BO CO TIU LUN CUI K

MNG V K THUT TRUYN

S LIU
TI: CI THIN BO MT CA SNMP
TRONG MNG KHNG DY

Hc vin: L Long Thnh, Nguyn B Ngc

Lp:
Cao hc KHMT- K16

NI DUNG
1. Gii thiu tng quan v SNMP.
2. Tnh bo mt ca mng khng dy.
3. Kin trc ca SNMPV3.
4. L hng trong vic qun l mng khng dy.
5. Ci thin tnh bo mt.
6. Kt lun.
Ti liu tham kho.

1. GII THIU TNG QUAN V SNMP.

1.1. GIM ST THIT B MNG S DNG SNMP.
BA BI TON PH BIN NHT TRONG CC NG DNG CA
SNMP NH SAU:

Hnh 1.1. Gim st ti nguyn my ch.

Hnh 1.2. Gim st lu lng trn cc port

ca switch, router.

Hnh 1.3. H thng t ng cnh bo s c

tc thi.
3

1. GII THIU TNG QUAN V SNMP.

1.2. CC PHNG PHP GIM ST.
Hai phng thc gim st Poll v Alert.

Phng thc Poll: Trung tm gim st (manager)

s thng xuyn hi thng tin ca thit b cn gim
st (device). Nu Manager khng hi th Device
khng tr li, nu Manager hi th Device phi tr
li. Bng cch hi thng xuyn, Manager s lun
cp nht c thng tin mi nht t Device.

Hnh 1.4. Phng thc Poll.

Phng thc Alert: Mi khi trong Device xy ra

mt s kin (event) no th Device s t ng
gi thng bo cho Manager, gi l Alert. Manager
khng i hi thng tin nh k t Device.

Hnh 1.5. Phng thc Alert.

1. GII THIU TNG QUAN V SNMP.

1.3. GIAO THC SNMP.

SNMP Simple Network Management Protocol l giao

thc qun l mng n gin, c nhng quy nh ring m
cc thnh phn trong mng phi tun theo.

Mt thit b hiu c v hot ng tun theo giao thc

SNMP c gi l c h tr SNMP (SNMP supported)

hoc tng thch SNMP (SNMP compartible).

SNMP dng qun l, ngha l c th theo di, c th

ly thng tin, c th c thng bo, v c th tc ng
h thng hot ng nh mun.

1. GII THIU TNG QUAN V SNMP.

1.3. GIAO THC SNMP.

V d mt s kh nng ca phn mm SNMP:

Theo di tc ng truyn ca mt router, bit

c tng s byte truyn/nhn.

Ly thng tin my ch ang c bao nhiu cng, mi

cng cn trng bao nhiu.

T ng nhn cnh bo khi switch c mt cng b mt

tn hiu (port down).

iu khin tt cc cng trn switch.

6

1. GII THIU TNG QUAN V SNMP.

1.3. GIAO THC SNMP.

u im trong thit k ca SNMP nh sau:

SNMP c thit k n gin ha qu trnh

qun l cc thnh phn trong mng. Nh cc
phn mm SNMP c th c pht trin nhanh v
tn t chi ph.

SNMP c thit c th m rng cc chc nng

qun l, gim st. Khng c gii hn rng SNMP c
th qun l c ci g. Khi c mt thit b mi vi
cc thuc tnh, tnh nng mi th ngi ta c th
thit k custom SNMP phc v cho ring mnh.

SNMP c thit k c th hot ng c lp

vi cc kin trc v c ch ca cc thit b h tr
SNMP. Cc thit b khc nhau c hot ng khc
nhau nhng p ng SNMP l ging nhau.

1. GII THIU TNG QUAN V SNMP.

1.4. CC PHIN BN CA SNMP.

SNMP c 4 phin bn: SNMPv1, SNMPv2c, SNMPv2u

v SNMPv3. Cc phin bn ny khc nhau mt cht
nh dng bn tin v phng thc hot ng. Hin ti
SNMPv1 l ph bin nht do c nhiu thit b tng

thch nht v c nhiu phn mm h tr nht. Trong

khi ch c mt s thit b v phn mm h tr
SNMPv3.

2. BO MT CA MNG KHNG DY.

2.1. GIAO THC WEB.

WEP (Wired Equivalent Privacy)

ngha l bo mt tng ng vi
mng c dy (Wired LAN). Khi
nim ny l mt phn trong chun
IEEE 802.11.
Wireless LAN (WLAN) c cc
chun sau: 802.11b, 802.11a v
802.11g.

Hnh 2.1. Quy trnh

m ha WEP s
dng RC4.

WEP cung cp bo mt cho d liu trn mng khng dy qua phng

thc m ha s dng thut ton i xng RC4 (Hnh 2.1).

Hin nay, a s cc thit b khng dy h tr WEP vi ba chiu di kha:

40 bit, 64 bit v 128 bit. Vi phng thc m ha RC4, WEP cung cp

tnh bo mt v ton vn ca thng tin trn mng khng dy, ng
9

thi c xem nh mt phng thc kim sot truy cp.

2. BO MT CA MNG KHNG DY.

2.1. GIAO THC WEB.

Vi phng thc m ha RC4,

WEP cung cp tnh bo mt v
ton vn ca thng tin trn mng
khng dy, ng thi c xem
nh mt phng thc kim sot
truy cp.

Hnh 2.1. Quy trnh

m ha WEP s
dng RC4.

Tuy nhin, gn y c nhng pht hin ca gii phn tch an ninh cho
thy nu bt c mt s lng ln nht, nh d liu m ha s
dng WEP v s dng cng c thch hp, c th d tm c chnh xc
kha WEP trong thi gian ngn. im yu ny l do l hng trong cch
thc WEP s dng phng php m ha RC4.

10

2. BO MT CA MNG KHNG DY.

2.2. HN CH CA WEB.

Do WEP s dng RC4, mt thut ton s dng phng thc m ha

dng (stream cipher), nn cn mt c ch m bo hai d liu ging
nhau s khng cho kt qu ging nhau sau khi c m ha hai ln
khc nhau. y l mt yu t quan trng trong vn m ha d liu
nhm hn ch kh nng suy on kha ca hacker.

Thm vo , mt trong nhng mi nguy him ln nht l nhng cch

tn cng dng hai phng php nu trn u mang tnh cht th ng.
C ngha l k tn cng ch cn thu nhn cc gi d liu trn ng
truyn m khng cn lin lc vi Access Point. iu ny khin kh nng
pht hin cc tn cng tm kha WEP y kh khn v gn nh khng
th pht hin c.

11

2. BO MT CA MNG KHNG DY.

2.2. HN CH CA WEB.
Hin nay, trn Internet sn c nhng cng c c kh

nng tm kha WEP nh AirCrack (Hnh 2.2), AirSnort,

dWepCrack, WepAttack, WepCrack, WepLab. Tuy nhin,
s dng nhng cng c ny i hi nhiu kin thc chuyn

su v chng cn c hn ch v s lng gi d liu cn

bt c

12
Hnh 2.2. Chng trnh AirCrack d kha.

2. BO MT CA MNG KHNG DY.

2.3. GII PHP WEB TI U.

Vi nhng im yu
nghim trng ca WEP
v s pht tn rng ri
ca cc cng c d tm
kha WEP trn Internet,
giao thc ny khng cn
l gii php bo mt
c chn cho cc
mng c mc nhy
cm thng tin cao.

Hnh 2.3. Cu hnh WEP.

Tuy nhin, trong rt nhiu cc thit b mng khng dy hin

nay, gii php bo mt d liu c h tr ph bin vn l

WEP. D sao i na, cc l hng ca WEP vn c th c
gim thiu nu c cu hnh ng, ng thi s dng
13
cc bin php an ninh khc mang tnh cht h tr.

3. KIN TRC CA SNMPV3.

Kin trc SNMP tri qua hai sa i. Kin trc u tin

ca SNMP c bit n nh SNMPv1. Sau khng

th cung cp sau y: thng tin lin lc ca manager n
manager, thu hi khi lng ln d liu, qun l mng li
rng ln v thu hi thng tin bo mt v thng tin cu hnh.
Nhng vn c gii quyt bng SNMPv2 tr vn

an ninh, m n c gii quyt bi SNMPv3.

Kin trc SNMP bao gm thc th l agent v manager.

14

3. KIN TRC CA SNMPV3.

Cc Agents l cc m-un phn mm m c tr trong cc

thit b qun l cung cp dch v bo co v cu hnh

qun l. Mi thc th SNMP cha ng dng SNMP v SNMP
engine.

ng dng SNMP s dng cc cng

c trao i d liu v cc lnh
gia cc manager v cc agent. Mt
s module c s dng trong ng
c. iu phi , x l tin nhn v bo
mt l cc m-un chnh c tm
thy c hai thc th, manager v

agent ( Hnh 3.1),

Hnh 3.1. SNMP Manager.

15

3. KIN TRC CA SNMPV3.

trong khi cc m-un kim sot

truy cp ch c tm thy ti n v
agent (Hnh 3.2). Nguyn tc iu

phi l chuyn tip cc tin nhn nhn

c t lp vn chuyn n cc mun x l tin nhn. Cc m-un x l
tin nhn x l cc tin nhn nhn
c theo cc phin bn SNMP
tng ng. Sau , cc m-un x
Hnh 3.2. SNMP Agent.

l tin nhn chuyn tip tin nhn ti

cc module bo mt nu thng ip
thuc v SNMPv3 .

16

3. KIN TRC CA SNMPV3.

Cc kha i xng c s dng m ha v xc thc c

ngun gc t mt khu ca ngi qun l lu tr c hai

thc th. Kha ni a cho php mt ngi qun l ch c
mt mt khu v n c kch hot bng cch bm to ra
cha kha vi ID ca mi thc th i din. iu ny cho
php ngi qun l c cc kha khc nhau cho thc th

khc nhau. Khi kha cho mt agent b xm nhp, cc kha

khc ca agent khc th khng b. Mi agent theo di ngi
dng khc nhau thng qua mt bng ni b trong MIB c

cha tn ngi dng, mt khu v truy cp.

17

4. L HNG TRONG VIC QUN L MNG.

Mc tiu ca m-un bo mt c cung cp bi SNMPv3

l ngn chn cc cuc tn cng nh sau:
Sa i d liu: N cn c gi l cuc tn cng manin-the-middle m k tn cng c th nh chn cc thng
ip (tin nhn) v chnh sa chng.
Gi dng: Mt k tn cng t nhn l mt ngi no khc
c truy cp vo nhm lm hn ch thng tin qun l.
Sa i thng ip: Nhng k tn cng c th tr hon
cc thng ip, pht li cc thng ip v sp xp li cc
thng ip nhm cho php trong vic qun l cc hot
ng tri php.
Cng b thng tin: Nhng k tn cng c th vo xem
cc thng tin b mt ca mt ai v a thng tin
18
ra bn ngoi.

4. L HNG TRONG VIC QUN L MNG.

Ch rng SNMPv3 khng dnh m bo ngn chn hai

mi e da sau y:

T chi dch v (DOS): Nhng k tn cng c th ngn chn

c vic trao i cc thng tin gia menager v agent. V xc
xut ca vic tn cng vo DOS trong mng khng dy cn
nhiu hn so vi mng c dy.

Phn tch lu lng: Nhng k tn cng c th dng cch

theo di vic truyn ti thng ip gia manager v agent

nhm phn tch lu lng mt cch bt hp php. Hin nay c
nhng phn mm min ph c cung cp cho khng dy

phn tch lu lng gia hai tnh chn l nh l Airmagnet.

19

4. L HNG TRONG VIC QUN L MNG.

Hai l hng c pht hin trong vic trin khai SNMPv3

trn mng khng dy.

Mt trong nhng cch xc thc c dng trong SNMPv3

dn n vic man-in-the-middle (MITM) nh trong mng
khng dy. Cc MITM c th ng mt vai tr kp: mt

agent v manager.

Mt k tn cng c th dng mt t thi gian ca mnh

crack vo cc mt khu qun tr m khng cn phi gy
s ch n cc hot ng ca mnh, bng cch thng
qua vic ngn chn cc thit b gi by xc thc
tht bi.

20

4. L HNG TRONG VIC QUN L MNG.

Sau y l thut ton cp nht mt khu c s dng bi
SNMPv3:
Thc th Manager:
1- Generate random
2- Compute: digest = Hash ( Oldpassword 1 random)
3- Delta = digest XOR Newpassword
4- ProtocolKeyChange = (random Delta)
Sau n s gi tin nhn setRequest ( protocolKeyChange )
cho ngi nhn.
Thc th Agent:
1- Compute digest = Hash( Oldpassword f random)
2- Compute Newpassword = digest XOR Delta
21
Ch : digest XOR Delta = digest XOR (digest XOR
Newpassword) = Newpassword

5. CI THIN TNH BO MT.

Thay i cc thut ng v k hiu ca tt c cc thit b

c qun l bi ngi qun l chng cc k xm nhp

ly thng tin ra bn ngoi.

Ngt hoc thay i ci t SNMP.

SNMP dng gim st v qun l cc thit b mng. Thay i

ci t SNMP c nhn cng nh cng cng. Chng ta cng c
th ngt hot ng ca tp hp ny. Nu khng, cc k tn

cng c th s dng SNMP nhn tn hiu t h thng mng

khng dy ca ngi dng.
22

5. CI THIN TNH BO MT.

Sa i vic phn tch cc kin trc.

Ti kin trc bo mt thay i, nu mt k tn cng mun p

dng mt cuc tn cng MITM, ngi nhn c th d dng
pht hin n thng qua ch k trao i. Hn na, nhng k
tn cng khng th no sa i cc thng ip bi v s
dng ch k v thi gian ng du trong mi bc ca giao
thc. Cui cng, nu k xm nhp thay i cc thng bo v

tnh xc thc th ngi nhn c th pht hin ra v k t khi

nhn th cn phi xc minh c tnh ng ng ca hai thng
bo sau: danh tnh v ch k.

23

6. KT LUN.

Cc giao thc SNMPv3 vi bo mt hin ti ca n l khng

cho mng khng dy, ni m cc k xm nhp c nhiu

cng c phn tch v crack mt khu. Cc giao thc

SNMPv3 s dng mt khu qun tr xc thc mt chiu
v t mt khu ny cc phm c pht sinh.

Nu mt k xm nhp c kh nng bit mt khu th c th

d dng qun l tt c cc thit b trong lnh vc qun l c

mt khu b ly. Trong kin trc mi, chng s lm vic

xc thc hai chiu c lp vi mt khu qun tr vin bng
cch s dng c quan chng thc.

24

6. KT LUN.
Sau ny l agent m cc du hiu v cc vn giy chng
nhn cho c manager v agent.

Thut ton Diffie-Hellman c s dng bo mt trao i

kha an ton gia manager v agent.

V m bo s an ton th tem thi gian v ch k c

s dng trong cc giao thc trao i kha ngn chn
MITM tn cng.

Cui cng nu mt k xm nhp mun tn cng thut ton

Diffie-Hellman, th k xm nhp cn phi gii quyt cc vn

v ton ri rc, m thng i hi kh nhiu thi
gian tnh ton.

25

TI LIU THAM KHO.

1. H. Otrok, A. Mourad, M. Debbabi and C. Assi, Improving

the Security of SNMP in Wireless Networks, 2005

International

Conference

on

Wireless

Networks,

Communications an Mobile Computing.

2. Dip Thanh Nguyn, SNMP ton tp, 4/2010.

3. Mng Internet.

26