Professional Documents
Culture Documents
Ασύρµατη δικτύωση µε τεχνολογία IEEE 802.11g
Ασύρµατη δικτύωση µε τεχνολογία IEEE 802.11g
11g
---
.
.
: .
2006
.
.
.
,
.
ABSTRACT
IEEE 802.11 wireless local area networks (WLANs) are widely deployed in corporate
and campus networks as well as public hotspots. However, their introduction is
accompanied by a number of issues, such as security and radio coverage. The purpose
of the thesis is to present an overview of the IEEE 802.11 technology with possible
application services, with emphasis given on location-based services. Furthermore, by
the installation of WLAN access point at the Technological Educational Institute of
Crete / Branch of Chania , we were concerned about network access and security. In
particular, we exploited an open source software for administration of our WLAN in
order to provide authentication of users and other related issues. Finally we present
the site survey results we got before planning and installation of the WLAN by the
use of the Netstumbler software.
1
IEEE 802.11
1.1 ....
1.2 ........
1.3 802.11.
1.4 802.11...........................................
1.5 ...........................
1.6 ..
1.7 802.11....
1.8 ................
1
3
3
4
5
6
7
15
2
802.11x
2.1 ..
2.2 WEP .
2.2.1 WEP
2.2.2 WEP.
2.2.3
2.2.4
2.2.5
2.2.6
WEP ......
WEP
.
..................
..
IV..
TKIP .
802.1......
2.4 ..
2.5 EAP (LEAP).. .....
2.6 EAP .....
17
19
19
21
22
26
28
29
31
31
33
37
40
42
43
45
47
50
3
WLAN
3.1 WLAN..
3.2 Kerio Winroute Firewall..
3.2.1
3.2.2
3.2.3
3.2.4
3.2.5
IP Dhcp Server
.
Http Policy
Kerio..
3.3 Kerio.
52
53
54
55
62
63
64
66
4
LBS WLANs
4.1 .
4.2 .
4.3.1 RSS.
4.3.2
4.3.3 ..
4.4 SNMP.
4.5 IP MAC..
4.6 IP..
4.7 IP .
4.8 APs IP ..
4.9 WLAN LBSs.
4.10
71
72
73
73
74
75
77
78
79
80
81
83
5
WLAN
5.1 WLAN - ,
..
85
5.2.1
5.2.2
5.2.3
5.2.4
5.2.5
5.3.1
5.3.2
5.3.3
89
89
89
90
90
90
92
95
Wardriving..
LAN ..
LAN
.
..
.
.
..
1
IEEE 802.11
1.1
.
,
. ,
. .
.
.
.
:
, .
.
LAN.
.
.
LAN .
,
.
.
, ,
.
.
, , ,
.
,
. , 802.11
.
,
. ,
802.11
. ,
.
802.11 1997, ,
. 802.11 2 Mbps
11 Mbps 54 Mbps.
.
,
802.11.
.
.
. ,
.
.
.
.
Ethernet.
, ,
. '
, .
, ,
, .
() ,
(),
.
(),
.
(Radio Frequency RF),
(Electromagnetic - EM). To RF
.
, ,
,
. ,
,
.
1.2
. ,
.
. , ,
. ,
20 kHz.
6 MHz.
. ,
(FCC).
CEPT (ERO).
(ITU).
,
,
1.4 802.11
802.11
1Mbps 2Mbps. ISM
(2.4GHz 2.4835GHz),
850nm.
ISM
FSK 2 1Mbps FSK 4
2Mbps.
PPM (Pulse Position Modulation).
.
(FHSS)
(DSSS) .
ISM
20dBm , ,
80dBm FER 3%.
1.5
To IEEE 802.11
: (ad-hoc
mode) (infrastructure mode).
.
(ad-hoc)
,
'
. , ,
.
(peer-to-peer networks),
, .
,
(Independent Basic Service Set - IBSS). H
. 1.1.
1.1:
(access points), ,
. To
.
, ,
,
.
(Basic Service
Set BSS). To
(Extended Service Set - ESS). H
. 1.2.
1.2:
1.6
IEEE 802.11
,
(payload). (frames)
: (management),
(control) (data). ,
,
(associate), (disassociate),
. ,
,
, .
,
IEEE 802.11,
(Service Set Identifier - SSID).
( )
IBSSID, BSSID ESSID,
,, IBSS, BSS ESS, .
, SSID
.
1.7 802.11
To IEEE 802.11
.
:
AP
,
. 802.11k, AP
,
APs.
, throughput
.
(APs).
,
laptop
. SSIDs,
,
,
..
IEEE 802.11u
, ,
, , .
802.11u .
. TGy Ieee
802.11 3.65-3.7GHz.
Ieee 802.11y
,
. 802.11y . (3/2006)
:
-l- , -o- , -q- ,
.
: 802.11x ,
802.11 ,
.
802.11
SI.
1.3: 802.11
1.8
802.11a, 802.11b
802.11g . :
802.11
.
. ,
.
802.11
. 802.11g
OFDM 54 ..48 ..36 ..24 ..18 ..12 ..9, 6 Mbps,
CCK 11, 5.5 , 2, 1 Mbps.
,
802.11
. 802.11g
802.11b, 2.4-GHz.
802.11b 802.11g ,
.
5- GHZ
2.4-GHz, 802.11a
802.11b 802.11g.
(access point)
(throughput) .
1.4
1.4 802.11
2
802.11x
2.1
wifi ,
,
. , ,
,
.
,
.
IEEE, (authentication)
, WEP (wired equivalent privacy),
. WEP
. ,
MAC . MAC
,
. Access Point
MAC . MAC
client ,
Access Point.
. ,
unix-like ,
MAC ,
MAC AP.
mac spoofing attacks.
(network sniffer), ,
WiFi MAC
Access Point-. ,
MAC ,
, .
To WEP
. , ,
, .
WEP, 40 . ,
WEP ,
MAC
, WEP.
. ,
.
,
Berkeley Maryland, ,
. Berkeley
, Maryland
, WEP.
, 802.11
WEP (
WEP:unsafe at any key length ).
. (RC4 RCA), ,
. Scott Fluhrer, Itsik
Mantin, Adi Shamir,
.
, WEP,
.
. , .
, AirSnort
WEP ,
- .
.
wifi
Access Points , WEP .
To ,
.
, web sites
.
netstumbler
,
SSID Access Point, WEP,
- .
, ,
wifi ,
.
, wardriving, o
broadband
. parking lot,
wifi ,
,
. , ,
network administrators ,
:
;.
.
,
(disassociation/deauthentication packets) Access
Point. MAC
, MAC-
. AP ,
,
.
, . , 802.11
i, WEP.
, WEP
.
, IPsec, SSL .
2.2 WEP
2.2.1 WEP
WEP
.
, WEP
RC4 ,
( ). ,
bits,
(keystream). To keystream
(ciphertext). ,
keystream. O RC4
(XOR) keystream .
2.1 .
2.1 /
o
keystream .
2.2. (PRNG)
keystream.
,
.
2.2 /
keystream,
keystream . o RC4 802.11
, .
RC4 .
keystream one-time pad
. one-time pads
keystream ,
.
.
.
one-time pads.
,
pads ,
.
. ( ) one-time pad
,
.
keystream
.
WEP
.
.
. .
.
.
.
.
,
() ().
WEP .
.
. WEP
. , WEP
. RC4
,
MAC ,
.
WEP .
.
, . ,
WEP .
WEP, ,
.
2.2.2 WEP
WEP :
- :
.
.
WEP (k) IV.
- :
WEP .
,
.
- :
WEP
.
- :
WEP ,
,
WEP.
- :
WEP 802.11 .
2.2.3 WEP
()
(encryption,
E). plaintext (
P) cipher text (
C).
chiphertext plaintext
(dencryption, D).
cipher
.
( k)
.
P C.
E k (P) = C
D
C P
D =P
k
2.3
D k (E k (P)) = P
2.3
WEP plaintext XORed
.
WEP. 2.4
,
STAs . WEP
.
IV,
(, IV). (, IV)
MPDUs,
WEP,
. IV MPDU
WEP
.
WEP MPDU.
(IV, , ICV)
.
WEP , octets
IV MPDU. PRNG seed 64 bit.
bit 0 23 IV bit 0 23 PRNG seed, .
bit 0 39 bit 24 63 PRNG seed,
. octets PRNG seed RC4
. IV MPDU, ICV.
WEP ICV 32 bit.
, WEP k
XOR.
2.3
. IV
.
(plaintext) ICV.
plaintext
o ICV ICV .
ICV ICV, MPDU
MAC. MSDUs MPDUs (
) LLC.
WEP
, WEP
,
(pairwise), , .
.
, WEP.
. , WEP
pairwise .
.
WEP
WEP RC4 64 bit.
64 bit, 40 .
WEP : WEP, 802.11-
WEP, 40-bit WEP, 40+24-bit WEP 64-bit WEP.
WEP
. 40-bit
,
.
,
. bit
.
WEP,
128-bit RC4 .
24 bit RC4 ,
104 bit . 104 bit ,
128-bit WEP. E
. 128 bit, 24
, 152 bit.
To WEP, , ,
bit .
WEP
.
WEP
WEP
bytes.
bytes
IV, ICV.
2.5.
2.5 E WEP
IV 3 bytes 24-bit IV, o o byte
(key identification).
, key-ID o
.
, key-ID 0.
6 bit byte 0.
32-bit, RC4.
WEP
keystream
.
RC4 keystream, XOR
XOR plaintext.
,
plaintext. keystream, WEP
IV RC4
.
, IV
,
RC4 .
.
802.11 IV
.
IV , .
WEP ,
(CRC). CRCs
bit ,
.
. ,
bit ,
.
. CRCs ,
bit CRC. (
! bit ,
CRC).
, WEP .
WEP
802.11 WEP.
802.11 , ,
. .
. ,
.
:
:
software firmware .
,
.
,
.
WEP 802.11
. WEP
.
.
2.2.4 WEP
WEP.
RC4,
. , ,
.
. WEP .
WEP SNMP,
. , ,
,
.
WEP
, , (ISAAC)
Berkeley
WEP.
RC4.
:
1. .
,
.
,
WEP
( , ,
).
. sniffing WEP,
. WEP,
sniffing .
2. , WEP
40 bit.
40-bit ,
128-bit
. ,
,
WEP
.
3.
keystream. IV WEP
keystream.
IV keystream.
,
IVs. Berkeley
IV 0 IV .
, IV ( 17 ),
.
4.
Berkeley
keystreams.
IV ,
.
.
5. WEP CRC .
RC4 keystream, CRCs
.
.
6.
.
WEP.
.
WEP,
.
2.2.5
2001, Scott Fluhrer, Itsik Mantin, Adi Shamir
RC4. ,
WEP.
RC4 keystream.
byte . , 802.11
LLC, cleartext byte
0xAA ( byte SNAP). byte
cleartext , byte keystream
XOR byte.
(B+3):ff:N. IV
byte RC4 .
bytes . , IV
byte 3:FF:N.
byte 0xFF. byte ,
.
WEP 40 bit, 5 bytes
0 4. IVs
WEP byte 3 (B=0)
7 (B=4) byte 255. byte
. 5 X 1 256=1,280
IVs WEP.
RC4 .
WEP ,
.
128-bit RC4 ,
IVs. 2.1
IVs .
40 bits
104 bits
128 bits
+3 Vs
IV
(+3:FF:N)
3<=B+3<8
1280
(0<=B<5)
3<=B+3<16
3328
(0<=B<13)
3<=B+3<19
4096
(0<=B<16)
IV
0.008%
0.020%
0.024%
2.1 IVs
Flurher, Mantin Shamir
60
byte . , ,
byte . ,
.
.
,
.
2.2.6
WEP
.
. 802.11
.
. ,
,
.
:
1. WEP
.
2001 ,
WEP
. , 802.11
. laptop
PC card IEEE 802.11.
2. .
(peer-to-peer)
WEP . pairwise
.
3. , .
WEP .
WEP
WEP.
4.
. IPSec SSH.
, ,
, ( ,
, ).
5. .
802.11 LAN,
.
.
VPN IPSec. 802.11
,
VPN.
, IPSec
.
. . VPNs
,
(AP)
. IPSec
sniffing .
6. sniffing
. ,
.
. , (tunneling)
. Unix
PPP SSH , IPSec
tunneling
.
. IPSec LAN,
.
LAN WEP.
7. WEP .
WEP,
.
VPN
.
IPSec SSH
.
WEP
, IPSec SSH
.
2.3 WPA -
To IEEE 802.Hi
(Wi-Fi Protected Access - WPA)
WEP,
.
, (Temporal
Key Integrity Protocol - TKIP), . To TKIP
.
2.3.1
WEP, , 2.1.
To ()
.
,
RC4 hardware, ,
hardware.
WEP 2.3,
2.2
.
1. IV
.
2. IV WEP
.
3.
( ).
4.To WEP
.
5. .
2.2: WEP
2.3: WEP
,
. To WEP ICV
, , , .
,
.
,
byte
.
,
bit.
,
. , :
byte
(Message Integrity Code MIC)
. , , MIC
. ,
MIC, .
.
MIC,
,
. ,
.
, ,
, ,
, .
,
, , ,
.
Niels Ferguson (Michael). O
MIC
, .
. ,
(brute force),
.
(countermeasures).
:
. To
,
.
MIC
. ,
WEP.
MSDU MPDU.
. ' , ,
,
MSDU .
, ,
MIC (MPDU) . ,
MPDU.
, ,
.
.
2.3.2 IV
IV WEP, :
To IV
.
To IV IV
.
IV ,
( FMS).
WEP,
IV, . IV
IV, , ,
16 . ,
IV. , WEP:
1. To IV 24 48 bit.
32 bit , IV 56 bit. ,
48 bit, byte
. ,
IV, ,
IV .
,
. , IV WEP
RC4. , IV 24 bit
40 bit, , RC4 64 bit. To hardware
88 bit
. , :
RC4 IV, IV
. 16 bit IV
24 , . 24
bit, WEP. ,
, " (mixed key)
32 bit IV.
IV ,
, . 2.6. ,
:
RC4
IV.
RC4 IV 24 bit
104 bit.
2.6
2. To IV
.
WEP,
. ,
, ,
. ,
, ,
, ,
.
. To
, (TKIP Sequence
Counter - TSC).
, TSC IV .
. ,
, IV ,
TSC .
.
TSC 1
. ,
. ' ,
.
,
TSC 1.
,
. ,
ACK. ,
bit
. , TSC
. ,
TSC
. To TSC
.
-ack (burst-ack). IEEE 802.11,
, . ,
, , , ,
ACK .
-ack , 16
16 .
,
. -ack
, .
ACCEPT: TSC .
2.3.3 TKIP
,
. , (master keys)
, (session keys)
.
,
(preshared) .
WEP, .
,
ad-hoc.
:
1. EAPOL-Key.
2. - (pairwise)
TKIP.
3. (broadcasts)
TKIP.
- :
(128 bit): ,
RC4.
MIC:
MIC (
).
RX MIC:
MIC
supplicant (
).
,
, (broadcasts)
supplicant.
, ,
,
, .
, :
IV
MIC
, . 2.7.
:
1.
2.
3.IV/TSC
4.RC4
MSDU
, . , byte
MPDU
. ( WEP), ICV,
MPDU,
.
MIC MSDU,
IV MIC . '
, MSDU ,
IV
MSDU. , IV,
. ,
, IEEE 802.11e
,
. , MSDU
MSDU
. To TKIP IV - -
IV
, . ,
, MIC.
MIC MSDU,
IV,
IV. To
IV , TSC,
. ,
,
. ,
. ,
TSC . ,
- (denial-of-service).
.
, . 2.7,
RC4
WEP.
firmware.
WEP hardware
-S RC4.
, .
2.7
. '
, . , TSC (
IV) .
ICV
. ,
:
IV ICV.
To MIC
MSDU. MIC ,
MSDU, , , .
, ,
CRC
ICV.
MIC ,
.
2.8
2.3.4 To 802.1X
WEP
802.1X,
IETF (EAP). EAP
.
802.1 .
. .
Supplicants,
Authenticator,
(Authentication Server),
(port).
, switched LAN
hub (connector) Ethernet .
supplicant , authenticator
.
. ,
,
authenticator. 802.1
2.9.
2.9 802.1
To 802.1X .
.
802.1X
.
,
. 802.1
.
"" .
,
.
"" . ,
,
(, ,
) . 802.1
.
,
802.1.
2.4
,
(Extensible Authentication Protocol - ). To
. ,
.
To .
,
.
,
.
.
Request For Comment RFC.
, RFC
(EAP-TLS) TLS
(EAP-TTLS). To
.
:
Request:
supplicant
Response:
supplicant
Success: ,
Failure:
. , IEEE 802.IX,
,
RADIUS. ,
request, success failure,
supplicant.
request response
. To
. ,
.
Identity () 1.
, , : EAPRequest/Identity
supplicant. EAP-Response/Identity,
.
6
. ,
. , .
2 ,
Notification ()
. 3 ,
.
IEEE 802.IX Identity
supplicant
.
:
1.EAP-Identity request ( )
2.EAP-Identity response ( supplicant)
3.EAP-Success ( )
,
, ''. ,
.
, (smart card)
,
.
(one-time password). H ,
,
( ),
.
EAP-Identity
,
, ,
.
EAP-Success EAP-Failure.
H ,
.
2.5 (LEAP)
To (Lightweight LEAP),
Cisco,
RADIUS.
IEEE 802.1X, LEAP
: supplicant,
. supplicant , ,
.
RADIUS.
RADIUS.
To LEAP -
.
MS-CHAPvl,
dial-up. MS-CHAP,
,
. ,
, .
, '' (man in the middle)
. ,
,
.
,
RADIUS.
.
. To
. To
EAPOL-Success .
EAPOL-Key.
, . 2.10:
2.10 LEAP
1.
.
.
2.
, .
3.
EAP-Success
RADIUS.
4.To
EAPOL-Success.
.
5.To EAPOL-Key
.
, .
6.
WEP.
, LEAP IEEE 802.IX
EAPOL, , LEAP
RADIUS.
. To LEAP WEP,
. , LEAP
.
, LEAP MS-CHAPvl,
. , , LEAP
:
2.6 EAP
To (Transport Layer Security TLS)
TSN/RSN. ,
. TSN, RSN,
, AESCCMP ,
. , TLS
/ 802.1X.
TLS
, TLS
.
. 2.11.
,
(Client Hello/Server Hello), ,
.
2.11 TLS
TLS :
1. (
).
2. (master key)
.
3.
.
TSN/RSN, TLS ,
, ,
, . To TSN/RSN
TLS
.
, TLS IEEE 802.IX
, .
2.7 EAP-TLS
To TLS
, TCP/IP. ,
TSN/RSN, TLS .
To . ,
/ EAP-Identity.
. , EAP-Success/Fail
. ,
. 2.12.
2.12:
TLS, RFC
13.
EAP-TLS
. , .
, . 2.13.
2.13: EAP-TLS
To ,
EAP-TLS.
,
. , EAP-TLS
. ,
TLS . ,
EAP-TLS
.
To bit:
:
: .
:
EAPTLS . 2.14.
,
EAP-Start. :
1.{request} .
.
2.{response} .
,
.
, ,
' anonymous'.
3.{request} EAP-TLS
.
.
5.{request} O TLS
: Server Hello, ,
.
6.{response} TLS
:
( )
-
- ,
. ,
, ,
.
.
2.14 EAP-TLS
7.{request} O
.
8.{response}
EAP-Response.
9. ,
EAP-Success, .
,
EAP-Failure .
TLS TSN
RSN. ' , , IP,
. To TLS
, '
. To
EAP-Success
.
, RADIUS.
.
, .
TSN/RSN,
' .
To (privacy) (authenticity)
. To
. ( )
.
: .
. ,
,
. :
) ,
TLS.
.
) ,
, ,
.
To TLS
. ,
,
TLS.
,
.
.
.
.
3
3.1 WLAN
802.11g .
, , ,
.
firewall ( 3.1). firewall
,
.
PC Server
Kerio Winroute Firewall
Access Point
Hardware
,
server Access Point.
. server
Access Point.
wireless
.
Software
Server windows xp professional sp2.
, trojans net attacks Kaspersky anti virus.
Kerio winroute ip
(Dhcp server), (authentication),
(traffic control) (administration) .
.
,
(..
/).
subnet (..
router) .
.
.
.
.
.
TCP/IP . DHCP
.
o
dhcp server Kerio winroute firewall ( 3.3):
configuration dhcp server.
dhcp server enabled.
add scope 192.168.1.10
192.168.1.254, gateway
Access Point.
3.2.2
.
.
.
.
. web authentication
.
configuration advanced options
Web interface/SSL-VPN enable http web interface
enable https (SSL-secured) web interface apply.
users and groups users authentication options
:
Winroute users and groups,
users add.
3.5
1. -
username/password ( 3.5).
domain template
(
)
.
2.
group
( 3.6)
3.6
3.
( 3.7).
P2P
.
3.7
4. .
transfer quota
. upload
download .
3
quota exceed action
:
Generate alert message only (
)
Do not allow the user to open new connections (
)
3.8
Kill all user connections immediately (
)
notify user by email when quota exceeded
( 3.8).
5.
WWW .
ActiveX , java applets scripts
.
( 3.9).
6.
IP (Automatic Login-Specific host IP
Addresses) ( 3.10).
finish apply.
3.9
3.10
3.11
3.2.4
,
.
server. server
.
Kerio winroute
Kerio Administration console.
,
.
. server
,
Kerio Administration client-.
, configuration traffic policy
add
.
( 3.12). Service
KWF Admin, Destination Firewall Source
IP ,
IP .
IP
.
3.12
client Kerio
Administration Console. Host IP server
username password ( 3.13).
3.13
server
.
3.2.5 Kerio
, ,
bandwidth .
Kerio winroute
.
Status statistics
Top 20 (
) 3.14,
(
ftp, mail, p2p, proxy, streams, web, other) 3.15
( 3.16).
.
3.3 Kerio
.
.
-.
access point
, IP 192.168.1.xxx
DHCP pool. ,
IP
.
. captive portal.
Web o
. :
1)
2)
3)
4)
O ( 3.16)
( 3.17)
( 3.18)
. ( 3.19)
3.16 - 1 4
3.17 - 2 4
3.18 3 4
3.19 - 4 4
index page
( 3.20). ,
.
3.20
3.21,
.
bandwidth
.
.
,
bytes ,
,
bandwidth .
3.21
4
LBS WLANs
4.1
(WLANs)
. ,
(ISPs)
(APs) hotspot ,
, , .
hotspot.
, Location-based (LBSs)
hotspot. Locationbased
WLAN. ,
IEEE 802.11 WLAN.
,
LBSs hotspot. hotspot
. IEEE 802.11 AP
, . ,
AP
AP.
LBS, LBS
AP.
.
hotspot,
AP .
I 802.11 WLAN,
,
AP.
(association service) 802.11,
(diassociation) (reassociation).
.
AP.
AP . AP
.
AP
AP ,
APs. APs
. , APs
-Simple Network Management Protocol-(SNMP)
. APs,
SNMP.
SNMP
() APs.
WEB. LBSs web, web browser
.
LBSs PDAs . ,
LBSs WEB.
web browser WEB LBSs, LBSs
IP
HTTP. , LBSs
IP . ' , AP
MAC .
, APs 2 .
AP MAC
. , IP
web server,
MAC . ,
MAC . ,
LBSs WWW,
IP-to-MAC . IP ,
SNMP MAC
(router). ,
LBS , WEB Hotspot.
WLAN
APs .
,
web LBSs Hotspot.
, (server)
.
WEB .
LB WEB
. , LBSs
WEB .
4.2
LBSs .
.
, LBSs ,
(RF)
GPS.
. ,
LBSs.
LBSs
WLANs
802.11. ,
WLAN.
4.3.1 RSS
. (Triangulation)
(RSSs). ,
,
APs
. ,
,
.
,
.
,
. ,
.
RSS-based location fingerprinting.
.
, RSS-based location fingerprinting
APs
APs. APs
hotspot. , RSS-based
APs.
4.3.2
RSS-based ,
AP
. Koo sgm
, RADIUS,
RADIUS server. Remote Authentication Dial-In User Service (RADIUS)
, ,
. RADIUS RADIUS
server WLAN.
WLAN
AP. AP RADIUS server.
, , AP, MAC
4.3.3
RADIUS SNMP
MAC
. , IP
LBSs WWW.
, IP-to-MAC .
IP-to-MAC : DHCP
SNMP. DHCP, log file DHCP server
WLAN .
DHCP server IP ,
IP MAC
log file. , IP-to-MAC
log file.
format log file DHCP server, DHCP
DHCP server. ,
DHCP servers
hotspot. MAC .
SNMP.
SNMP LAN LANs
(VLANs). (default gateways)
LAN VLANs. SNMP
MAC IP
. , IP
MAC network-to-media
ipNetToMediaTable. hotspot
. , .
SNMP
MAC .
4.4 SNMP
LBSs hotspot. RSS-based
,
. RADIUS
WLANs RADIUS.
, ,
RADIUS server.
, SNMP
. , ,
SNMP
. ,
SNMP.
APs
SNMP
APs.
SNMP
AP, AP.
(association service)
IEEE 802.11,
.
AP
.
. AP
AP ,
WLANs. AP
,
AP.
, ,
. ,
APs SNMP ()
.
, IEEE 802.11 SNMP
. ,
APs ,
SNMP. ,
APs.
MAC
. IP AP
SNMP.
APs,
AP .
4.1 SNMP.
, server . server
.
AP server .
server ,
APs. server
. , AP
AP,
(ID), IP ,
. ,
APs.
MAC (ID)
AP .
4.1
:
i) . MAC
AP .
ii) . ID AP
MAC .
iii) .
MAC .
.
WLAN. , ,
.
SNMP.
, SNMP
SNMP.
, SNMP
, MAC
SNMP .
,
WLAN .
4.5 IP MAC
, server MAC
. ' , LB IP
HTTP. ,
LB IP
server . ,
IP-to-MAC . ,
APs 2 , IP
IP . ,
IP APs. ,
IP
.
AP, AP
. , AP
. , APs hotspot.
, APs,
IP WLANs. ,
IP APs,
APs
. IP
LBS,
. ,
. , MAC
.
, .
: Subnet ID, Subnet Mask,
Default_Router, Interface_Index.
. Subnet ID
Subnet_Mask . Default Router
.
. Interface Index
.
management information base - (MIB) APs. ,
AP, SNMP AP .
ipAdEntNetMask
ipAddrTable, MIB .
Subnet_Mask .
Subnet_Mask, Subnet_ID
-- IP AP.
,
. AP,
,
SNMP. ipRouteTable MIB , (. ),
" 0.0.0.0 " ipRouteDest
. ipRouteNextHop
IP .
, Default_Router . , SNMP,
Interface_Index MIB
. ipAddrTable,
MIB ,
IP . Interface Index
ipAdEntI - fIndex. APs
SNMP,
. 4.2 WLAN
. ,
IP-to-MAC
. IP ,
IP . ,
MAC .
MAC ipNetToMediaTable .
ipNetToMediaTable, MIB ,
IP . ,
Interface_Index
IP ,
SNMP get-request ipNetToMediaPhys Address
ipNetToMediaTable. MAC
.
4.6 IP
WLAN hotspot
P IP .
, WLAN hotspots
IP .
IP . ,
LBSs . LBSs,
IP
IP NAT (Network Address Translation) .
IP IP-MAC
, IP
LBS IP
WLAN Hotspot.
IP
, LBS IP
. , IP
NAT WLAN hotspots,
IP --
Ip--MAC.
4.2 WLAN
4.7 IP -
. , IP
.
IP
IP ports. NAPT (Network Address Port
Translation). NAPT, port
LBS. , LBS
port IP
. , LBS web,
port HTTP. ,
. IP
IP.
IP -- ,
IP pool
WLAN hotspots LBSs. IP pool
NAT IP
NAT. ,
. ,
. IP
LBS, address pool
IP. address pool IP,
. ,
IP,
IP . ,
-- ,
IP--MAC. IP
address pool. ,
. ,
-- ,
IP
IP--MAC.
.
SNMP. ,
SNMP. ,
Cisco
MIB. natAddrBindTable MIB
. ,
SNMP
.
SNMP ,
.
4.8 APs IP
APs
. , AP
IP. ,
(association-related trap) AP,
AP trap message.
.
,
LBSs. , trap message
.
source ip address P ,
agent address . ,
AP.
-- ,
IP
. APs IP
,
AP IP .
APs
.
. ,
IP,
. IP
, IP
Default_Router .
XML web .
SOAP
HTTP. ,
SOAP. SOAP LocationRequest,
, muIP
IP
To SOAP LocationResponse,
,
. SOAP LocationResponse
: muIP . H muIP
SOAP LocationRequest.
.
4.3
. 4.4
, .
5. SOAP LocationRequest,
IP , address pool
IP. address pool, NAT
IP . ,
,
IP .
address pool
IP, . ,
IP IP .
6. IP ,
IP.
, SNMP get-request
MAC.
7. MAC ,
AP
. ,
SOAP
LocationResponse.
8. O
SOAP
.
HTTP.
9. AP.
10.To AP SNMP .
.
4.4 WLAN
LBSs
WLAN LBSs
, RADIUS DHCP servers
SOAP. , LBSs
.
4.10
LBSs EI
.
.
.
AP
Simple Network Management Protocol (SNMP)
- .
LBSs
,
.
,
WLAN.
5
WLAN
5.1 WLAN - ,
,
.
,
AP (rogue
APs)
. ,
,
.
: "
2.4GHz ( 5.8GHz);" ' ,
,
.
, Bluetooth ,
, ,
. , ,
, (backdoor entry)
.
NetStumbler Mario Milner hotspots,
o . hotspot
, (freeware).
hopping 14
.
, ,
.
802.11 ( OSI 1 "2).
NetStumbler ( 5.1 5.2),
,
,
.
internet
. .
22
, , , . 5.1
.
MAC
SSID
Name
Chan
Speed
Vendor
Type
Encryption
SNR
Signal+
NoiseSNR+
IP Addr
Subnet
Latitude
Longitude
First Seen
.
Ethernet.
.
" ."
.
,
.
. 802.11b, 1
14.
,
(Mbps).
.
: AP
, peer peer-to peer.
,
WEP.
RF.
microvolt decibels (dBm).
.
RF
dBm.
RF
dBm.
RF
dBm.
(Internet Protocol),
.
IP,
.
To
GPS NetStumbler
.
GPS NetStumbler
.
NetStumbler
.
Last Seen
Signal
Noise
Flags
Beacon Interval
Distance
NetStumbler
.
RF dBm.
.
RF dBm.
.
(flags) 802.11
(Base 16).
AP.
SNR.
5.1 -
5.1 - To
5.2 -
, WEP WPA ,
. NetStumbler
.
Wardriving
WLANs
AP ("rogue AP")
WLANs
5.2.1 Wardriving
Wardriving
. NetStumbler
wardriving, (
GPS).
Auto Reconfigure,
LANs.
,
Network Control Panel TCP/IP
LAN .
GPS.
5.2.2 LAN
LAN .
LAN .
LANs ,
LAN.
NetStumbler LANs
(rogue).
Auto Reconfigure,
LANs.
LAN DHCP, DHCP
.
.
5.2.3 LAN
LAN NetStumbler
.
NetStumbler
.
SSID
.
Auto Reconfigure, SSID
.
5.2.4
WLAN ,
.
( , , )
LAN.
LAN,
.
RF,
NetStumbler
.
Auto Reconfigure,
LANs.
.
.
, Auto Reconfigure
.
, Network Control Panel TCP/IP
.
5.2.5
, NetStumbler
.
AP ( WLAN IBSS
)
SSID
.
Auto Reconfigure, SSID
.
5.3.1
Netstumbler
,
.
5.2.3,
.
: server AP
.
5.3.
AP.
5.3 -
:
netstumbler. O
1 12. 1
12.
( 5.4),
( 5.5).
5.4
5.5 -
5.3.2
. : Name, Encryption, Ip Addr,
Subnet, Latitude, Longitude, Distance.
Name: AP
.
.
Encryption:
encryption .
Ip Addr: IP
.
Subnet:
client.
Latitude, Longitude, Distance:
GPS.
- AP.
,
. : MAC, SSID,
CHAN, Speed, Vendor, Type, Flags Beacon Interval.
MAC MAC AP
netstumbler SSID
AP .
CHAN AP
.
1. 13
, 11 14
. AP
overlapping
AP MHz (
AP 1 AP
6). Speed
54Mbps
802.11g. AP
Vendor. Type
AP ( peer to peer
AP). Beacon
Interval
AP. AP o
10 ,
( 100, ms,
10 ).
Flags netstumbler
,
.
.
, , .
: SNR, Signal+, Noise-, SNR+, Signal, Noise.
SNR: -
.
SNR.
Noise:
.
netstumbler,
.
SNR -100dbm.
Noise-: .
-100dbm hardware
.
Signal+:
-43dbm.
12
1,
AP 1.
AP .
SNR+: .
-43dbm
-100dbm. SNR
: SNR=Signal-Noise. SNR=-43dbm-(-100)=57dbm.
5.6
Signal:
12 .
AP .
-47 -56dbm -64 -67
-79dbm ,
. 5.6
.
.
5.3.3 -
AP .
-79dbm 12
WIFI.
data rate.
:
, 11Mbps
-82dBm.
data rates.
-94 dBm .
-76dBm data rate 11Mbps.
,
. multipath effects (
.).
, . , ,
, /// .
10dB
.
.
,
.
wireless, , ,
, . -
. -95dBm
. 2.4GHz
-50dBm
.
. : -75dBm
.
10dB .
-85dBm.
-95dBm.
-78dBm
data rate
.
.
. 12
SNR
.
,
,
.
[1] O Reilly, Matthew Gast 802.11 Wireless Networks: The Definitive Guide
(Second Edition April 2005)
[2] Addison Wesley, John Edney and William A. Arbaugh Real 802.11 Security:
Wi-Fi Protected Access and 802.11i (2003)
[3] O Reilly, Bruce Potter, Bob Fleck 802.11 Security (First Edition December
2002)
[4] McGraw-Hill, Frank Ohrtman and Konrad Roeder Wi-Fi Handbook: Building
802.11b Wireless Networks (2003)
[5] John Wiley & Sons , Ltd Enabling location-based services in wireless LAN
hotspots(2005)
[6] NetStumbler User Manual
http://www.netstumbler.com/downloads/netstumblerinstaller_0_4_0.exe (November
2006)
[7] Kerio Winroute Manual and guides http://www.kerio.com/supp_kwf_manual.html
(November 2006)
[8] CISCO Capacity Coverage & Deployment Considerations for IEEE 802.11g
http://www.cisco.com/application/pdf/en/us/guest/products/ps430/c1244/ccmigration_
09186a00801d61a3.pdf (November 2006)