ip deauthentication khn


3/17

my may nghi ng cng nh c cc bin php xc minh xem th c phi thng ipdeauthentication c gi t AP hay khng. Bc tip theo ca quy trnh ny l tt c cc nonhn c deauthentication s tin hnh reconnect, reauthorize v reasociate n AP. Vic cnode ng lot tin hnh reauthenticated s khin cho mng b tc nghn. Ngoi thng ip authentication th mt s thng ip khc trong mng 802.11 c th b k x

khai thc tn cng mng v d nh thng ip disassociation. Tuy nhin loi thng ip nynhng k tn cng t n, bi v nhng k c th gi mo cc thng ip khc gy ranhng hu qu ln hn. Trong thc t nhng k tn cng c th s dng mt vi loi thng khc gy ra cc cuc tn cng ging nh deauthentication C 3 c im ca thng ip deauthentication khin cho n d dng b nhng k tn li dnkhai thc.

u tin l thng ip deauthentication khng s dng cc c ch xc thc nhn dngoi tr vic s dng a ch xc thc.

c im th 2 l n khng tin hnh m ha cc thng tin c s dng to thngip v vy k tn cng c th d dng tm thy cc thng tin gi mo.

c im cui cng l cc node khng h c bt c phng php no bit c thip b gi mo

Replay Attack Tn cng Replay attack nh chng ta bit, k tn cng s tin hnh lng nghe trn ngtruyn ca nn nhn. Khi nn nhn tin hnh trao i cc thng tin quan trng v d nh passwork th k tn cng s chn cc gi tin li. Cc gi tin b bt khng b k tn cng thai ni dung m gi nguyn i n 1 thi gian thch hp no s gi gi tin i gi dngnh n c gi ra t my gc. Trong mng 802.11 tn cng Replay Attack hu nh chc chn s to ra hin tng Denial ofService. Hin tng ny xy ra bi v cc node nhn c thng ip s dnh trn bng thnthi gian s l cho vic decoded thng ip dn n tnh trng Denial of Service. 802.11 d bthng tn i vi loi hnh tn cng ny bi v kiu tn cng ny da trn vic thiu hon toth t nh s ca cc thng ip. Cc node nhn packets do nhng k tn cng gi n, cc paket ny u hp l tuy nhin th t ca packet khng p ng c trnh t packet m nodnhn c, iu ny khin cho node dnh ton b bng thng v thi gian decode chng. Ngoi ra 802.11 cng khng h c bt k phng php no xc nh v loi b replayedmessages.

n ng b ng (P ssive tt ks) Nghe trm c l l phng php n gin nht, tuy nhin n vn c hiu qu i vi WLAN.Tn cng b ng nh mt cuc nghe trm, m khng pht hin c s c mt ca ngi ngtrm (hacker) trn hoc gn mng khi hacker khng thc s kt ni ti AP lng nghe cc tin truyn qua phn on mng khng dy. Nhng thit b phn tch mng hoc nhng ng dkhc c s dng ly thng tin ca WLAN t mt khong cch vi mt anten hng tnh


4/17

M hnh tn cng b ng- Passive Attacks

Phng php ny cho php hacker gi khong cch thun li khng b pht hin, nghe v nht thng tin qu gi.

Qu trnh ly cha kha WEP trong tn cng b ng

C nhng ng dng c kh nng ly pass t cc Site HTTP, email, cc instant messenger, cc phin FTP, cc phin telnet m c gi di dng text khng c m ha. C nhng ng d
https://9rrv3w.bay.livefilestore.com/y1m8ab1jmeh6eU-zIxwV-rUhU5s_GdbB1ADBFDFsCiVfDvmDCuTOa5JdShQn87FfO8PCZ4q1fNCGnfmKgHUAVkZt3WQAiOmaz2OTW5UQe5c5wToeKVISSyBqqbLzAzjlbqn1sqKq7AmpI8qLqD_rrbUzA/Crack%20WEP%20key%20process.jpghttps://9rrv3w.bay.livefilestore.com/y1m4B5hwcbDQj-g2BnKmBGStz-QZHpQGcpf-sTPS3JL4KZBKrXaJ93kIA2VWgkub6XrHfw4qDZ_jy7h3KoUYGxtxq9KQawIlp7TL7iEUYddpidoRns744i_zKoKdUyxj4qi_oR2gJAogmqWI-9680kYDA/Passive%20Attacks%20on%20AP.jpghttps://9rrv3w.bay.livefilestore.com/y1m8ab1jmeh6eU-zIxwV-rUhU5s_GdbB1ADBFDFsCiVfDvmDCuTOa5JdShQn87FfO8PCZ4q1fNCGnfmKgHUAVkZt3WQAiOmaz2OTW5UQe5c5wToeKVISSyBqqbLzAzjlbqn1sqKq7AmpI8qLqD_rrbUzA/Crack%20WEP%20key%20process.jpghttps://9rrv3w.bay.livefilestore.com/y1m4B5hwcbDQj-g2BnKmBGStz-QZHpQGcpf-sTPS3JL4KZBKrXaJ93kIA2VWgkub6XrHfw4qDZ_jy7h3KoUYGxtxq9KQawIlp7TL7iEUYddpidoRns744i_zKoKdUyxj4qi_oR2gJAogmqWI-9680kYDA/Passive%20Attacks%20on%20AP.jpg


5/17

khc c th ly pass trn nhng phn on mng khng dy gia Client v Server cho mc truy nhp mng. Xt mt tnh hung khc m trong HTTP hoc email password b ly trn nhng phn omng khng dy, v sau c hacker s dng vi mc ch truy nhp ti WLAN .

n ng h ng ( tive tt ks) Nhng hacker c th s dng phng php tn cng ch ng thc hin mt vi chc nntrn mng. Mt s tn cng ch ng c th c dng tm cch truy nhp ti mt server ly nhng d liu quan trng, s dng s truy nhp ti mng internet ca t chc cho nhng ch c hi, thm ch thay i cu hnh c s h tng mng. Bng cch kt ni ti mt mngWLAN thng qua mt AP, mt ngi s dng c th bt u thm nhp xu hn vo trong mngv thm ch lm thay i chnh mng khng dy . Chng hn mt hacker qua c b lc MAC, sau hacker c th tm cch ti AP v g bc cc b lc MAC, lm cho n d dng hn trong ln truy nhp tip theo. Ngi qun tr c khng n s kin ny trong mt thi gian. Hnh di y m t mt kiu tn cng chng trn WLAN

M hnh tn cng ch ng- Active Attacks

Mt vi v d ca tn cng ch ng c th nh vic gi bomb, cc spam do cc spammer hocc doanh nghip i th mun truy nhp n h s ca bn. Sau khi thu c mt a ch IPDHCP server ca bn, hacker c th gi hng ngn l th s dng kt ni Internet v ISPs emserver ca bn m bn khng bit. Kiu tn cng ny c th l nguyn nhn m ISP ca bn ckt ni cho email ca bn do s lm dng email, mc d li khng phi do bn gy ra. Mi th c th ly bng danh sch khch hng, bng lng ca bn m khng b pht hin. Khi hacker c kt ni khng dy ti mng ca bn th anh ta cng c th truy cp vo mng hutuyn trong vn phng, v hai s kin khng khc nhau nhiu. Nhng kt ni khng dy cho php hacker v tc , s truy nhp ti server, kt ni ti mng din rng, kt ni internet, t
https://9rrv3w.bay.livefilestore.com/y1mOfw5XJTdyNTumHZwrT3H4aJ-rk2m13X17apEw7wMMV_M2mu8t0RBRlrccq6O2iq9gt-aIgzzTMG_36X0oi2pjfurIh7C367i6cS4jeXILADqVusGKpkQSDuYjlZfumB-0i8QKHzFcadOP7vPiQEQ6w/Active%20Attacks.jpg


6/17

desktop v laptop ca nhng ngi s dng.Vi mt vi cng c n gin, c th ly cc thtin quan trng, chim quyn ca ngi s dng, hoc thm ch ph hy mng bng cch cu li mng. S dng cc server tm kim vi vic qut cc cng, to nhng phin rng chia s v cnhng server phc v vic c nh password, hacker khng th thay i c pass, nn

cao cc tin ch v ngn chn kiu tn cng ny. n ng theo ki u hn p (J mming tt ks)

Trong khi mt hacker s dng phng php tn cng b ng, ch ng ly thng tin t vitruy cp ti mng ca bn, tn cng theo kiu chn p, Jamming, l mt k thut s dng ngin ng mng ca bn. Tng t nh vic k ph hoi sp t mt s t chi dch v mcch p o, s tn cng c nhm vo Web server, v vy mt WLAN c th ngng lm vi bi mt tn hiu RF p o. Tn hiu RF c th v tnh hoc c , v tn hiu c th di chuhoc c nh. Khi mt hacker thc hin mt cuc tn cngJamming c ch , hacker c th s dng thit b WLAN nhng c nhiu kh nng hn l hackers dng mt my pht tn hiu RF cng sut cao hoc my to sng qut.

Tn cng theo kiu chn p- Jamming Attacks

loi b kiu tn cng ny, yu cu trc ht l tm c ngun pht tnh hiu RF , bngcch phn tch ph. C nhiu my phn tch ph trn th trng, nhng mt my phn tch phcm tay v chy bng pin thi tin li hn c. Mt vi nh sn xut ch to nhng b phn tch ph cm tay, trong khi mt vi nh sn xutkhc to ra cc phn mm phn tch ph cho ngi dng tch hp ngay trong cc thit bWLAN.Khi Jamming gy ra bi mt ngun c nh, khng ch , nh mt thp truyn thng hoc cthng hp php khc, th ngi qun tr WLAN c th phi xem xt n vic s dng b thit tcc tn s khc nhau.
https://9rrv3w.bay.livefilestore.com/y1mld2-B1bCYvuCMgFmE1uVcnyM2W-Apg5Xtq72IoEPeebKlxPuCKCvPdora4X9hchYGLjmPovtRR_9EYjy2a6O3v0cGVlh2pi2RSgRMzFma9bDaab3xaRnoTRxu6vRI6o_HTVsVC86aQjiezv_le-huw/Jamming%20Attacks.jpg


7/17

V d nu mt admin c trch nhim thit k v ci t mt mng RF trong mt khu phng r phc tp, th ngi cn phi xem xt mt cch k cng theo th t. Nu ngun giao thoa lmt in thoi, hoc cc thit b lm vic di tn 2,4Ghz, th admin c th s dng thit b di tn UNII, 5Ghz, thay v di tn 802.11b, 2,4Ghz v chia s di tn ISM 2,4Ghz vi cc th b khc.

S Jamming khng ch xy ra vi mi thit b m dng chung di tn 2,4Ghz. Jamming khng phi l s e da nghim trng v jamming khng th c thc hin ph bin bi hacker do gi c ca thit b, n qu t trong khi hacker ch tm thi v hiu ha c mng..

n ng bng h thu ht (M n -in-the-middle Attacks) Kiu tncng ny, Man-in-the- middle Attacks, l mt tnh trng m trong mt c nhn sdng mt AP chim ot s iu khin ca mt node di ng bng cch gi nhng tn himnh hn nhng tn hiu hp php m AP ang gi ti nhng node . Sau node di ng hp vi AP tri php ny, gi cc d liu ca ngi xm nhp ny, c th l cc thng tinnhy cm. Hnh v sau a ra mt m hnh cho s tn cng kiu ny

Tn cng bng cch thu ht- Man-in-the-middle attacks

cc client lin kt vi AP tri php th cng sut ca AP phi cao hn nhiu ca cc Akhc trong khu vc v i khi phi l nguyn nhn tch cc cho cc user truy nhp ti. Vic mkt ni vi AP hp php c th nh l mt vic tnh c trong qu trnh vo mng, v mt viclient s kt ni ti AP tri php mt cch ngu nhin. Ngi thc hin man-in-the- middle attack trc tin phi bit SSID m client s dng, v phi bit WEP key ca mng, nu n ang c s dng.

Kt ni ngc (hng v pha mng li) t AP tri php c iu khin thng qua mt thiclient nh l PC card, hoc workgroup bridge. Nhiu khi man-in-the- middle attack c sp ts dng mt laptop vi hai PCMCIA card. Phn mm AP chy trn mt laptop m mt card c s dng nh l mt AP v PC card th hai c dng kt ni laptop ti gn AP php. Kiu cu hnh ny lm laptop thnh mt man-in-the- middle attack vn hnh gia clientv AP hp php. Mt hacker theo kiu man-in-the- middle attack c th ly c cc thng tin cgi tr bng cch chy mt chng trnh phn tch mng trn laptop trong trng hp ny.
https://9rrv3w.bay.livefilestore.com/y1m3ukgyUmEsb95TfF_2QXdT1JdUQD7RdHaSaY-5Lkdm0n8QVo2ea4podawxI9-TmzuXFNpt4AqolZ2xaXCNM_OelQzCxTScMbR45PoEd3ipWk6dpbORWi_b6ka6QJ8dWpi-o_qTvZoDY0DfnxKnkfJqg/Man%20in%20the%20middle%20Attacks.jpg


8/17

Trc cuc tn cng

V sau cuc tn cng

Mt iu c bit vi kiu tn cng ny l ngi s dng khng th pht hin ra c cuc tcng, v lng thng tin m thu nht c bng kiu tn cng ny l gii hn, n bng lngthng tin th phm ly c trong khi cn trn mng m khng b pht hin. Bin php tt nht ngn nga loi tn cng ny l bo mt lp vt l

Gii thiu v mt vi cch b kho WEP,WPA wireless trn thc t : Chng ta s dng Aircrack suite crack WEP Gi s ta cu hnh AP s dng WEP key nh sau :
https://9rrv3w.bay.livefilestore.com/y1mFSd-daBDZU_L8IbODaqejISskx1C1K1DWrHHMghc565x9lkWxef2u5DRBpS4dJ7V9gZzRUNoqCHGgyejfzNXILeTVqETtSnM2j4O42kXYC_RJbmSbzivBktyvy8o0brVLJoKS5XWV0ia1jwOFu3OnA/After%20attacks.jpghttps://9rrv3w.bay.livefilestore.com/y1mKfFNmcO0JXoMxRVlU9WsPpMqlyem1kn51HQ1ejAtTDmIoDPjqV8yhuD_V6EQWyZimFUULjUUtweSBRWCvODrGciF7Xyk5GbT4XA16edfetwaHZ8dxzA_2g55EvXDZqqvXzCyk8_HTX6sK0BuHa-ZAQ/Before%20attacks.jpghttps://9rrv3w.bay.livefilestore.com/y1mFSd-daBDZU_L8IbODaqejISskx1C1K1DWrHHMghc565x9lkWxef2u5DRBpS4dJ7V9gZzRUNoqCHGgyejfzNXILeTVqETtSnM2j4O42kXYC_RJbmSbzivBktyvy8o0brVLJoKS5XWV0ia1jwOFu3OnA/After%20attacks.jpghttps://9rrv3w.bay.livefilestore.com/y1mKfFNmcO0JXoMxRVlU9WsPpMqlyem1kn51HQ1ejAtTDmIoDPjqV8yhuD_V6EQWyZimFUULjUUtweSBRWCvODrGciF7Xyk5GbT4XA16edfetwaHZ8dxzA_2g55EvXDZqqvXzCyk8_HTX6sK0BuHa-ZAQ/Before%20attacks.jpg


9/17

pture g i tin gii m Airodump l mt phn trong Aircrack suite chuyn dng capture cc gi tin v lu di d*.pcap hoc *.ivs Tip tc ta s dng Airodump trong Aircrack capture cc gi tin IVs : M Airodump ln ta s c tng t nh hnh sau:

Sau khi chn cc thng s cho ph hp Airodump bt u capture cc gi tin :
https://9rrv3w.bay.livefilestore.com/y1mZFbe1ehqbb5WAUMTyVR1EcP7BFy-QYOkchzitWV_cGWUWvGS8FdGdYwV0Vv5GnVakxeUTiVoYOBLQOLyaedMe2_Q9Zl31YYJlODgjqTvf5-EsGleoLOsFB72HJW-ynRYRoEdEeKjZugUn2amR8TLDQ/Airodamp-ng%200.6.jpghttps://9rrv3w.bay.livefilestore.com/y1mr_Ibyg2V-63ZABkIstaHRqGvhKvL5ohCrFeoSunJZZlytAYNRR3jOc6HLLHP7ZVKuefKm4xa-aV2hTrbnHy8ISl4fGvKPrqWorpkgFT3USFesjKAUtBlLZEoS2wnpDr0gvT46k6UDfN3X9SRX6YYHg/Example%20WEP%20key.jpghttps://9rrv3w.bay.livefilestore.com/y1mZFbe1ehqbb5WAUMTyVR1EcP7BFy-QYOkchzitWV_cGWUWvGS8FdGdYwV0Vv5GnVakxeUTiVoYOBLQOLyaedMe2_Q9Zl31YYJlODgjqTvf5-EsGleoLOsFB72HJW-ynRYRoEdEeKjZugUn2amR8TLDQ/Airodamp-ng%200.6.jpghttps://9rrv3w.bay.livefilestore.com/y1mr_Ibyg2V-63ZABkIstaHRqGvhKvL5ohCrFeoSunJZZlytAYNRR3jOc6HLLHP7ZVKuefKm4xa-aV2hTrbnHy8ISl4fGvKPrqWorpkgFT3USFesjKAUtBlLZEoS2wnpDr0gvT46k6UDfN3X9SRX6YYHg/Example%20WEP%20key.jpg


10/17

Ta s thy MAC ca AP di BSSID v MAC ca client di STATION nu cc gi tin ccapture th ct Data v Packets s dng ln nhanh chng.Theo ti liu cho bit th crack WEP-64bit ta cn t 200.000-500.000 gi tin; WEP-128 cn 500.000-1.000.000 gi(trn thc tthng t hn nhiu).Sau khi c s gi tin theo yu cu(khong 300.000 gi) ta c th tin

hnh gii m. r k W P key vi i r k M Aircrack ta c:

Dng dng lnh : aircrack -ng.e xe a 1 capture.ivs ch mt cha ti 1s l aircrack tm ra WEPkey
https://9rrv3w.bay.livefilestore.com/y1mODAlFFz7rQyDpRxGuksRFeoIcQ2xWjk1ocyZH3RIPH3WkmRhcgbZ2ZvheNt9QeBCMOTGsCOJ7uPRK3qteHRO8_s--Hs44JxIxAC125UpceIV7Dnc_29MAfdatK_7wejoCXbAedRxSwXXLj3FzzQ30A/aircrack.jpghttps://9rrv3w.bay.livefilestore.com/y1mEIzuCfp1AKOlrQla9qAlchRJiiQVpjS861ZeZGfnzfpytkZEVyAN840UQis2Rxq9dpPQK5z5cusU2vvREb4_6LJ0-7u20WTRU4CvfYWDZQQBPlb_ROVvj4t8og_JFHyDzoUYL72CJhG6LepjrTuUcQ/Channel%2011%20airodump-ng.jpghttps://9rrv3w.bay.livefilestore.com/y1mODAlFFz7rQyDpRxGuksRFeoIcQ2xWjk1ocyZH3RIPH3WkmRhcgbZ2ZvheNt9QeBCMOTGsCOJ7uPRK3qteHRO8_s--Hs44JxIxAC125UpceIV7Dnc_29MAfdatK_7wejoCXbAedRxSwXXLj3FzzQ30A/aircrack.jpghttps://9rrv3w.bay.livefilestore.com/y1mEIzuCfp1AKOlrQla9qAlchRJiiQVpjS861ZeZGfnzfpytkZEVyAN840UQis2Rxq9dpPQK5z5cusU2vvREb4_6LJ0-7u20WTRU4CvfYWDZQQBPlb_ROVvj4t8og_JFHyDzoUYL72CJhG6LepjrTuUcQ/Channel%2011%20airodump-ng.jpg


11/17

C c WEP key v IP ca AP v MAC ca client (trong trng hp AP lc MAC) Hackerhon ton c th thm nhp c vo Network.

III. hnh s h bo mt - Security

Mt cng ty m s dng WLAN nn c mt chnh sch bo mt thch hp. V d , nu khngchnh sch ng n m cho kch thc cell khng thch hp, th s to iu kin cho hackc c hi tt truy cp vo mng ti nhng im ngoi vng kim sot ca cng ty, nhng nm trong vng ph sng ca AP.

Cc vn cn a ra trong chnh sch bo mt ca cng ty l cc vn v password, chkha WEP, bo mt vt l, s s dng cc gii php bo mt tin tin, v nh gi phn cngWLAN. Danh sch ny tt nhin khng y , bi cc gii php an ton s thay i vi mimt t chc. phc tp ca chnh sch bo mt ph thuc vo nhng yu cu an ton ca tchc cng nh l phm vi ca mng WLAN trong mng Nhng li ch ca vic thc hin, bo tr mt chnh sch bo mt em li l vic ngn nga scp d liu, s ph hoi ca cc tp on cnh tranh, v c th pht hin v bt gi cc k xnhp tri php. S bt u tt nht cho cc chnh sch bo mt l vic qun l. Cc chnh sch bo mt cn xem xt v d on, v cn a vo cng vi cc ti liu xy dng tp on. Vic bo mt chWLAN cn c phn b thch hp, v nhng ngi c giao trch nhim thc hin phi

o to mt cch quy m. i ng ny li phi thnh lp chng mc ti liu mt cch chi ti c th lm ti liu tham kho cho cc i ng k cn.

1. Bo mt thng tin nhy m Mt vi thng tin nn ch c bit bi ngi qun tr mng l: - Username v password ca AP v Bridge - Nhng chui SNMP - Cha kha WEP,WPA
https://9rrv3w.bay.livefilestore.com/y1mUbfKQRtyrOWYW3JlFYrOWU-ZQv8x-_5I4wuqMLxlJ_EymDMVdcXzkNjufYMYczDL484JBKGIWRXWirdhiGFLgPH2aXGjZQYtyD_CjjNv_PPuuKNIPaz_uboAfP1xDURHYdbsNHzSBSmsuDfaXYR3gQ/crack%20WEP%20key%20by%20aircrack.jpg


12/17

- Danh sch a ch MAC Nhng thng tin ny phi c ct gi bi mt ngi tin cy, c kinh nghim, nh ngi qutr mng, l rt quan trng bi n l nhng thng tin nhy cm m nu l ra th c th l nguynhn ca s truy nhp tri php, hoc thm ch l s ph hy c mt mng. Nhng thng tin nc th c ct gi trong nhiu kiu khc nhau.

2. S n ton vt l Mc d bo mt vt l khi s dng mng hu tuyn truyn thng l quan trng, thm ch quatrng hn cho mt cng ty s dng cng ngh WLAN. Nh cp t trc, mt ngi mcard PC wireless (v c th l mt anten) khng phi trong cng khu vc mng c th truy cti mng . Thm ch phn mm d tm s xm nhp khng ngn cn nhng hacker n cthng tin nhy cm. S nghe ln khng li du vt trn mng bi v khng c kt ni noc thc hin. C nhng ng dng trn th trng by gi c th pht hin cc card mng trong ch pha tp (dng chung), truy nhp d liu m khng to kt ni. Khi WEP l gii php bo mt WLAN thch hp, nhng iu khin cht ch nn t trn nhnngi dng m c s hu cc thit b client khng dy ca cng ty, khng cho php h ma

cc thit b client ra khi cng ty. V cha kha WEP c gi trong cc chng trnh c s trn thit b client, bt k ni no c card, v th ;lm cho mi lin kt an ton ca mng yunht. Ngi qun tr WLAN cn phi bit ai, u, khi no mi card PC c mang i. Thng nhng yu cu nh vy l qu gii hn ca mt ngi qun tr, ngi qun tr cn nhnra rng, bn thn WEP,WPA khng phi l mt gii php an ton thch hp cho WLAN. K cvi s qun l cht nh vy, nu mt card b mt hoc b n trm, ngi c trch nhim vi c (ngi s dng) phi c yu cu bo co ngay vi ngi qun tr, c nhng bin phn phng thch hp. Nhng bin php ti thiu phi lm l t li b lc MAC, thay i chkha WEP,v.v.Cho php nhm bo v qut nh k xung quanh khu vc cng ty pht hin nhng hot ng ng. Nhng nhn s ny c hun luyn nhn ra phn cng 802.11 v cnh gic cnhn vin trong cng ty lun lun quan st nhng ngi khng trong cng ty ang trn quanta nh vi cc phn cng c bn ca 802.11 th cng rt hiu qu trong vic thu hp nguy ccng.

3. Ki m k thit b WL N v ki m nh s n ton Nh mt s b sung ti chnh sch an ton vt l, tt c cc thit b WLAN cn c kim ku n lp chng mc cho php v khng cho php cc ngi s dng thit b WLAN tnhp ti mng ca t chc. Nu mng qu ln v bao gm mt s lng ng k cc thit bkhng dy th vic kim k nh k c th khng kh thi. Trong nhng trng hp nh vy thcn thit thc hin nhng gii php bo mt WLAN m khng da trn phn cng, nhng d nhin l vn da trn username v password hoc mt vi loi khc trong cc gii php bo mkhng da trn phn cng. Vi nhng mng khng dy trung bnh v nh, s kim k hngthng hoc hng qu gip pht hin nhng s mt mt cc phn cng. Qut nh k vi cc b phn tch mng pht hin cc thit b xm nhp, l cch rt tt bo mt mng WLAN.

4. S d ng gii php bo mt tin tin Nhng t chc WLAN cn tn dng mt vi c ch bo mt tin tin c sn trn th trng. cng cn c cp trong chnh sch bo mt ca cng ty. V nhng cng ngh ny khmi,cn c quyn v thng c s dng phi hp vi cc giao thc, cc cng ngh khc


13/17

Chng cn c lp thnh ti liu hng dn, nu c mt s xm phm xut hin, th ngqun tr c th xc nh ni v cch m s xm nhp xut hin. Bi ch c s t c o to v bo mt WLAN, do nhng ngi ny l rt quan trng, vchnh sch tin lng cng c cp n trong cc chnh sch bo mt ca cng ty, tp on. N cng l mt trong cc mc cn c lp ti liu chi tit.

5. Mng khng dy ng ng iu tt yu s xy ra l nhng ngi s dng ca cng ty vi nhng thng tin nhy cm cas kt ni t laptop ca h ti WLAN cng cng. iu ny cng nm trong chnh sch bo mca cng ty. Nhng ngi dng phi chy nhng phn mm firewall c nhn v cc phnmm chng virus trn laptop ca h. a s cc mng WLAN cng cng c t hoc khng c bo mt no, nhm lm cho kt ni ca ngi dng n gin v gim bt s lng cc hk thut c yu cu.

6. S truy nhp ki m tr v gii hn Hu ht cc mng Lan ln u c mt vi phng php gii hn v kim tra s truy nhp

ngi s dng. Tiu biu l mt h thng h tr chng thc, s cp php, v cc dch vAccounting, (Authentication, Authorization, Accountting (AAA)) c trin khai. Nhng dch v AAA cho php t chc gn quyn s dng vo nhng lp c bit ca ngidng. V d mt ngi dng tm thi c th ch c truy cp vo internet trong mt phm vno . Vic qun l ngi s dng cn cho php xem xt ngi lm g trn mng, thi gian vchng mc h vo

IV. Nhng khuyn o v bo mt Phn di y a ra vi khuyn co trong vic bo mt mng WLAN.

1. Thay iadministration password v cusername nu AP h tr v SSID mc nh ca APhoc wireless router. Nu khng thay i mng ca bn rt c th b xm nhp v sa i. Trdng SSID v password c lin quan n cc thng tin c nhn,t chc ca bn thn.

2. Thng xuyn cp nhtfirmware mi nht cho AP hoc Wireless router.
https://9rrv3w.bay.livefilestore.com/y1m8u8qCsRvcVGw2qe-619fWOfGOxlTGEy1MZz9aJKzPD_XygvX0MSVnn8WUOmMyIG27vygizL4wDwDMt_onEHL3fb1qiaTyaVdipNeYR4usTA_AuIj2tW90TANqDfyh5FZdyC1zhOKCaCjLbFohOYZfQ/Update%20firmware.jpghttps://9rrv3w.bay.livefilestore.com/y1mL71s9OKXbqOZM4FQC4vzDz-TnQ3WsNL3hX_2yAC2RCFYquwRfmnJ7HPChsJb_3t2dagg47BkHKLnrM8wZ8QhhgqD3eAehRpNF1uWfxpfU_O9KG4l3D1zJwG8jpjgD5VcnZlABq9bYQRfpqrNeIM5hg/change%20username%20and%20password%20default.jpghttps://9rrv3w.bay.livefilestore.com/y1m8u8qCsRvcVGw2qe-619fWOfGOxlTGEy1MZz9aJKzPD_XygvX0MSVnn8WUOmMyIG27vygizL4wDwDMt_onEHL3fb1qiaTyaVdipNeYR4usTA_AuIj2tW90TANqDfyh5FZdyC1zhOKCaCjLbFohOYZfQ/Update%20firmware.jpghttps://9rrv3w.bay.livefilestore.com/y1mL71s9OKXbqOZM4FQC4vzDz-TnQ3WsNL3hX_2yAC2RCFYquwRfmnJ7HPChsJb_3t2dagg47BkHKLnrM8wZ8QhhgqD3eAehRpNF1uWfxpfU_O9KG4l3D1zJwG8jpjgD5VcnZlABq9bYQRfpqrNeIM5hg/change%20username%20and%20password%20default.jpg


14/17

3. Nn dng ch nSSID hocESSID trnh b scan bi cc phn mm thng dng nhNet Stumbler, Air Magnet...

4. Nn t t P khi khng s dng.Trong khong thi gian khng theo di l c hi cho ccHacker tn cng v thm nhp. 5. S dng cc cng c bo mt ca Acess Point nh Firewall, NAT.....Rt nhiu ngi khi sdng AP thng ch mc nh ca nh sn xut. Trong ch ny cc phn v bo mthng khng c bt.

Tn dng cc cng ngh sn c nh VPNs, firewall, h thng pht hin xm nhp, IntrusionDetection System (IDS), cc giao thc v cc chun nh 802.1x v EAP, v chng thc clientvi Radius Sever c th gip cc gii php an ton nm ngoi phm vi m chun 802.11 ycu, v tha nhn. Gi v thi gian thc hin cc gii php ny thay i ty theo quy m thchin. (RADIUS l chun khng chnh thc trong h thng chng thc ngi s dng. Cc APgi nhng yu cu chng thc ngi s dng n mt RADIUS server, m c th hoc c mc s d liu c gn sn hoc c th qua yu cu chng thc ti mt b iu khin vnnh NDS server, active directory server, hoc thm ch l mt h thng c s d liu tng hLDAP).

6. M ha : WEP, WPA WPA2 l nhng kiu m ha thng dng trong cc AP, nu AP ch htr WEP th hy dng key di nht c th (thng l 128bit), nu c h tr WPA th xi key tthiu 128bit or 256bit. a phn cc AP c support WPA u dng kiu WPA-PSK (pre-sharedkey hoc passphare key), WPA2 m ha th an ton hn na nhng phi cn thm 1 server Radius nhm mc ch xc thc. Nn t kha cng phc tp cng tt(bao gm k t hoathng, s & k t c bit kt hp li), khng nn dng nhng t c ngha hay c trong t v cracker vn d c m kha WPA khi dng t in d theo kiu brute force attack.

Ch : Nn dng WPA WPA2 v s dng kiu m ha AES (Advanced Encryption Standard)y l kiu m ho tin tin nht hin nay.
https://9rrv3w.bay.livefilestore.com/y1mqtbKvZJ2X4BAujA0N-RUi5gfU4dzXFQ5FGTjszU2N6F7gf4T2732Hv8XVXEbMJ46Wj0NuCeW6ncKSAXaOWDgaAQdc5otZ9OzcRKakUNJwywlxsRWdvjGr3RDPOA8ZhTcWIYxMr9S9JR8Jx_ncTMD8g/Choose%20WPA%20shared%20key.jpghttps://9rrv3w.bay.livefilestore.com/y1mmdE2ftebw4x3SnTQy1akAN79gJi1L_BnFCKRKCCm80fGc4X9w4cfuRYdgrl-7nTuyRvHqVPQ_EOtNT5rn4RnsGKOFk0srwwfQr0-PUwTXwwJkJA6d_r0nnMHPy_k8yZpP7k6YBZHk5bzxriOod0Z6Q/Enable%20firewall.jpghttps://9rrv3w.bay.livefilestore.com/y1m0CIzQzKe-46qPYPNQyGGkUUtvvf3f41aFT62jvGxoHk67GWV4NQUxGCWzQPWK24XR9q5KVBTH5AcUNowvWNnvApzOcBzeqXI-K6RhQg_NzMhFPPHmLfE9KOeOtM4IN-epKIGD95J47J5AElwHXuhTA/Disable%20SSID.jpghttps://9rrv3w.bay.livefilestore.com/y1mqtbKvZJ2X4BAujA0N-RUi5gfU4dzXFQ5FGTjszU2N6F7gf4T2732Hv8XVXEbMJ46Wj0NuCeW6ncKSAXaOWDgaAQdc5otZ9OzcRKakUNJwywlxsRWdvjGr3RDPOA8ZhTcWIYxMr9S9JR8Jx_ncTMD8g/Choose%20WPA%20shared%20key.jpghttps://9rrv3w.bay.livefilestore.com/y1mmdE2ftebw4x3SnTQy1akAN79gJi1L_BnFCKRKCCm80fGc4X9w4cfuRYdgrl-7nTuyRvHqVPQ_EOtNT5rn4RnsGKOFk0srwwfQr0-PUwTXwwJkJA6d_r0nnMHPy_k8yZpP7k6YBZHk5bzxriOod0Z6Q/Enable%20firewall.jpghttps://9rrv3w.bay.livefilestore.com/y1m0CIzQzKe-46qPYPNQyGGkUUtvvf3f41aFT62jvGxoHk67GWV4NQUxGCWzQPWK24XR9q5KVBTH5AcUNowvWNnvApzOcBzeqXI-K6RhQg_NzMhFPPHmLfE9KOeOtM4IN-epKIGD95J47J5AElwHXuhTA/Disable%20SSID.jpghttps://9rrv3w.bay.livefilestore.com/y1mqtbKvZJ2X4BAujA0N-RUi5gfU4dzXFQ5FGTjszU2N6F7gf4T2732Hv8XVXEbMJ46Wj0NuCeW6ncKSAXaOWDgaAQdc5otZ9OzcRKakUNJwywlxsRWdvjGr3RDPOA8ZhTcWIYxMr9S9JR8Jx_ncTMD8g/Choose%20WPA%20shared%20key.jpghttps://9rrv3w.bay.livefilestore.com/y1mmdE2ftebw4x3SnTQy1akAN79gJi1L_BnFCKRKCCm80fGc4X9w4cfuRYdgrl-7nTuyRvHqVPQ_EOtNT5rn4RnsGKOFk0srwwfQr0-PUwTXwwJkJA6d_r0nnMHPy_k8yZpP7k6YBZHk5bzxriOod0Z6Q/Enable%20firewall.jpghttps://9rrv3w.bay.livefilestore.com/y1m0CIzQzKe-46qPYPNQyGGkUUtvvf3f41aFT62jvGxoHk67GWV4NQUxGCWzQPWK24XR9q5KVBTH5AcUNowvWNnvApzOcBzeqXI-K6RhQg_NzMhFPPHmLfE9KOeOtM4IN-epKIGD95J47J5AElwHXuhTA/Disable%20SSID.jpg


15/17

7. Lc a ch MAC : AP u c tnh nng lc MAC ca cc client kt ni vo, c 2 cch lc ch cho php v ch cm a ch MAC no .

8. Nn ch dng chun 802.11g nu c th v do cc phn mm crack wireless hin nay rt t htr card wireless chun g 9. Nn thay i password nh k : y l phng php n gin nhng hu hiu bo mton cho Wlan. 10. nh c cell gim bt c hi nghe trm,kch c cell ca AP phi thch hp vi khu vton. Phn ln hacker tm nhng ni m tn t thi gian v nng lng nht tm cch truy mng. V l do ny, rt quan trng khi khng cho php nhng AP pht ra nhng tn hiu ra ngkhu vc an ton tr khi tuyt i cn thit. Vi AP cho php cu hnh mc cng sut u ra, d c th iu khin kch thc Cell RF xung quanh AP.Hoc s dng cc vt cn thng thnh st,tng.... C gng t AP v pha trung tm ca khu vc s gim thiu vic r tn hiungoi phm vi mong i.

11. Nn tt DHCP ca Access Point v thit lp cc dy IP ca Lan ngoi cc dy thng thnh: 192.168.0.X v 192.168.1.X.Dy IP cho php thit lp l 10.0.0.0-10.255.255.255,172.16.0.0- 172.31.255.255,192.168.0.0-192.168.255.255

12. Hy chc chn l bt ch logging (thng c tt theo mc nh) v thng xuynkim tra log .Log c th bo cho ta bit cc cuc ving thm khng mi.
https://9rrv3w.bay.livefilestore.com/y1mwDp7IQSJcu6QT_vp_wr2j81gi9zKI79lhSpPpYpC_T7bwQF7wA4zrnKQizLJao46Oc-KhvB6dHiyL6XFbRWJRrnxAVYXhmhbZL1qq3T81kvFYnRocJ_43yok8yycccy6tS6ExbbePB3mjV6x6i0xEg/LAN%20IP.jpghttps://9rrv3w.bay.livefilestore.com/y1mKZYyvxhWpxDbgOE64F1z60xv_TI9ifn4FHRpnYPtC5G8uEjD78w2UsChSLOD3NgHRNvx0DEjHKkMezkGS51Ci8_K1Y6lQd2QXCqDVF06N_bfO3sPrEhPVPk9mfaaTzZJ5dASzClYchR5VoAEY7ZqUQ/Choo%20Antenna%20transmit%20power.jpghttps://9rrv3w.bay.livefilestore.com/y1mr7qsRy5WZYRdZ1pu044qEnKp_sJZdJHngJioBZTdKZ7kjUczZ05iJjZm2boEBrNwzlntjZF3RS9mc4SNXrjdRPb2kQ5a5QbCpdNJDvbt4Xx3jno2yvSkd2qBLpJqobf3QPrxN5umdIFIo2EvcbNimg/Filtering%20MAC%20Address.jpghttps://9rrv3w.bay.livefilestore.com/y1mwDp7IQSJcu6QT_vp_wr2j81gi9zKI79lhSpPpYpC_T7bwQF7wA4zrnKQizLJao46Oc-KhvB6dHiyL6XFbRWJRrnxAVYXhmhbZL1qq3T81kvFYnRocJ_43yok8yycccy6tS6ExbbePB3mjV6x6i0xEg/LAN%20IP.jpghttps://9rrv3w.bay.livefilestore.com/y1mKZYyvxhWpxDbgOE64F1z60xv_TI9ifn4FHRpnYPtC5G8uEjD78w2UsChSLOD3NgHRNvx0DEjHKkMezkGS51Ci8_K1Y6lQd2QXCqDVF06N_bfO3sPrEhPVPk9mfaaTzZJ5dASzClYchR5VoAEY7ZqUQ/Choo%20Antenna%20transmit%20power.jpghttps://9rrv3w.bay.livefilestore.com/y1mr7qsRy5WZYRdZ1pu044qEnKp_sJZdJHngJioBZTdKZ7kjUczZ05iJjZm2boEBrNwzlntjZF3RS9mc4SNXrjdRPb2kQ5a5QbCpdNJDvbt4Xx3jno2yvSkd2qBLpJqobf3QPrxN5umdIFIo2EvcbNimg/Filtering%20MAC%20Address.jpghttps://9rrv3w.bay.livefilestore.com/y1mwDp7IQSJcu6QT_vp_wr2j81gi9zKI79lhSpPpYpC_T7bwQF7wA4zrnKQizLJao46Oc-KhvB6dHiyL6XFbRWJRrnxAVYXhmhbZL1qq3T81kvFYnRocJ_43yok8yycccy6tS6ExbbePB3mjV6x6i0xEg/LAN%20IP.jpghttps://9rrv3w.bay.livefilestore.com/y1mKZYyvxhWpxDbgOE64F1z60xv_TI9ifn4FHRpnYPtC5G8uEjD78w2UsChSLOD3NgHRNvx0DEjHKkMezkGS51Ci8_K1Y6lQd2QXCqDVF06N_bfO3sPrEhPVPk9mfaaTzZJ5dASzClYchR5VoAEY7ZqUQ/Choo%20Antenna%20transmit%20power.jpghttps://9rrv3w.bay.livefilestore.com/y1mr7qsRy5WZYRdZ1pu044qEnKp_sJZdJHngJioBZTdKZ7kjUczZ05iJjZm2boEBrNwzlntjZF3RS9mc4SNXrjdRPb2kQ5a5QbCpdNJDvbt4Xx3jno2yvSkd2qBLpJqobf3QPrxN5umdIFIo2EvcbNimg/Filtering%20MAC%20Address.jpg


16/17

13. Dng ch HTTPs : hon ton c th iu khin AP qua cc trnh duyt web vn khngc m ho hoc ch cho php cu hnh AP trc tip qua line.

14. Bo mt cho mng ni b:M ha file khi truyn,s dng cc ch bo mt ca HH.. 15. Nn chia thnh 2 mng ring bit WirelessLAN v WiredLAN bng cc dy IP khc nhautrnh xm nhp 16. Switches khng Hubs : Mt nguyn tc n gin khc l lun kt ni cc AP ti switch thv hub, hub l thit b c tnh cht broadcast, do d b mt password v IP address. 17. Wireless DM : tng khc trong vic thc hin bo mt cho nhng segment khng dy thit lp mt vng ring cho mng khng dy, Wireless DeMilitarized one (WDM ). To vnWDM s dng firewalls hoc router th c th rt tn km, ph thuc vo quy m, mc thhin. WDM ni chung c thc hin vi nhng mi trng WLAN rng ln. Bi cc AP vc bn l cc thit b khng bo m v khng an ton, nn cn phi tch ra khi cc on mngkhc
https://9rrv3w.bay.livefilestore.com/y1mnzZw1CeRgiIsURYpP9vO-I3M52pUEevxO0Lu9xWoRIcujMXhmDTlue91p4ukdtrSAyniE-VyGc6P8WNrAtfxMmYoK0IoR6b6yewADD3ZzX88vnQOzHzS7OJFaqizpROJsYM0e6rFsA7wQiwOc4b4-g/Enable%20https.jpghttps://9rrv3w.bay.livefilestore.com/y1m8hpzTsZ3ljGnCViCpPnUh5h2wWM4aVHCp-klTOecPVmqJyOLpXrKuvGvfhe5KBAf5UQJQSIxBF52yBuYxJNSY8rdg4EAF-b5ndH6t5cAutetEu3KS15TzDUxf2RgNklb1m6HyVPdzzsau1Mv8xhkwg/Enable%20log.jpghttps://9rrv3w.bay.livefilestore.com/y1mnzZw1CeRgiIsURYpP9vO-I3M52pUEevxO0Lu9xWoRIcujMXhmDTlue91p4ukdtrSAyniE-VyGc6P8WNrAtfxMmYoK0IoR6b6yewADD3ZzX88vnQOzHzS7OJFaqizpROJsYM0e6rFsA7wQiwOc4b4-g/Enable%20https.jpghttps://9rrv3w.bay.livefilestore.com/y1m8hpzTsZ3ljGnCViCpPnUh5h2wWM4aVHCp-klTOecPVmqJyOLpXrKuvGvfhe5KBAf5UQJQSIxBF52yBuYxJNSY8rdg4EAF-b5ndH6t5cAutetEu3KS15TzDUxf2RgNklb1m6HyVPdzzsau1Mv8xhkwg/Enable%20log.jpg


17/17

bin php bo mt ho ngi dng mng khng dy(end-user)

Tt ch ad hoc. M ho frame khng dy . Bo mt Data : m ha file (dng file rar c t password khi cn gi file quan trng, s

dng cc ch bo mt ca HH..... Dng cc phn mm firewall.

Nhng bin php n ton dng ho ng d ng C hai loi ng dng c h tr lp truy cp: ng dng cho nhn vin v ng dng chokhch. - Mun s dng cc ng dng ca nhn vin phi qua cc bc kim tra an ton nhng lpdi thng qua cc k thut xc thc phn "Cc dch v bo mt dng chung". - My ch v cc ng dng cng phi trang b cc bin php kim sot truy nhp, phn quyntrn cc dch v dnh cho nhn vin.

- Khch s dng phi c chn li v s dng cc ti nguyn khu vc dnh cho khch xthc trc khi cho truy nhp vo cc ti nguyn khc.
https://9rrv3w.bay.livefilestore.com/y1mH6DJbXCQum7k_IUhADPc0on36ugqF_gnITCG9GihJR7s1S5rsn1ycofXqR7JYH9Th8LxhrBQ8ZMmESAoh4K8Qv941Pu07cBpD_apART00bTJCYXQtZDGmczlVr4x19C16Yih_7mNwrx1vi1hoPQ2vg/Wireless%20DMZ%20network.jpg

Documents

Bảo mật mạng không dây