Gii Thiu V Wireless Lan(wlan)

I.1. Wireless LAN l g?

WLAN l mt loi mng my tnh nhng vic kt ni gia cc thnh phn trong mng khng s dng cc loi cp nh mt mng thng thng, mi trng truyn thng ca cc thnh phn trong mng l khng kh. Cc thnh phn trong mng s dng sng in t truyn thng vi nhau.

I.2. Lch s ra i:
Cng ngh WLAN ln u tin xut hin vo cui nm 1990, khi nhng nh sn xut gii thiu nhng sn phm hot ng trong bng tn 900Mhz. Nhng gii php ny (khng c thng nht gia cc nh sn xut) cung cp tc truyn d liu 1Mbps, thp hn nhiu so vi tc 10Mbps ca hu ht cc mng s dng cp hin thi. Nm 1992, nhng nh sn xut bt u bn nhng sn phm WLAN s dng bng tn 2.4Ghz. Mc du nhng sn phm ny c tc truyn d liu cao hn nhng chng vn l nhng gii php ring ca mi nh sn xut khng c cng b rng ri. S cn thit cho vic hot ng thng nht gia cc thit b nhng dy tn s khc nhau dn n mt s t chc bt u pht trin ra nhng chun mng khng dy chung. Nm 1997, Institute of Electrical and Electronics Engineers(IEEE) ph chun s ra i ca chun 802.11, v cng c bit vi tn gi WIFI (Wireless Fidelity) cho cc mng WLAN. Chun 802.11 h tr ba phng php truyn tn hiu, trong c bao gm phng php truyn tn hiu v tuyn tn s 2.4Ghz. Nm 1999, IEEE thng qua hai s b sung cho chun 802.11 l cc chun 802.11a v 802.11b (nh ngha ra nhng phng php truyn tn hiu). V nhng thit b WLAN da trn chun 802.11b nhanh chng tr thnh cng ngh khng dy vt tri. Cc thit b WLAN 802.11b truyn pht tn s 2.4Ghz, cung cp tc truyn d liu c th ln ti 11Mbps. IEEE 802.11b c to ra nhm cung cp nhng c im v tnh hiu dng, thng lng (throughput) v bo mt so snh vi mng c dy. Nm 2003, IEEE cng b thm mt s ci tin l chun 802.11g m c th truyn nhn thng tin c hai dy tn 2.4Ghz v 5Ghz v c th nng tc truyn d liu ln n 54Mbps. Thm vo , nhng sn phm p dng 802.11g cng c th tng thch ngc vi cc thit b chun 802.11b. Hin nay chun 802.11g t n tc 108Mbps-300Mbps.

II.CC M HNH WLAN:

Quote: Mng 802.11 linh hot v thit k, gm 3 m hnh mng sau: M hnh mng c lp(IBSSs) hay cn gi l mng Ad hoc M hnh mng c s (BSSs) M hnh mng m rng(ESSs) II.1. M HNH MNG AD HOC(Independent Basic Service sets (BSSs) ): Trch dn Adhoc : wireless clients communicate directly with each other without the use of a wireless AP

or a wired network Ad hoc mode is also called peer-to-peer mode. Wireless clients in ad hoc mode form an Independent Basic Service Set (IBSS), which is two or more wireless clients who communicate directly without the use of a wireless AP. Cc nt di ng(my tnh c h tr card mng khng dy) tp trung li trong mt khng gian nh hnh thnh nn kt ni ngang cp (peer-to-peer) gia chng. Cc nt di ng c card mng wireless l chng c th trao i thng tin trc tip vi nhau , khng cn phi qun tr mng. V cc mng ad-hoc ny c th thc hin nhanh v d dng nn chng thng c thit lp m khng cn mt cng c hay k nng c bit no v vy n rt thch hp s dng trong cc hi ngh thng mi hoc trong cc nhm lm vic tm thi. Tuy nhin chng c th c nhng nhc im v vng ph sng b gii hn, mi ngi s dng u phi nghe c ln nhau.

II.2. M HNH MNG C S (Basic service sets (BSSs) )

Bao gm cc im truy nhp AP (Access Point) gn vi mng ng trc hu tuyn v giao tip vi cc thit b di ng trong vng ph sng ca mt cell. AP ng vai tr iu khin cell v iu khin lu lng ti mng. Cc thit b di ng khng giao tip trc tip vi nhau m giao tip vi cc AP.Cc cell c th chng ln ln nhau khong 10-15 % cho php cc trm di ng c th di chuyn m khng b mt kt ni v tuyn v cung cp vng ph sng vi chi ph thp nht. Cc trm di ng s chn AP tt nht kt ni. Mt im truy nhp nm trung tm c th iu khin v phn phi truy nhp cho cc nt tranh chp, cung cp truy nhp ph hp vi mng ng trc, n nh cc a ch v cc mc u tin, gim st lu lng mng, qun l chuyn i cc gi v duy tr theo di cu hnh mng. Tuy nhin giao thc a truy nhp tp trung khng cho php cc nt di ng truyn trc tip ti nt khc nm trong cng vng vi im truy nhp nh trong cu hnh mng WLAN c lp. Trong trng hp ny, mi gi s phi c pht i 2 ln (t nt pht gc v sau l im truy nhp) trc khi n ti nt ch, qu trnh ny s lm gim hiu qu truyn dn v tng tr truyn dn.

II.3. M HNH MNG M RNG( Extended Service Set (ESSs))

Trch dn A set of two or more wireless APs connected to the same wired network is known as an Extended Service Set (ESS). An ESS is a single logical network segment (also known as a subnet), and is identified by its SSID. Mng 802.11 m rng phm vi di ng ti mt phm vi bt k thng qua ESS. Mt ESSs l mt tp hp cc BSSs ni m cc Access Point giao tip vi nhau chuyn lu lng t mt BSS ny n mt BSS khc lm cho vic di chuyn d dng ca cc trm gia cc BSS, Access Point thc hin vic giao tip thng qua h thng phn phi. H thng phn phi l mt lp mng trong mi Access Point m n xc nh ch n cho mt lu lng c nhn t mt BSS. H thng phn phi c tip sng tr li mt ch trong cng mt BSS, chuyn tip trn h thng phn phi ti mt Access Point khc, hoc gi ti mt mng c dy ti ch khng nm trong ESS. Cc thng tin nhn bi Access Point t h thng phn phi c truyn ti BSS s c nhn bi trm ch.

II.4. u im ca WLAN:
Trch dn S tin li: Mng khng dy cng nh h thng mng thng thng. N cho php ngi dng truy xut ti nguyn mng bt k ni u trong khu vc c trin khai(nh hay vn phng). Vi s gia tng s ngi s dng my tnh xch tay(laptop), l mt iu rt thun li. Kh nng di ng: Vi s pht trin ca cc mng khng dy cng cng, ngi dng c th truy cp Internet bt c u. Chng hn cc qun Cafe, ngi dng c th truy cp Internet khng dy min ph. Hiu qu: Ngi dng c th duy tr kt ni mng khi h i t ni ny n ni khc. Trin khai: Vic thit lp h thng mng khng dy ban u ch cn t nht 1 access point. Vi mng dng cp, phi tn thm chi ph v c th gp kh khn trong vic trin khai h thng cp nhiu ni trong ta nh. Kh nng m rng: Mng khng dy c th p ng tc th khi gia tng s lng ngi dng. Vi h thng mng dng cp cn phi gn thm cp

.II.5. Nhc im ca WLAN:

Trch dn -Bo mt: Mi trng kt ni khng dy l khng kh nn kh nng b tn cng ca ngi dng l rt cao.

-Phm vi: Mt mng chun 802.11g vi cc thit b chun ch c th hot ng tt trong phm vi vi chc mt. N ph hp trong 1 cn nh, nhngvi mt ta nh ln th khng p ng c nhu cu. p ng cn phi mua thm Repeater hay access point, dn n chi ph gia tng. tin cy: V s dng sng v tuyn truyn thng nn vic b nhiu, tn hiu b gim do tc ng ca cc thit b khc(l vi sng,.) l khng trnh khi. Lm gim ng k hiu qu hot ng ca mng. -Tc : Tc ca mng khng dy (1- 125 Mbps) rt chm so vi mng s dng cp(100Mbps n hng Gbps).

1. Bo mt mng khng dy 1.1. Tng quan v bo mt trong mng khng dy

Overview of Wireless Security Khi trin khai thnh cng h thng mng khng dy th bo mt l vn k tip cn phi quan tm, cng ngh v gii php bo mt cho mng Wireless hin ti cng ang gp phi nhiu nan gii, rt nhiu cng ngh v gii php c pht trin ri a ra nhm bo v s ring t v an ton cho d liu ca h thng v ngi dng. Nhng vi s h tr ca cc cng c (phn mm chuyn dng) th Attacker d dng ph v s bo mt ny. Chng ta s cng tm hiu su hn v vn bo mt v cc gii php phng chng m nhiu chuyn gia nghin cu v pht trin thnh cng trong nhng phn sau. Nh rt nhiu ti liu nghin cu v bo mt trong mng Wireless th c th bo mt ti thiu bn cn mt h thng c 2 thnh phn sau: Authentication - chng thc cho ngi dng: quyt nh cho ai c th s dng mng WLAN. Encryption - m ha d liu: cung cp tnh bo mt d liu. Authentication + Encryption = Wireless Security Bi v mng Wireless truyn v nhn d liu da trn sng radio, v v AP pht sng lan truyn trong bn knh cho php nn bt c thit b no c h tr truy cp Wireless u c th bt sng ny, sng Wireless c th truyn xuyn qua cc vt liu nh btng, nha, st, Cho nn ri ro thng tin b cc attacker nh cp hoc nghe trm rt cao, v hin ti c rt nhiu cng c h tr cho vic nhn bit v phn tch thng tin ca sng Wireless sau dng thng tin ny d kha WEP (nh AirCrack, AirSnort, ).

1.2. WEP Wired Equivalent Privacy

WEP l mt h thng m ha dng cho vic bo mt d liu cho mng Wireless, WEP l mt phn ca chun 802.11 gc v da trn thut ton m ha RC4, m ha d liu 40bit ngn chn s truy cp tri php t bn ngoi. Thc t WEP l mt thut ton c dng m ha v gii m d liu. c tnh k thut ca WEP: iu khin vic truy cp, ngn chn s truy cp ca nhng Client khng c kha ph hp S bo mt nhm bo v d liu trn mng bng cch m ha chng v ch cho nhng Client no c ng kha WEP gii m

WEP key lengths Mt kha WEP chun s dng kha 64bit m ha theo thut ton RC4 (s nghin cu trong phn sau). Trong 64bit c 40bit c n. Nhiu nh cung cp s dng nhiu tn khc nhau cho kha WEP nh: standar WEP, 802.11-compliant WEP, 40-bit WEP, 40+24-bit WEP hoc thm ch l 64-bit WEP. Nhng hin ti th 64-bit WEP thng c nhc n hn ht. Nhng vi nhng thit b s dng 64-bit WEP thng th tnh bo mt khng cao v d dng b tn cng. Hin nay c mt chun tt hn l 128-bit WEP, hu ht cc doanh nghip, c nhn u dn chuyn sang 128-bit WEP s dng thut ton RC4 m ha, tnh bo mt cao hn, cc Attacker cng kh khn trong vic d thy kha WEP. Nhng v sau tnh bo mt ca kha WEP 128-bit cng khng cn kh khn na i vi cc Attacker nh s h tr ca cc cng c d tm kha WEP, th lc Wi-fi Protected Access WPA l mt chun bo mt cao cp hn WEP c ra i (chng ta s nghin cu su hn v WPA trong phn sau)

1.3. WPA - Wi-fi Protected Access

WPA c thit k nhm thay th cho WEP v c tnh bo mt cao hn. Temporal Key Intergrity Protocol (**IP), cn c gi l WPA key hashing l mt s ci tin da trn WEP, l v n t ng thay i kha, iu ny gy kh khn rt nhiu cho cc Attacker d thy kha ca mng. Mt khc WPA cng ci tin c phng thc chng thc v m ha. WPA bo mt mnh hn WEP rt nhiu. V WPA s dng h thng kim tra v bo m tnh ton vn ca d liu tt hn WEP (bn c th tm hiu r hn trong cc ti liu v bo mt mng khng dy ca Cisco).

1.4. WPA2 Wi-fi Protected Access 2

WPA2 l mt chun ra i sau v c kim nh ln u tin v ngy 1/9/2004. WPA2 c National Institute of Standards and Technology (NIST) khuyn co s dng, WPA2 s dng thut ton m ha Advance Encryption Standar (AES). WPA2 cng c cp bo mt rt cao tng t nh chun WPA, nhm bo v cho ngi dng v ngi qun tr i vi ti khon v d liu. Nhng trn thc t WPA2 cung cp h thng m ha mnh hn so vi WPA, v y cng l nhu cu ca cc tp on v doanh nghip c quy m ln. WPA2 s dng rt nhiu thut ton m ha d liu nh **IP, RC4, AES v mt vi thut ton khc. Nhng h thng s dng WPA2 u tng thch vi WPA.

**IP?
**IP l mt chun da trn chun IEEE 802.11i. **IP c pht trin nhm nng cao tnh bo mt cho WEP. **IP s dng thut ton RC4 m ha vi 128bit cho m ha v 64bit cho chng thc.

So snh cc chun Wi-Fi

Wi-Fi cn c tn gi khc l IEEE 802.11 (hay ngn gn l 802.11) cng chnh l nhm cc tiu chun k thut ca cng ngh kt ni ny do lin minh Wi-Fi (Wi-Fi Alliance: http://www.wifi.org) quy nh. Hin tn ti cc chng thc sau c a ra bi Wi-Fi Alliance: Chun Phn loi Tnh nng chnh nh ngha Ch thch

IEEE 802.11
Kt ni Tn s: 2,4 GHz Tc ti a: 2 mbps Tm hot ng: khng xc nh Chun l thuyt

IEEE 802.11a
Kt ni Tn s: 5 GHz Tc ti a: 54 mbps Tm hot ng: 25-75 m Xem thm 802.11d v 802.11h

IEEE 801.11b
Kt ni Tn s: 2,4 GHz Tc ti a: 11 mbps Tm hot ng: 35-100 m Tng thch vi 802.11g

IEEE 802.11g
Kt ni Tn s: 2,4 GHz Tc ti a: 54 mbps Tm hot ng: 25-75 m Tng thch ngc vi 802.11b, xem thm 802.11d v 802.11h

IEEE 8021.11n
Kt ni Tn s: 2,4 GHz Tc ti a: 540 mbps Tm hot ng: 50-125 m Tng thch ngc vi 802.11b/g D kin s c thng qua vo thng 11/2008

IEEE 802.11d
Tnh nng b sung Bt tnh nng thay i tng MAC ph hp vi cc yu cu nhng quc gia khc nhau H tr bi mt s thit b 802.11a v 802.11a/g

IEEE 802.11h
Tnh nng b sung Chn tn s ng (dynamic frequency selection: DFS) v iu khin truyn nng lng (transmit power control: TPC) hn ch vic xung t vi cc thit b dng tn s 5 GHz khc H tr bi mt s thit b 802.11a v 802.11a/g

WPA Enterprise
Bo mt

S dng chng thc 802.1x vi ch m ha TKIP v mt my ch chng thc Xem thm WPA2 Enterprise

WPA Personal
Bo mt S dng kha chia s vi m ha TKIP Xem thm WPA2 Personal

WPA2 Enterprise
Bo mt Nng cp ca WPA Enterprise vi vic dng m ha AES Da trn 802.11i

WPA2 Personal
Bo mt Nng cp ca WPA Personal vi vic dng m ha AES Da trn 802.11i

EAP-TLS
Bo mt Extensible Authentication Protocol Transport Layer Security S dng cho WPA Enterprise

EAP-TTLS/MSCHAPv2
Bo mt EAP-Tunneled TLS/Microsoft Challenge Authentication Handshake Protocol S dng cho WPA/WPA2 Enterprise

EAP-SIM
Bo mt Mt phin bn ca EAP cho cc dch v in thoi di ng nn GSM S dng cho WPA/WPA2 Enterprise

WMM
Multimedia Chng thc cho VoIP quy nh cch thc u tin bng thng cho ging ni hoc video Mt thnh phn ca bn tho 802.11e WLAN Quality of Service

IEEE 802.11 cha tng c ng dng thc t v ch c xem l bc m hnh thnh nn

k nguyn Wi-Fi. Trn thc t, c 24 k t theo sau 802.11 u c ln k hoch s dng bi Wi-Fi Alliance. Nh bng trn, cc IEEE 802.11 c phn loi thnh nhiu nhm, trong hu nh ngi dng ch bit v quan tm n tiu chun phn loi theo tnh cht kt ni (IEEE 802.11a/b/g/n...). Mt s IEEE 802.11 t ph bin khc:

IEEE 802.11c: cc th tc quy nh cch thc bt cu gia cc mng Wi-Fi. Tiu chun ny
thng i cp vi 802.11d.

IEEE 802.11e: a QoS (Quality of Service) vo Wi-Fi, qua sp t th t u tin cho cc

gi tin, c bit quan trng trong trng hp bng thng b gii hn hoc qu ti.

IEEE 802.11F: giao thc truy cp ni Access Point, l mt m rng cho IEEE 802.11. Tiu chun ny cho php cc Access Point c th ni chuyn vi nhau, t a vo cc tnh nng hu ch nh cn bng ti, m rng vng ph sng Wi-Fi...

IEEE 802.11h: nhng b sung cho 802.11a qun l di tn 5 GHz nhm tng thch vi cc
yu cu k thut chu u.

IEEE 802.11i: nhng b sung v bo mt. Ch nhng thit b IEEE 802.11g mi nht mi b
sung kh nng bo mt ny. Chun ny trn thc t c tch ra t IEEE 802.11e. WPA l mt trong nhng thnh phn c m t trong 802.11i dng bn tho, v khi 802.11i c thng qua th chuyn thnh WPA2 (vi cc tnh cht c m t bng trn).

IEEE 802.11j: nhng b sung tng thch iu kin k thut Nht Bn. IEEE 802.11k: nhng tiu chun trong vic qun l ti nguyn sng radio. Chun ny d kin s
hon tt v c trnh thnh chun chnh thc trong nm nay.

IEEE 802.11p: hnh thc kt ni m rng s dng trn cc phng tin giao thng (vd: s dng
Wi-Fi trn xe but, xe cu thng...). D kin s c ph bin vo nm 2009.

IEEE 802.11r: m rng ca IEEE 802.11d, cho php nng cp kh nng chuyn vng. IEEE 802.11T: y chnh l tiu chun WMM nh m t bng trn. IEE 802.11u: quy nh cch thc tng tc vi cc thit b khng tng thch 802 (chng hn
cc mng in thoi di ng).

IEEE 802.11w: l nng cp ca cc tiu chun bo mt c m t IEEE 802.11i, hin ch

trong gii on khi u. Cc chun IEEE 802.11F v 802.11T c vit hoa ch ci cui cng phn bit y l hai chun da trn cc ti liu c lp, thay v l s m rng / nng cp ca 802.11, v do chng c th c ng dng vo cc mi trng khc 802.11 (chng hn WiMAX 802.16). Trong khi 802.11x s khng c dng nh mt tiu chun c lp m s b trng tr n cc chun kt ni IEEE 802.11 bt k. Ni cch khc, 802.11 c ngha l mng cc b khng dy, v 802.11x mang ngha mng cc b khng dy theo hnh thc kt ni no y (a/b/g/n). Hnh thc bo mt c bn nht mng Wi-Fi l WEP l mt phn ca bn IEEE 802.11 gc. Bn d dng to mt mng Wi-Fi vi ln ln cc thit b theo chun IEEE 802.11b vi IEEE 802.11g. Tt nhin l tc v khong cch hiu dng s l ca IEEE 802.11b. Mt tr ngi vi cc mng IEEE 802.11b/g v c l l c n l vic s dng tn s 2,4 GHz, vn qu cht chi khi cng l tn s hot ng ca my b m, tai nghe v loa khng dy... T hn na, cc l viba cng s dng tn s ny, v cng sut qu ln ca chng c th gy ra cc vn v nhiu lon v giao thoa. Tuy chun IEEE 802.11n cha c thng qua nhng kh nhiu nh sn xut thit b da trn bn tho ca chun ny to ra nhng ci gi l chun G+ hoc SuperG vi tc thng thng l gp i gii hn ca IEEE 802.11g. Cc thit b ny tng thch ngc vi IEEE

802.11b/g rt tt nhng tt nhin l mc tc gii hn. Bn cnh , bn phi dng cc thit b (card mng, router. access point...) t cng nh sn xut. Khi chun IEEE 802.11n c thng qua, cc nt kt ni theo chun b/g vn c hng li kh nhiu t khong cch kt ni nu Access Point l chun n. Cn lu , bt k tc kt ni Wi-Fi l bao nhiu th tc ra net ca bn cng ch gii hn mc khong 2 mbps (tc kt ni Internet). Vi mi trng Internet cng cng (qun cafe Wi-Fi, th vin...), t hn li th tc truyn file trong mng cc b xem nh khng tn ti.