CÁC KIỂU TẤN CÔNG TRÊN MẠNG

7/31/2019 CC KIU TN CNG TRN MNG

1/102

m toi

B GIO DC V O TO

I HC NGOI NG TIN HC THNH PH H CH MINH________________________

LUN VN TT NGHIP C NHN CNTT

CC KIU TN CNG TRN MNG

Gio vin hung dn: TThhyynngg TTrrnngg SSnnNhm sinh vin thc hin:

ng Phm Phc Duy- MASV:0611180

Nguyn Hong Quc Phong - MASV:0611235

THNH PH H CH MINH NM 2010


2/102

Cc kiu tn cng trn mng

M U

Hin nay, cng ngh thng tin ang pht trin ngy cng mnh m. Nhu cus dng mng trongi sng hng ngy l rt cao, u im ca mng my tnh c th hin kh r trong mi lnh vc ca cuc sng. chnh l s trao i,chia s, lu tr v bo v thng tin. Nhng liu khi tham gia vo hot ng trnmng thng tin ca chng ta c thc s an ton, l cu hi m nhiu ngithng xuyn t rav i tm li gii p. Bn cnh nn tng mng my tnh hutuyn, mng my tnh khng dy ngay t khi ra i th hin nhiu u im ni

bt v linh hot, tnh gin n, kh nng tin dng. Do c im trao i thng

tin trong khng gian truyn sng nn kh nng thng tin b r r ra ngoi l iu dhiu.Nu chng ta khng khc phc nhng im yu ny th mi trng mng str thnh mt mnh t mu m cho nhng hacker xm nhp, gy ra s tht thotthng tin, tin bc. Do bo mt trong mng ang l mt vn nng bng hinnay. n ny chng em s miu t cc cch thc tn cngtng qut trnmng vtm hiu cc cch tn cng c th vo mng khng dy. Qua gip chng ta bitcch phng chng nhng nguy c tim n khi tham gia trao i thng tin trnmng.

Chng em rt cm n s hng dn nhit tnh ca thy ng Trng Sn vxin trn trng cm n qu Thy C trong khoa Cng Ngh Thng Tin trng iHc Ngoi Ng Tin Hc Tp H Ch Minh tn tnh ging dy, truyn t nhngkin thc qu bu trong sut thi gian qua lm nn tng v to iu kin cho chngem hon thnh bi bo co ny.

Mc d n lc ht sc mnh, song chc chn bi bo co khng trnh khinhiu thiu st. Chng em rt mong nhn c s ch bo tn tnh ca qu Thy Cv cc bn.

Tp.HCM, ngy 22 thng 6 nm 2010

ng Phm Phc DuyNguyn Hong Quc Phong


3/102


NI DUNG BO CO

Chng 1.Gii thiu: Tng quan v tnh hnh an ninh mng trong nhng nmgny. Cc kiu tn cng ph bin trn mng, ng thi nu ln mc ch, ni dungv ngha ca bo co.

Chng 2.Cc kiu tn cng trn mng: Trnh by cc kiu tn cng thng dngtrn mng hin nay nh: Sniff, la o trc tuyn (Phishing), SQL Injection, tncng t chi dch v. Ccphng phpphng chng cc kiu tn cng trn.

Chng 3.Mng khng dy: Tng quan v Wireless, WLAN,cc cng ngh trongWLAN. Cc m hnh mng WLAN, ng thi cng cho thy u v nhc imca WLAN.

Chng 4.Bo mtmng khng dy:Tng quan v cch thc m ha truyn dntrong WLAN.Nguyn l hot ng, u nhc im ca cc phng thc bo mtcho mng khng dy.

Chng 5.Tn cng mng khng dy:Trnh by cc kiu tn cng c th trnmng khng dy, v cch phng chng cc kiu tn cng .

Chng 6.Demo:Thc hin tn ly mt khu ca mng khng dy c bo mtbng WEP. Sau thc hin tn cng Man In Middle Attack kt hp vi Phishingtrong mng chim ly ti khon truy nhp website ca ngi dng.


4/102


MC LCCHNG 1: GII THIU .....................................................................................8

1.1. Tng quan tnh hnh an ninh mng trong nhng nm gn y.........................8

1.2. Cc kiu tn cng ph bin trn mng my tnh. .............................................9

1.3. Mc tiu ca bo co. .....................................................................................11

CHNG 2: CC KIU TN CNG TRN MNG ......................................12

2.1. K thut bt gi tin dung Sniff. ......................................................................12

2.1.1 Cc loi Sniff v c ch hot ng........................................................... 12

2.1.2. Cch pht hin Sniff. ................................................................................ 13

2.1.3. Cch phng chng Sniff. .......................................................................... 14

2.1.4. Tng kt Sniff. .......................................................................................... 15

2.2. Phishing...........................................................................................................16

2.2.1. C ch hot ng. ..................................................................................... 16

2.2.2. Cch phng phng chng. ........................................................................ 17

2.2.3. Tng kt Phishing..................................................................................... 202.3. SQL injection ..................................................................................................21

2.3.1. Dng tn cng vt qua kim tra ng nhp............................................ 22

2.3.2. Dng tn cng s dng cu lnh SELECT. .............................................. 24

2.3.4. Dng tn cng s dng cu lnh INSERT. .............................................. 25

2.3.5. Dng tn cng s dng stored-procedures ............................................... 26

2.3.6. Cch phng chng sql injection. .............................................................. 26

2.4. Tn cng t chi dch v. ...............................................................................282.4.1. SYN Attack .............................................................................................. 29

2.4.2. Flood Attack ............................................................................................. 32

2.4.3. Tn cng t chi dch v kiu phn tn-DDdos. ...................................... 32

2.4.4. Tn cng t chi dch v phn x nhiu vng DRDOS........................... 34


5/102


2.4.5. Tng kt tn cng dch v. ....................................................................... 35

CHNG 3: CNG NGH MNG KHNG DY..........................................37

3.1. Gii thiu v Wireless ....................................................................................373.2. Cc t chc chnh v knh truyn sng trong mng Wireless. ......................37

3.3. Cc chun Wireless.........................................................................................38

3.3.1. Cc chun ca 802.11............................................................................... 38

3.3.1.1. Nhm lp vt l PHY......................................................................... 39

3.3.1.2. Nhm lin kt d liu MAC............................................................... 41

3.3.2. Gii thiu mt s cng ngh mng khng dy......................................... 42

3.4. Gii thiu Wireless Lan ..................................................................................44

3.4.1. Lch s ra i. ........................................................................................... 44

3.4.2. u im ca WLAN. ............................................................................... 45

3.4.3. Nhc im ca WLAN........................................................................... 46

3.4.4. Cc m hnh mng WLAN....................................................................... 46

3.4.5. Cc thit b ph tr WLAN. ..................................................................... 49

3.4.6. WireLess Access Point ............................................................................. 49

3.4.7. M hnh thc t ca mng WLAN. .......................................................... 51

3.4.8. Mt s c ch trao i thng tin trong WLAN ........................................ 52

3.5. Tng kt chng .............................................................................................53

CHNG 4: BO MT MNG KHNG DY ...............................................54

4.1. Cch thc tin hnh bo mt cho WLAN.......................................................54

4.2. C ch chng thc ..........................................................................................55

4.2.1. Nguyn l RADIUS SERVER ................................................................. 55

4.2.2. Giao thc chng thc m rng EAP ........................................................ 57

4.3. Tng quan v m ha......................................................................................594.3.1. Mt m dng ............................................................................................. 59

4.3.2. Mtm khi.............................................................................................. 60

4.4. Cc phng thc bo mt trong WLAN ........................................................62

4.4.1. Bo mt bng WEP .................................................................................. 62


6/102


4.4.1. u v nhc im ca WEP .............................................................. 68

4.4.2. Bo mt bng WPA/WPA2. ..................................................................... 68

4.4.4. Bo mt bng TKIP .................................................................................. 704.4.5. Bo mt bng AES ................................................................................... 71

4.4.6 Lc (Filtering). ......................................................................................... 71

4.4.6.1. Lc SSID ............................................................................................ 72

4.4.6.2. Lc a ch MAC ................................................................................ 72

4.4.6.3. Lc Giao Thc ................................................................................... 74

4.5. Tng kt chng .............................................................................................75

CHNG 5: CC KIU TN CNG TRONG WLAN ..................................76

5.1. S khc nhau gia tn cng mng c dy v khng dy................................76

5.2. Tn cng b ng (Passive attack) ..................................................................76

5.2.1. Phng thc bt gi tin (Sniffing). .......................................................... 77

5.3. Tn cng ch ng (Active Attack). ..............................................................79

5.3.1. Mo danh truy cp tri php ..................................................................... 81

5.3.2. Tn cng t chi dch v-DOS. ................................................................ 81

5.3.3. Tn cng cng ot iu khin v sa i thng tin. ............................ 84

5.3.4. D mt khu bng t in ........................................................................ 85

5.4. Jamming (tn cng bng cch gy ghn)........................................................86

5.5. Tn cng theo kiu ng gia(Man-in-the-middle Attack) ...........................88

5.4. Tng kt chng .............................................................................................89

CHNG 6: DEMO TN CNG VO MNG KHNG DY .....................90

6.1. B kha mt khu mng wifi chun WEP ......................................................90

6.2. Cc bc thc hin .........................................................................................90

6.3. Gi mo DNS (DNS Spoofing) ......................................................................966.4. Cc bc thc hin .........................................................................................98

KT LUN V HNG PHT TRIN .......................................................... 101

TI LIU THAM KHO ................................................................................... 102


7/102


DANH MC CH VIT TT

- WPA:Wifi Protectedd Access.- WEP: Wired Equivalent Privacy.- WLAN: Wireless Lan.- TKIP: Temporal Key Integrity Protocol.- AES: Advanced Encryption Standard.- SSID: Service Set identifier.- FHSS: Frequency Hopping Spread Spectrum.- IEEE: Institute of Electrical and Electronic Engineers.- OFMD: Orthogonal frequency-division multiplexing.


8/102


CHNG 1: GII THIU

1.1. Tng quan tnh hnh an ninh mng trong nhng nm gn y.C th ni rng th k 21 v ang chng kin s pht trin vt bc trong

ngnh cng ngh thng tin (CNTT). CNTT to nn mt cuc cch mng thc strong mi lnh vc ca khoa hc v i sng. Mng my tnh l mt v d in hnhcho sc mnh ca CNTT. u im ca mng my tnh c th hin kh rtrong mi lnh vc ca cuc sng. chnh l s trao i, chia s, lu tr v bov thng tin. Do mng my tnh tr thnh ming mi ngon cho nhng hackerxm nhp nh chim ot thng tin gy gin on thng tin lin lc.

Tnh hnh an ninh mng trong nhng nm gn y chuyn bin rt phc tp, vi

s xut hin ca cc loi hnh c ln mi:

- Trojans chim ti hn mt na s m c mi: Vn tip tc xu th gny, trong na u nm 2009, Trojans chim ti 55% tng s lng m cmi, tng 9% so vi na u nm 2008. Trojans nh cp thng tin l loim c ph bin nht.

- Gn mt na s l hng an ninh vn cn cha c v:Ging vi cuinm 2008, gn mt na (49%) tng s l hng an ninh c cng b trong

na u nm 2009 vn cha c cc bn v do nh cung cp pht hnh ( Tnhn khi kt thc giai on nghin cu.)

- M cc c Conficker: Khi u thng 12 nm 2008 v pht trin mnhvo thng 4 nm 2009, Conficker gy tr ngi cho cc nh nghin cu anninh v gy ra s hoang mang cho cng ng ngi dng my tnh. Hu quny minh chng cho s tinh vi v phc tp ca cc ti phm mng. Theothng k, Vit Nam ng th nm v Indonesia ng th tmtrong cc ncc t l my tnh nhim loi m c ny.

-

URL spam vn tip tc ng u, nhng spam hnh nh cng angquay tr li: Sau khi gn nh bin mt vo nm 2008, spam hnh nh(image-based spam) quay tr li trong na u nm 2009, nhng vn chchim khng y 10% tng s spam.

- Xut hin li nhng kiu tn cng c nhng tinh vi hn : Trong nhngtn cng bng su my tnh trn din rng s li ph bin v Trojan vn tip


9/102


tc ng vai tr ch yu trong cc hot ng tn cng qua mng. Cc loihnh tn cng t chi dch v din ra trn quy m ln trong na u nm2009.

- Xut hin cc kiu tn cng mi:u nm 2010 cc mng x hi o cngb tn cng chim ly ti khon thng tin nhiu hn. in ton m myang c coi l nh ngm ca cc hacker trong nhng thng tip theo(Ngun http://www.pcworld.com.vn).

1.2. Cc kiu tn cng ph bin trn mng my tnh.

- Tn cng trc tip:Nhng cuc tncng trc tip thng thng c sdng trong giai on u chim quyn truy nhp bn trong. Mt phng

php tn cng c in l d tm tn ngi s dng v mt khu. y lphng php n gin, d thc hin v khng i hi mt iu kin c bitno bt u. K tn cng c th s dng nhng thng tin nh tn ngidng, ngy sinh, a ch, s nh on mt khu. Trong trng hp cc danh sch ngi s dng v nhng thng tin v mi trng lm vic,c mt trng trnh t ng ho v vic d tm mt khu ny. Trong mt strng hp phng php ny cho php k tn cng c c quyn ca ngi

qun tr h thng (root hay administrator).- Nghe trm: Vic nghe trm thng tin trn mng c th a li nhng thng

tin c ch nh tn, mt khu ca ngi s dng, cc thng tin mt chuynqua mng. Vic nghe trm thng c tin hnh ngay sau khi k tn cng chim c quyn truy nhp h thng, thng qua cc chng trnh cho

php a card giao tip mng (Network Interface Card-NIC) vo ch nhn ton b cc thng tin lu truyn trn mng. Nhng thng tin ny cngc th d dng ly c trn Internet.

- Gi mo a ch: Vic gi mo a ch IP c th c thc hin thng quavic s dng kh nng dn ng trc tip (source-routing). Vi cch tncng ny, k tn cng gi cc gi tinIP ti mng bn trong vi mt a chIP gi mo (thng thng l a ch ca mt mng hoc mt my c coi l


10/102


an ton i vi mng bn trong), ng thi ch r ng dn m cc gi tinIP phi gi i.

- V hiu cc chc nng ca h thng:y l kiu tn cng nhm t lit hthng, khng cho n thc hin chc nng m n thit k. Kiu tn cng nykhng th ngn chn c, do nhng phng tin c t chc tn cngcng chnh l cc phng tin lm vic v truy nhp thng tin trn mng.V d s dng lnh ping vi tc cao nht c th, buc mt h thng tiuhao ton b tc tnh ton v kh nng ca mng tr li cc lnh ny,khng cn cc ti nguyn thc hin nhng cng vic c ch khc.

- Li ca ngi qun tr h thng:y khng phi l mt kiu tn cng canhng k t nhp, tuy nhin li ca ngi qun tr h thng thng to ra

nhng l hng cho php k tn cng s dng truy nhp vo mng ni b.- Tn cng vo yu t con ngi:K tn cng c th lin lc vi mt ngi

qun tr h thng, gi lm mt ngi s dng yu cu thay i mt khu,thay i quyn truy nhp ca mnh i vi h thng, hoc thm ch thay imt s cu hnh ca h thng thc hin cc phng php tn cng khc.Vi kiu tn cng ny khng mt thit b no c th ngn chn mt cch huhiu, v ch c mt cch gio dc ngi s dng mng ni b v nhng yucu bo mt cao cnh gic vi nhng hin tng ng nghi. Ni chung

yu t con ngi l mt im yu trong bt k mt h thng bo v no, vch c s gio dc cng vi tinh thn hp tc t pha ngi s dng c thnng cao c an ton ca h thng bo v.


11/102


1.3. Mc tiu ca bo co.

Vi s pht trin mnh m ca mng my tnh hin nay, nhu cu s dng mngcho vic trao i v chia s thng tin, tham gia trao i bun bn. Th mng mytnh tr thnh mi trng d tn cng nht cho cc hacker. Do bo mt mngang tr ang l iu cp thit vi nhu cu hin nay.

Bi bo co cc kiu tn cng trn mng c thc hin nhm mc tiu boco v cc kiu tn cng ph bin trn mng . Tm hiu cng ngh mng khng dyv cc phng php tn cng. V quan trng l cch phng chng nhng cch tncng trn.

Mc tiu ra l: Tm hiu mt skiu tn cng ph bin trn mng. Tm hiu cng ngh mng khng dycc phng php tn cng c th

vo mng khng dy. Cch phng phng cc kiu tn cng trn.


12/102


CHNG 2: CC KIU TN CNG TRNMNG

2.1. K thut bt gi tin dung Sniff.

Khi nim: Sniffer l mt hnh thc nghe ln trn h thng mng, da trnnhng c im ca c ch TCP/IP.Sniffer l mt k thut bo mt,c pht trinnhm gip nhng nh qun tr mng (QTM) khai thc mng hiu qu hn v cth kim tra cc d liu ra vo mng,cng nh cc d liu chy trong mng.

Chng nng ca Sniff:

- c pht trin thu thp cc gi tin trong h thng.- Mc ch ban u l gip cc nh qun tr mng qun l tt h thng, kim

tra cc li hay cc gi tin l.- Sau ny cc hacker dng phng php ny ly ti khon,mt khu hay cc

thng tin nhy cm khc.- Bin th ca Sniffer l cc chng trnh nghe ln bt hp php nh: Cng c

nghe ln Yahoo, MSN, n cp password Email vv

Nhng iu kin Sniff xy ra:

- Sniff c th hot ng trong mng Lan, mng WAN, mng WLAN.- iu kin cn ch l dng cung Subnet Mark khi Sniffer.- Ngoi ra ta cn cn mt cngc bt v phn tch gi tin nh: Cain&Abel,

Ettercap,HTTP sniffer.

2.1.1 Cc loi Sniff v c ch hot ng.

Active sniff:- Mi trng: ch yu hot ng trong mi trng c cc thit b chuyn mch

gi.Ph bin hin nay l cc dng mch s dng switch.- C ch hot ng: Ch yu hin nay thng dng c ch ARP v RARP (2

c ch chuyn i t IP sang MAC v t MAC sang IP) bng cch pht i


13/102


cc gi tin u c, m c th y l pht i cc gi thng bo cho my gigi tin l ti l ngi nhn mc khng phi l ngi nhn.

- c im: do phi gi gi tin i nn c th chim bng thng mng.Nusniff qu nhiu my trong mng th lng gi gi i s rt ln (do lin tcgi i cc gi tin gi mo) c th dn n nghn mng hay gy qu ti trnchnh NIC ca my ang dng sniff (tht nt c chai).

Ngoi ra cc sniffer cn dng mts k thut p dng d liu i qua NIC camnh nh:

- MAC fooding: lm trn b nh switch t switch s chy ch forwarding m khng chuyn mch gi.

- Gi MAC: cc sniffer s thay i MAC ca mnh thnh MAC ca mtmy hp l v qua c chc nng lc MAC ca thit b.

- u c DHCP thay i gateway ca client.Passive sniff:

- Mi trng: ch yu hot ng trong mi trng khng c cc thit bchuyn mch gi.Ph bin hin nay l cc dng mng s dng hub, hay ccmng khng dy.

- C ch hot ng: do khng c cc thit b chuyn mch gi nn cc hostphi b broadcast cc gi tin i trong mng t c th bt gi tin li xem(d host nhn gi tin khng phi l ni n ca gi tin ).

- c im: do cc my t broadcast cc gi nn hnh thc sniff ny rt khpht hin.

2.1.2. Cch pht hin Sniff.

i vi active sniff:

Da vo qu trnh u c arp ca sniffer pht hin:- V phi u c arp nn sniffer s lin tc gi cc gi tin u c ti cc

victim. Do ,ta c th dng mt s cng c bt gi trong mng c thpht hin.


14/102


- Mt cch khc ta c th kim tra bng arp ca host. Nuta thy trong bngarp ny c hai MAC ging nhau th lc ny c kh nng mng ang bsniffer.

Da trn bng thng:- Do qu trnh gi gi tin u c ca sniffer nn qu trnh ny c th chim

bng thng, t y ta c th dng mt s cng c kim tra bng thng pht hin.

- Tuy nhin cch ny khng hiu qu v chnh xc cng khng cao. Cc cng c pht hin sniff hay pht hin u c arp:

- Xarp- Arpwatch- Symantec EndPoint

i vi Passive Sniff:- Kh c kh nng pht hin, v bt k host no trong mng cng c th bt

c gi tin.- Tuy nhin dng mng loi sniff ny hot ng ch yu dng mng thng

dng trong gia nh rt t s dng cho doanh nghip.

- Tuy nhin,hin nay cc doanh nghip thng dng mng khng dy cho ccmy tnh xch tay th c th s dng thm cc tnh nng lc MAC ca thit

b, hay c th xc thc bng ti khon,mt khu hay kha truy cp.

2.1.3. Cch phng chng Sniff.

Active Sniff:

- Cng c kim tra bng thng: Nh nu trn cc sniffer c th gy nghnmng do c th dng cc cng c kim tra bng thng. Tuy nhin, cchlm ny khng hiu qu.

- Cng c bt gi tin: Cc sniffer phi u c arp nn s gi arp i lin tc,nu dng cc cng c ny ta c th thy c ai ang sniff trong mng.Cch


15/102


ny tng i hiu qu hn, nhng c mt vi cng c sniff c th gi IP vMAC nh la.

- Thit b:i vi thit b ta c th dng cc loi c chc nng lc MAC phng chng.Ring vi switch c th dng thm chc nng VLAN trunking,c th kt hp thm chc nng port security (tng i hiu qu do dngVLAN v kt hp thm cc chc nng bo mt).

- Cch khc: Ngoi ra ta c th cu hnh SSL, tuy hiu qu, nhng cha caovn c kh nng b ly thng tin.

i vi ngi dng:

- Dng cc cng c pht hin Sniff ( k trn): Khi c thay i v thng tinarp th cc cng c ny s cnh bo cho ngi s dng.

- Cn trng vi cc thng bo t h thng hay trnh duyt web: Do mt scng c sniff c th gi CA (Cain & Abel) nn khi b sniff h thng hay trnhduyt c th thng bo l CA khng hp l.

- Tt chc nng Netbios (ngi dng cp cao) qu trnh qut host ca ccsniffer khng thc hin c. Tuy nhin cch ny kh c th p dng thc tnguyn nhn l do switch c th lu MAC trong bng thng tin ca nthng qua qu trnh hot ng.

Passive sniff:

Dng sniff ny rt kh pht hin cng nh phng chng. Thay th cc hub bng cc switch, lc ny cc gi tin s khng cn broadcast

i na , nhng lc ny ta li ng trc nguy c b sniff dng active.

2.1.4. Tng kt Sniff.

- Sniff l hnh thc nghe ln thng tin trn mng nhm khai thc hiu qu hnti nguyn mng, theo di thng tin bt hp php. Tuy nhin, sau ny cchacker dng sniff ly cc thng tin nhy cm. Do , sniff cng l mtcch hack.


16/102


- Sniff thng tc ng n cc gi tin,t tc ng mnh n phn h thngnn sniff rt kh pht hin. Do ,tuy sniff hot ng n gin nhng rthiu qu.

- Do gn nh khng trc tip tc ng ln h thng mng nn cc hnh thcsniff sau khi hot ng thng t li du vt hay hu qu nghim trng.

- Tuy hin nay cc c ch sniff c bing php phng chng v pht hinnhng cc bing php ny cng khng thc s hiu qu trong mt vi trnghp, do , ngi khai thc cc h thng mng nn cn thn trong qu trnhkhai thc, truy cp mng trnh mt mt thng tin qua trng.

- hn ch sniff trn cc h thng, ta nn hn ch nhiu ngi tip xc phnvt l ca h thng, subnet ca LAN, cu hnh VLAN, port secure trnswitch.

2.2. Phishing

- Phishing l loi hnh gia ln (thngmi) trn Internet, mt thnh phn caSocial Engineeringk ngh la o trn mng. Nguyn tc ca phishingl bng cch no la ngi dng gi thng tin nhy cm nh tn, ach, mt khu, s th tn dng, m th ATM n k la o (scammer).

Cc thc hin ch yu l m phng li giao din trang web ng nhp (loginpage) ca cc website c tht, k la o s dn d nn nhn (victim) incc thng tin vo trang dm ri truyn ti n anh ta (thay v n serverhp php) thc hin hnh vi nh cp thng tin bt hp php m ngi sdng khng hay bit.

- Theo thi gian, nhng cuc tn cng phishing khng cn ch nhm vo ccti khon Internet ca AOL m m rng n nhiu mc tiu, c bit lcc ngn hng trc tuyn, cc dch v thng mi in t, thanh ton trn

mng, v hu ht cc ngn hng ln M, Anh, c hin u b tn cngbi phishing. V cng v nhm vo mc tiu nh cp credit card nn n cnc gi l Carding.

2.2.1. C ch hot ng.


17/102


Trc y, hacker thng dng trojan (gin ip) n my nn nhn chngtrnh ny gi mt khu hay thng tin n k tn cng. Sau ny cch dng la oly thng tin c s dng nhiu hn. La o th c rt nhiu cch, ph bin v dthc hin vn l phishing. Nu bn tng nghe qua k thut Fake Login Email sthy phishing cng da theo nguyn tc ny. thc hin phishing cn haibc chnh:

- Tm cch d nn nhn m a ch trang web ng nhp gi. Cch lm chnhl thng qua ng lin kt ca email.

- To mt web ly thng tin gi tht ging.Khng ch c vy, hacker cn kt hp nhiu xo thut khc nh to nhng email

(gi) c a ch ln ni dung sao cho c sc thu ht, m ha ng link (URL) trnthanh addressbar, to IP server gi

2.2.2. Cch phng phng chng.

Phng chng phishing khng kh, quan trng l ngi dng phi cn thn khi nhnc cc trang ng nhp c yu cu in thng tin nhy cm. Nh ni trn, tncng phishing qua hai giai on th phng chng cng qua hai giai on

Vi Email gi chng taly mt v d saul on email ca ngn hng Citibank giti cho khch hng:

Received: from host70-72.pool80117.interbusiness.it ([80.117.72.70])by mailserver with SMTPid ; Mon, 29 Sep 2003 02:17:00 +0000

Received: from sharif.edu [83.104.131.38] by host70-72.pool80117.interbusiness.it(Postfix) with ESMTP id EAC74E21484B for ; Mon, 29 Sep 2003 11:15:38+0000Date: Mon, 29 Sep 2003 11:15:38 +0000From: Verify Subject: Citibank E-mail Verification: [email protected]: E-Response


18/102


References: In-Reply-To: Message-ID:

Reply-To: Verify Sender: Verify MIME-Version: 1.0Content-Type: text/plainContent-Transfer-Encoding: 8bitDear Citibank Member,This email was sent by the Citibank server to verifyyour e-mail address. You must complete this process by clicking on the linkbelow and entering in the small window your Citibank ATM/DebitCardnumber and PIN that you use on ATM.

This is done for your protection -t- becaurse some of our members no longerhave access to their email addresses and we must verify it.To verify your e-mail address and access your bank account,click on the link below. If nothinghappens when you click on the link (or if you use AOL)K, copy and paste thelink intothe address bar of your web browser.http://www.citibank.com:[email protected]/3/?3X6CMW2I2uPOVQWy---------------------------------------------

Thank you for using Citibank!

C---------------------------------------------This automatic email sent to: [email protected] not reply to this email.R_CODE: ulG1115mkdC54cbJT469

Nu quan st k, chng ta s thy mt s im th v ca email ny:

- V ni dung th:R l cu c, ng php ln xn, c c nhng t sai chnht, v d becaurse, this automatic..V ai cng r l iu ny rt kh xy ra

i vi mt ngn hng v cc email u c chun ha thnh nhng biumu thng nht nn chuyn b sai cn phi c xem li.

- C cha nhng k t hash-busters, l nhng k t c bit vt qua ccphng trnh lc th rc (spam) da vo k thut hash-based spam nh -t-,K phn chnh th v y, C cui th. Ngi nhn khc nhau s nhn


19/102


nhng spam vi nhng hash-busters khc nhau. M mt email tht, c ngungc r rng th u cn phi dng n cc tiu xo .

- Phn header ca email khng phi xut pht t mail server ca Citibank.Thay v mango2-a.citicorp.com (mail server chnh ca Citybank LosAngeles) th n li n t Italia vi a ch host 70-72.pool80117.interbusiness.it (80.117.72.70) vn khng thuc quyn kimsot ca CityBank. Lu , mc nh Yahoo Mail hay cc POP Mail

- Client khng bt tnh nng xem header, cc bn nn bt v s c nhiu iuhu ch.

Vi lin kt di:

http://www.citibank.com:[email protected]/3/?3X6CMW2I2uPOVQ

- Nhn thong qu th c v l xut pht t Citibank, nhng thc t bn hyxem on pha sau ch @. mi l a ch tht v sd96V.pIsEm.Net lmt a ch gi t Maxcova, Nga hon ton chng c lin quan g nCitibank.

- K tn cng li dng l hng ca trnh duyt web thc thi lin kt gi.Hai im yu thng dng:

- S dng k t @. Trong lin kt, nu c cha k t @ th trnh duyt webhiu thnh phn ng trc k t ny ch l ch thch, n ch thc thi ccthnh phn ng sau ch @. V d nh link trn th ng dn thc s lsd96V.pIsEm.NeT/3/?3X6CMW2I2uPOVQW.

- S dng k t %01. Trnh duyt s khng hin th nhng thng tin n m sauk t ny. V d Tn lin kt . Lc khi bn a trchut vo Tn lin kt th trn thanh trng thi ch hin th thng tin phatrc k t %01.

Vi Website gi ta dng cc cch sau:


20/102


- Nu nhn vo lin kt email n a bn n mt trang ng nhp(dm). D bn ngoi n ging ht trang tht, ngay c a ch hay thanh trngthi nhn cng c v tht.Nhng nu bn xem k lin kt trn thanh address

bar th bn s thy pha sauch @ mi l a ch tht. Bn m in thngtin vo th xem nh tiu.Tt hn htl xem m ngun (view source) caform th r l form thng tin khng phi truyn n citibank m l n mtni khc.

- Vi cch tip cn theo kiu bit cch tn cng phng th trn, chng tas thy r hn bn cht ca mt cuc tn cng phishing tn cng n gin,nhng hiu qu th rt cao. Mt khi bn hiu c cch thc tn cng th

chc rng bn cng s c cch i ph thch hp.

2.2.3. Tng kt Phishing

- Cn thn vinhng email l, c bit l nhng email yu cu cung cpthng tin d vn bit l phi trnh nhng khng t trng hp u chquan.

- Xem k ni dung c chnh xc, c ging vi nhng biu mu thnggp khng. Nu sai chnh t nh trn l c vn .

- Nu c yu cu xc nhn th xem k lin kt, nu c k t l nh @ hay%01 th c kh nng gi mo.

- Nu mun m mt link th nn t khi v copy ri dn vo trnh duyt,v ng thi phi xem k trn thanh a ch xem lin kt c bin ithm cc k t l nh @ hay khng.

- Khi c yu cu cung cp thng tin quan trng, tt hn ht l nn trctip vo website ca pha yu cu cung cp thng tin ch khng i

theo ng lin kt c gi n. Cn thn hn th nn email li (khngreply email nhn) vi phai tc xc nhn hoc lin h vi phai tc bng phone hi xem c ku mnh gi thng tin khng cho anton.

- Vi cc trang xc nhn thng tin quan trng, h lun dng giao th c


21/102


http secure (c s sau http) nn a ch c dng https://.... ch khngphi l http:// thng.Ngn hng ku ta xc nhn li dng http://thng th chc l ngn hng gi.

- trnh mt ht ti khon, mi ti khon nn t mt khu khcnhau, v nn thay i thng xuyn (xem thm Hng dn t v bov mt khu).

- Nn thng xuyn cp nht cc ming v l hng bo mt cho trnhduyt (web browser). Ci thm chng trnh phng chng virus, ditworm, trojan v tng la l khng bao gi tha.

- Cui cng, v cng l quan trng nht l ng qun kim tra thngxuyn thng tin th ATM,Credit Card, Ti khon ngn hng.

- Nu b la bn phi thng bo n t chc Anti Phishing GroupPhng chng Phishing quc t (www.antiphising.org) nh h gip.

2.3. SQL injection

SQL injection l mt k thut cho php nhng k tn cng li dng l hng trongvic kim tra d liu nhp trong cc ng dng web v cc thng bo li ca h

qun tr c s d liu "tim vo" (inject) v thi hnh cc cu lnh SQL bt hpphp. Hu qu ca n rt tai hi v n cho php nhng k tn cng c th thc hincc thao tc xa, hiu chnh, do c ton quyn trn c s d liu ca ng dng,thm ch l server m ng dng ang chy. Li ny thng xy ra trn cc ngdng web c d liu c qun l bng cc h qun tr c s d liu nh SQLServer, MySQL, Oracle, DB2, Sysbase. ng v tr l mt ngi lp trnh web vngi qun tr bn cn phi c nhng hiu bit r rng v sql injection c thngn nga v v phng trnh n.

Cch thc hot ng ca mt ng dng web:


22/102


Hnh 2.1: Qu trnh gi nhn d liu trong qu trnh user duyt web

Bc 1:User (k tn cng) gi mt request n web server vi du ( ) kimtra xem trang web cb dnh li SQL Injection khng.Bc 2: Web Server nhn c request v tin hnh to cu truy vn ly d liu

t Database Server.Bc 3:Database Server thc hin cu truy vn v tr v thng bo li cho Webserver .

Bc 4: Web Server tr v thng bo li cho user (k tn cng).

Nhn chung c bn kiu tn cng ph bin sau:- Vt qua kim tra lc ng nhp (authorization by pass).- S dng cu lnh SELECT.- S dng cu lnh INSERT.- S dng cc stored-procedures.2.3.1. Dng tn cng vt qua kim tra ng nhp.

Vi dng tn cng ny, tin tc c th d dng vt qua cc trang ng nhp nhvo li khi dngcc cu lnh SQL thao tc trn c s d liu ca ng dng web.Xt mt v d in hnh, thng thng cho php ngi dng truy cp vo cctrang web c bo mt, h thng thng xy dng trang ng nhp yu cungi dng nhp thng tin v tn ng nhp v mt khu. Sau khi ngi dng nhpthng tin vo, h thng s kim tra tn ng nhp v mt khu c hp l hay khng quyt nh cho php hay t chi thc hin tip.Trong trng hp ny, ngi ta c th dng hai trang, mt trang HTML hin thform nhp liu v mt trang ASP dng x l thng tin nhp t pha ngi dng.V d:


23/102


Trang HTML.

Trang Asp.


24/102


Thot nhn, on m trong trang execlogin.asp dng nh khng cha bt c mtl hng v an ton no. Ngi dng khng th ng nhp m khng c tn ngnhp v mt khu hp l. Tuy nhin, on m ny thc s khng an ton v l tin cho mt li SQL injection. c bit, ch s h nm ch d liu nhp vo tngi dng c dng xy dng trc tip cu lnh SQL. Chnh iu ny cho

php nhng k tn cng c th iu khin cu truy vns c thc hin.V d, nu ngi dng nhp chui sau vo trong c 2 nhp liuusername/password ca trang login.htm l: ' OR ' ' = ' '. Lc ny, cu truy vn sc gi thc hin l.SELECT * FROM T_USERS WHERE USR_NAME ='' OR ''='' andUSR_PASSWORD= '' OR ''=''.

Cu truy vn ny l hp l v s tr v tt c cc bn ghi ca T_USERS v on mtip theo x l ngi dng ng nhp bt hp php ny nh l ngi dng ngnhp hp l.

2.3.2. Dng tn cng s dng cu lnh SELECT.

Dng tn cng ny phc tp hn. thc hin c kiu tn cng ny, k tn cngphi c kh nng hiu v li dng cc s h trong cc thng bo li t h thng

d tm cc im yu khi u cho vic tn cng.Xt mtv d rt thng gp trongcc website v tin tc. Thng thng, s c mt trang nhn ID ca tin cn hin thri sau truy vn ni dung ca tin c ID ny.V d: http://www.myhost.com/shownews.asp?ID=123. M ngun cho chc nngny thng c vit kh n gin theo dng.


25/102


Trong cc tnh hung thng thng, on m ny hin th ni dungca tin c IDtrng vi ID ch nh v hu nh khng thy c li. Tuy nhin, ging nh v dng nhp trc, on m ny l s h cho mt li SQL injection khc. K tncng c th thay th mt ID hp l bng cch gn ID cho mt gi tr khc, v t ,

khi u cho mt cuc tn cng bt hp php, v d nh: 0 OR 1=1 (ngha l,http://www.myhost.com/shownews.asp?ID=0 or 1=1).

Cu truy vn SQL lc ny s tr v tt c cc article t bng d liu v n s thchin cu lnh:SELECT * FROM T_NEWS WHERE NEWS_ID=0 or 1=1.

2.3.4. Dng tn cng s dng cu lnh INSERT.Thng thng cc ng dng web chophp ngi dng ng k mt ti khon

tham gia. Chc nng khng th thiu l sau khi ng k thnh cng, ngi dng cth xem v hiu chnh thng tin ca mnh. SQL injection c th c dng khi hthng khng kim tra tnh hp l ca thng tin nhp vo.V d, mt cu lnh INSERT c th c c php dng: INSERT INTO TableNameVALUES ('Value One', 'Value Two', 'Value Three'). Nu on m xy dng culnh SQL cdng:


26/102


Th chc chn s b li SQL injection, bi v nu ta nhp vo trng th nht v dnh: ' + (SELECT TOP 1 FieldName FROM TableName) + '. Lc ny cu truyvn s l: INSERT INTO TableName VALUES(' ' + (SELECT TOP 1FieldName FROM TableName) + ' ', 'abc', 'def'). Khi , lc thc hin lnh xemthng tin, xem nh bn yu cu thc hin thm mt lnh na l: SELECTTOP 1 FieldName FROM TableName.

2.3.5. Dng tn cng s dng stored-procedures

Vic tn cng bng stored-procedures s gy tc hi rt ln nu ng dng cthc thi vi quyn qun tr h thng 'sa'. V d, nu ta thay on mtim vo dng:' ;EXEC xp_cmdshell cmd.exe dir C: '. Lc ny h thng s thc hin lnh lit kth mctrn a C:\ci t server. Vic ph hoi kiu no tu thuc vo cu lnhng sau cmd.exe.

2.3.6. Cch phng chng sql injection.

phng chng ta chai mc sau:- Kim sot cht ch d liu nhp vo.- Thit lp cu hnh an ton cho h qun tr c s d liu.


27/102


Kim sot cht ch d liu nhp vo: phng trnh cc nguy c c th xy ra,hy bo v cc cu lnh SQL l bng cch kim sot cht ch tt c cc d liunhp nhn c t i tng Request (Request, Request.QueryString,Request.Form, Request.Cookies, Request.ServerVariables). V d, c th gii hnchiu di ca chui nhp liu, hoc xy dng hm EscapeQuotes thay th ccdu nhy n bng hai du nhy n nh:

Trong trng hp d liu nhp vo l s, li xut pht t vic thay th mt gi trc tin on l d liu s bng chui cha cu lnh SQL bt hp php. trnhiu ny, n gin hy kim tra d liu c ng kiu hay khng bng hmIsNumeric().Ngoi ra c th xy dng hm loi b mt s k t v t kha nguyhim nh: ;, --, select, insert, xp_, ra khi chui d liu nhp t pha ngidng hn ch cc tn cng dng ny:


28/102


Thit lp cu hnh anton cho h qun tr c s d liu: Cn c c chkim sotcht ch v gii hn quyn x l d liu n ti khon ngi dng m ng dngweb ang s dng. Cc ng dng thng thng nn trnh dngn cc quyn nhdbo hay sa. Quyn cng bhn ch, thithi cng t. Ngoi ra trnh cc nguy ct SQL Injection attack, nn ch loi b bt k thng tin k thut no cha trongthng ip chuyn xung cho ngi dng khi ng dng c li. Cc thng bo lithng thng tit l cc chi tit k thut c th cho php k tn cng bit c imyu ca h thng.

2.4. Tn cng t chi dch v.

Gii thiu chung.


29/102


V c bn, tn cng t chi dch v ch l tn gi chung ca cch tn cng lm chomt h thng no b qu ti khng th cung cp dch v, hoc phi ngng hotng. Tn cng kiu ny ch lm gin on hot ng ca h thng ch rt t ckh nng thm nhp hay chim c thng tin d liu ca n.Ty theo phngthc thc hin m n c bit di nhiu tn gi khc nhau. Ban u l li dngs yu km ca giao thc TCP (Transmision Control Protocol) thc hin tncng t chi dch v c in DoS (Denial of Service), sau l tn cng t chidch v phntn DDoS (Distributed Denial of Service) v mi nht l tn cng tchi dch v theo phng php phn x DRDoS (Distributed Reflection Denial ofService). Theo thi gian, xut hin nhiu bin th tn cng DoS nh: BroadcastStorms, SYN, Finger, Ping, Flooding, vi mc tiu nhm chim dng cc ti

nguyn ca h thng (my ch) nh: Bandwidth, Kernel Table, Swap Space,Cache, Hardisk, RAM, CPU, lm hot ng ca h thng b qu ti dn nkhng th p ng c cc yu cu (request) hp l na.

Nh ni, tn cng DoS ni chung khng nguy him nh cc kiu tn cng khc ch n khng cho php k tn cng chim quyn truy cp h thng hay c quynthay i h thng. Tuy nhin, nu mt my ch tn ti m khng th cung cpthng tin, dch v cho ngi s dng, s tn ti l khng c ngha nn thit hi docc cuc tn cng DoS do my ch b nh tr hot ng l v cng ln, c bit l

cc h thng ph v cc giao dch in t. i vi cc h thng my ch c bomt tt, rt kh thm nhp vo th tn cng t chi dch v c cc hacker sdng nh l ccht trit h h thng .

2.4.1. SYN Attack

c xem l mt trong nhng kiu tn cng DoS c in (Denial of Service):Lidng s h ca th tc TCP khi bt tay ba chiu, mi khi client (my khch)mun thc hin kt ni (connection) vi server (my ch) th n thc hin vic bttay ba ln (three ways handshake) thng qua cc gi tin (packet).

- Bc 1:Client (my khch) s gi cc gi tin (packet cha SYN=1) nmy ch yu cu kt ni.


30/102


- Bc 2:Khi nhn c gi tin ny, server s gi li gi tin SYN/ACK thng bo cho client bit l n nhn c yu cu kt ni v chun b ti

nguyn cho vic yu cu ny. Server s ginh mt phn ti nguyn h thngnh b nh m (cache) nhn vtruyn d liu. Ngoi ra, cc thng tin

khc ca client nh a ch IP v cng (port) cng c ghi nhn.

- Bc 3:Cuicng, client hon tt vic bt tay ba ln bng cch hi m ligi tin cha ACK cho server v tin hnh kt ni.

Hnh 2.2: Qu trnh bt tay ba chiu ca TCP

Do TCP l th tc tin cy trong vic giao nhn (end-to-end) nn trong ln bt tayth hai, server gi cc gi tin SYN/ACK tr li li client m khng nhn li chi m ca client thc hin kt ni th n vn bo lu ngun ti nguyn chun bkt ni v lp li vic gi gi tin SYN/ACK cho client n khi no nhn chi p ca my client.im mu cht l y l lm cho client khng hi pcho Server, nhiu client nh th trong khi server vn ngy th lp li vic gi

packet v ginh ti nguyn ch ngi v trong lc ti nguyn ca h thngl c gii hn. Cc hacker s tm t ti gii hn .


31/102


Hnh 2.3: Qu trnh hacker thc hin tn cng

- Nu qu trnh ko di, server s nhanh chng tr nn qu ti, dn n tnhtrng crash (treo) nn cc yu cu hp l s b t chi khng th p ngc. C th hnh dung qu trnh ny cng ging nh khi my t nh c nhn(PC) hay b treo khi m cng lc qu nhiu chng trnhcng lc vy.

- Thng, gi a ch IP gi tin, cc hacker c th dng Raw Sockets(khng phi gi tin TCP hay UDP) lm gi mo hay ghi gi ln IP gcca gi tin. Khi mt gi tin SYN vi IP gi mo c gi n server, ncng nh bao gi tin khc, vn hp l i vi server v server s cp vng tinguyn cho ng truyn ny, ng thi ghi nhn ton b thng tin v gigi SYN/ACK ngc li cho Client. V a ch IP ca client l gi mo nns khng c client no nhn c SYN/ACK packet ny hi p cho mych. Sau mt thi gian khng nhn c gi tin ACK t client, server ngh

rng gi tin b tht lc nn li tip tc gi tip SYN/ACK, c nh th, cc ktni (connections) tip tc m.

- Nu nh k tn cng tip tc gi nhiu gi tin SYN n server th cui cngserver khng th tip nhn thm kt ni no na, d l cc yu cu ktni hp l. Vic khng th phc na cng ng ngha vi vic my ch


32/102


khng tn ti. Vic ny cng ng ngha vi xy ra nhiu tn tht do ngngtr hot ng, c bit l trong cc giao dch thng mi in t trc tuyn. y khng phi l kiu tn cng bng ng truyn cao, bi v ch cn mtmy tnh ni internet qua ng dial-up n gin cng c th tn cng kiuny.

2.4.2. Flood Attack

Mt kiu tn cng DoS na cng rt hay c dng v tnh n gin ca n v vc rt nhiu cng c sn c h tr c lc cho k tn cng l Flood Attack, ch yuthng qua cc website.V nguyn tc, cc website t trn my ch khi chy s tiu

lng ti nguyn my ch nht nh, nht l lng b nh (RAM) v b vi x l(CPU). Da vo vic tiu hao , nhng k tn cng n gin l dng cc phnmm nh smurf chng hn lin tc yu cu my ch phc v trang web chimdng ti nguyn. Cch tn cng ny tuy khng lm my ch ngng cung cpdch v hon ton nhng s lm cho tc phc v ca ton b h thng gimmnh, ngi dng s cm nhn r rng vic phi ch lu hn trang web hin ratrn mn hnh.Nu thc hin tn cng t v c s phi hp nhp nhng, phngthc tn cng ny hon ton c th lm t lit my ch trong mt thi gian di.

2.4.3. Tn cng t chi dch v kiu phn tn-DDdos.

Xut hin vo nm1999, so vi tn cng DoS c in, sc mnh ca DDoS caohn gp nhiu ln. Hu ht cc cuc tn cng DDoS nhm vo vic chim dng

bng thng (bandwidth) gy nghn mch h thng dn n h thng ngng hotng. thc hin th k tn cng tm cch chim dng v iu khin nhiu mytnh mng my tnh trung gian (ng vai tr zombie) t nhiu ni ng lot gio t cc gi tin (packet) vi s lng rt ln nhm chim dng ti nguyn v lm

trn ngp ng truyn ca mt mc tiu xc nh no .


33/102


Hnh 2.4: M hnh kiu tn cng phn tn DDOS

Theo cch ny th d bng thng c bao nhiu i chng na th cng khng th chung c s lng hng triu cc gi tin nn h thng khng th hot ng

c na v nh th dn n vic cc yu cu hp l khc khng th no c png, server s b vng khi internet.

Hnh 2.5: Cch m hacker thc hin tn cng DDos


34/102


C th nin ging nh tnh trng kt xe vo gi caoimvy. V d r nht l scng hng trong ln truy cp im thi H va qua khi c qu nhiu my tnhyu cu truy cp cng lc lm dung lng ng truyn hin ti ca my chkhng ti no p ng ni.Hin nay, xut hin dng virus worm c kh nngthc hin cc cuc tn cng DDoS. Khi b ly nhim vo cc my khc, chng st ng gi cc yu cu phc v n mt mc tiu xc nh no vo thi imxc nh chim dng bng thng hoc ti nguyn h thng my ch.

2.4.4. Tn cng t chi dch v phn x nhiu vng DRDOS.

Xut hin vo u nm 2002, l kiu tn cng mi nht, mnh nht trong h DoS.

Nu c thc hin bi k tn cng c tay ngh th n c th h gc bt c hthng no trn th gii trong pht chc. Mc tiu chnh ca DRDoS l chim otton b bng thng ca my ch, tc l lm tc nghn hon ton ng kt ni tmy ch vo xng sng ca Internet v tiu hao ti nguyn my ch. Trong sutqu trnh my ch b tn cng bng DRDoS, khng mt my khch no c th ktni c vo my ch . Tt c cc dch v chy trn nn TCP/IP nh DNS,HTTP, FTP, POP3,... u b v hiu ha.V c bn, DRDoS l s phi hp giahai kiu DoS v DDoS. N c kiu tn cng SYN vi mt my tnh n, va c s

kt hp gia nhiu my tnh chim dng bng thng nh kiu DDoS. K tncng thc hin bng cch gi mo a ch ca server mc tiu ri gi yu cu SYNn cc server ln nh Yahoo, Micorosoft,chng hn cc server ny gi cc gitin SYN/ACK n server mc tiu. Cc server ln, ng truyn mnh vtnh ng vai tr zoombies cho k tn cng nh trong DDoS.


35/102


Hnh 2.6: Tn cng phn x DRDOS

Qu trnh gi c lp li lin tc vi nhiu a ch IP gi t k tn cng, vi nhiuserver ln tham gia nn server mc tiu nhanh chng b qu ti, bandwidth bchim dng bi server ln. Tnh ngh thut l ch ch cn vi mt my tnh vimodem 56kbps, mt hacker lnh ngh c th nh bi bt c my ch no trong

giy lt m khng cn chim ot bt c my no lm phng tin thc hin tncng.

2.4.5. Tng kt tn cng dch v.

- Nhn chung, tn cng t chi dch v khng qu kh thc hin, nhng rtkh phng chng do tnh bt ng v thng l phng chng trong th bng khi s vic ri.

- Vic i ph bng cch tng cng phn cng cng l gii php tt, nhngthng xuyn theo di pht hin v ngn chn kp thi ci gi tin IP tcc ngun khng tin cy l hu hiu nht.

- Khi bn pht hin my ch mnh b tn cng hy nhanh chng truy tm ach IP v cm khng cho gi d liu n my ch.


36/102


- Dng tnh nng lc d liu ca router/firewall loi b cc packet khngmong mun, gim lng lu thng trn mng v ti ca my ch.

- S dng cc tnh nng cho php t rate limit trn router/firewall hn chs lng packet vo h thng.

- Nu b tn cng do li ca phn mm hay thit b th nhanh chng cp nhtcc bn sa li cho h thng hoc thay th.

- Dng mt s c ch, cng c, phn mm chng li TCP SYN Flooding.- Tt cc dch v khc nu c trn my ch gim ti v c th p ng tt

hn.- Nu c c th nng cp cc thit b phn cng nng cao kh nng p

ng ca h thng hay s dng thm cc my ch cng tnh nng khc

phn chia ti.Tm thi chuyn my ch sang mt a ch khc.


37/102


CHNG 3: CNG NGH MNG KHNGDY

3.1. Gii thiu v Wireless

Wireless l mt phng php chuyn giao t im ny n im khc m khngs dng ng truyn vt l, s dng radio, cell, hng ngoi v v tinh. Wireless

bt ngun t nhiu giai on pht trin ca thng tin v tuyn v ng dng inbo v radio.

3.2. Cc t chc chnh v knh truyn sng trong mng Wireless.

- Federal Communication Commission (FCC): FCC l mt t chc phichnh ph ca M , FCC quy nh ph tn s, v tuyn m mng WLAN cth hot ng , mc cng sut cho php v cc phn cng WLAN

- IEEE (Institute of Electrical and Electronic Engineers):Vin k s inv in t M. IEEE to ra cc chun tun th theo lut ca FCC.

- Wireless Ethernet Compatibility Allicance (WECA): Nhim v caWECA l chng nhn tnh tng thch ca cc sn phm Wi-fi (802.11).

-

UNLICENSED FREQUENCIES Bng tn ISM v UNII:FCC quy nhrng WLAN c th s dng bng tn cng nghip, khoa hc v y hc ISM (Industrial, Scientific, and Medical) chnh l bng tn min ph. Bng tn ISM

bao gm 900 Mhz, 2.4 Ghz, 5.8 Ghz v c rng khc nhau t 26Mhz n 150 Mhz. Ngoi bng tn ISM, FCC cng ch nh 3 bng tnUNII (Unlicenced National Information Infrastructure), mi bng tn nmtrong vng 5 Ghz v rng 100 Mhz.

- Direct Sequence Spread Spectrum (DSSS): L mt phng php truyn dliu trong h thng truyn v h thng nhn u s dng mt tp cc t ns c rng 22 MHz Channels: Knh 1 hot ng t 2.401 GHz n 2.423GHz (2.412 GHz +/- 11 MHz); knh 2 hot ng t 2.406 GHz n 2.429GHz (2.417 GHz +/- 11 MHz) Cc knh nm cnh nhau s trng lp vinhau mt lng ng k.


38/102


Hnh 3.1: Cc knh trong DSS

- Tri ph nhy tn FHSS: Trong tri ph nhy tn, tn hiu d liu cangi s dng c iu ch vi mt tn hiu sng mang. Cc tn s sngmang ca nhng ngi sdng ring bit c lm cho khc nhau theokiugi ngu nhin trong mt knh bng rng. D liu s c tch thnh cc

cm d liu kch thc ging nhau c pht trn cc tn s sng mang khcnhau. rng bng tn tc thi ca cc cm truyn dn nh hn nhiu sovi ton b rng bng tn tri ph.Ti bt k thi im no, mt tn hiunhy tn chim mt knh n tng i hp. Nu tc thay i ca tn ssng mang ln hn nhiu so vi tc k t th h thng c coi nh lmt h thng nhy tn nhanh. Nu knh thay i ti mt tc nh hn hoc

bng tc k t th h thng c gi l nhy tn chm.

3.3. Cc chun Wireless.

3.3.1. Cc chun ca 802.11.


39/102


IEEE: L t chc i tin phong trong lnh vc chun ha mng LAN vi nIEEE 802 ni ting bt u trin khai t nm 1980 v kt qu l hng lot chunthuc h IEEE 802.x ra i, to nn mt s hi t quan trng cho vic thit k vci t ccmng LAN trong thi gian qua. 802.11 l mt trong cc chun ca hIEEE 802.x bao gm h cc giao thc truyn tin qua mng khng dy. Trc khigii thiu 802.11 chng ta s cng im qua mt s chun 802 khc:

- 802.1: Cc Cu ni (Bridging), Qun l (Management) mng LAN, WAN802.2: iu khin kt ni logic.

- 802.3: Cc phng thc hot ng ca mng Ethernet.- 802.4: Mng Token Bus.- 802.5: Mng Token Ring.- 802.6: Mng MAN.- 802.7: Mng LAN bng rng.- 802.8: Mng quang.- 802.9: Dch v lung d liu.- 802.10: An ninh gia cc mng LAN.- 802.11: Mng LAN khng dy Wireless LAN.- 802.12: Phng phc u tin truy cp theo yu cu.- 802.13: Cha c.- 802.14: Truyn hnh cp.- 802.15: Mng PAN khng dy.- 802.16: Mng khng dy bng rng.

Chun 802.11 ch yu cho vic phn pht cc MSDU (n v d liu dch v caMAC) gia cc kt niLLC (iu khin lin kt logic).Chun 802.11 c chia lm hai nhm:

- Nhm lp vt l PHY- Nhm lp lin kt d liu MAC.

3.3.1.1. Nhm lp vt l PHY.

- Chun 802.11b: 802.11b l chun p ng cho phn ln cc ng dngca mng. Vi mt gii php rt hon thin, 802.11b c nhiu c im


40/102


thun li so vi cc chun khng dy khc. Chun 802.11b s dng kiu triph trc tip DSSS, hot ng di tn 2,4GHz, tc truyn d liu ti al 11 Mbps trn mt knh, tc thc t l khong t 4 -5 Mbps. Khongcch c th ln n 500 mt trong mi trng m rng. Khi dng chun nytia c 32 ngi dung im truy cp.y l chun c chp nhn rngri trn th gii v c trn khai rt mnh hin nay do cng ngh ny sdng di tn khng phi ng k cp php phc v cho cng nghip, dch v,y t.Nhc im ca 802.11b l hat ng di tn 2,4 GHz trng vi ditn ca nhiu thit b trong gia nh nh l vi sng , in thoi m con ... nnc th b nhiu.

- Chun 802.11a: Chun 802.11a l phin bn nng cp ca 802.11b, hotng di tn 5 GHz, dng cng ngh tri ph OFDM. Tc ti a t 25Mbps n 54 Mbps trn mt knh, tc thc t xp x 27 Mbps, dngchun ny ti a c 64 ngi dngim truy cp. y cng l chun cchp nhn rng ri trn th gii.

- Chun 802.11g: Cc thit b thuc chun ny hot ng cng tn s vichun 802.11b l 2,4 Ghz. Tuy nhin chng h tr tc truyn d liunhanh gp nm ln so vi chun 802.11b vi cng mt phm vi ph sng,tc l tc truyn d liu ti a ln n 54 Mbps, cn tc thc t l

khong 7-16 Mbps. Chun 802.11g s dng phng php iu ch OFDM,CCK Complementary Code Keying v PBCC Packet BinaryConvolutional Coding. Cc thit b thuc chun 802.11b v 802.11g honton tng thch vi nhau. Tuy nhin cn lu rng khi bn trn ln ccthit b ca hai chun vi nhau th cc thit b s hot ng theo chunno c tc thp hn.

- Chun 802.11n: Chun mi nht trong danh mc Wi-Fi chnh l 802.11n.y l chun c thit k ci thin cho 802.11g trong tng s bng

thng c h tr bng cch tn dng nhiu tn hiu khng dy v cc anten(cng ngh MIMO). Khi chun ny c a ra, cc kt ni 802.11n s htr tc d liu ln n 100 Mbps. 802.11n cng cung cp phm vi bao

ph tt hn so vi cc chun Wi-Fi trc n nh cng tn hiu mnh can. Thit b 802.11n s tng thch vi cc thit b 802.11g.


41/102


3.3.1.2. Nhm lin kt d liu MAC.

- Chun 802.11d: Chun 802.11d b sung mt s tnh nng i vi lp MACnhm ph bin WLAN trn ton th gii. Mt s nc trn th gii c quynh rt cht chv tn s v mc nng lng pht sng v vy 802.11d rai nhm p ng nhu cu . Tuy nhin, chun 802.11d vn ang trong qutrnh pht trin v cha c chp nhn rng ri nh l chun ca th gii.

- Chun 802.11e:y l chun c p dng cho c 802.11 a,b,g. Mc tiuca chun ny nhm cung cp cc chc nng v cht lng dch v - QoScho WLAN. V mt k thut, cng b sung mt s tnh nng cho lp con

MAC. Nh tnh nng ny, WLAN 802.11 trong mt tng li khng xa cth cung cp y cc dchv nh voice, video, cc dch v i hi QoSrt cao. Chun 802.11e hin nay vn ang trong qua trnh pht trin v chachnh thc p dng trn ton th gii.

- Chun 802.11f:y l mt b ti liu khuyn ngh ca cc nh sn xut cc Access Point ca cc nh sn xut khc nhau c th lm vic vi nhau.iu ny l rt quan trng khi quy m mng li t n mc ng k. Khi mi p ng c vic kt ni mng khng dy lin c quan, lin x

nghip c nhiu kh nng khng dng cng mt chng loi thit b.- Chun 802.11h:Tiu chun ny b sung mt s tnh nng cho lp con MAC

nhm p ng cc quy nh chu u di tn 5GHz. Chu u quy nh rngcc sn phm dng di tn 5 GHz phi c tnh nng kim sot mc nnglng truyn dn TPC - Transmission Power Control v kh nng t ngla chn tn s DFS - Dynamic Frequency Selection. La chn tn s Access Point gip lm gim n mc ti thiu can nhiu n cc h thngradar c bit khc.

- Chun 802.11i:y l chun b sung cho 802.11 a, b, g nhm ci thin vmt an ninh cho mng khng dy. An ninh cho mng khng dy l mt giaothc c tn l WEP, 802.11i cung cp nhng phng thc m ha v nhngth tc xc nhn, chng thc mi c tn l 802.1x. Chun ny vn angtrong giai on pht trin.


42/102


3.3.2. Giithiu mt s cng ngh mng khng dy.

- Cng ngh s dng sng hng ngoi:S dng nh sng hng ngoi l mtcch thay th cc sng v tuyn kt ni cc thit b khng dy, bc snghng ngoi t khong 0.75-1000 micromet. nh sng hng ngoi khngtruyn qua c cc vt chn sng, khng trong sut. V hiu sut nh snghng ngoi c rng bng tn ln, lm cho tn hiu c th truyn d liuvi tc rt cao, tuy nhin nh sng hng ngoi khng thch hp nh sngv tuyn cho cc ng dng di ng do vng ph sng hn ch. Phm vi phsng ca n khong 10m, mt phm v qu nh. V vy m n thng ng

dng cho cc in thoi di ng, my tnh c cng hng ngoi trao i thngtin vi nhau vi iu kin l t st gn nhau.

- Cng ngh Bluetooth: Bluetooth hot ng di tn 2.4Ghz, s dngphng thc tri ph FHSS. Trong mng Bluetooth, cc phn t c th ktni vi nhau theo kiu Adhoc ngang hng hoc theo kiu tp trung, c mtmy x l chnh v c ti a l by my c th kt ni vo. Khong cchchun kt ni gia hai u l 10 mt, n c th truyn qua tng, qua cc c v cng ngh ny khng i hi ng truyn phi l tm nhn thng

(LOS-Light of Sight). Tc d liu ti a l 740Kbps (tc ca dng bitlc tng ng khong 1Mbps. Nhn chung th cng ngh ny cn c gic cao.

- Cng ngh HomeRF:Cng ngh ny cng ging nh cng ngh Bluetooth,hot ng di tn 2.4GHz, tng bng thng ti a l 1,6Mbps v 650Kbpscho mi ngi dng. HomeRF cng dng phng thc iu ch FHSS. imkhc so vi Bluetooth l cng ngh HomeRF hng ti th trng nhiu hn.Vic b xung chun SWAP - Standard Wireless Access Protocol cho

HomeRF cung cp thm kh nng qun l cc ng dng multimedia mtcch hiu qu hn.- Cng ngh HyperLAN: HyperLAN High Performance Radio LAN theo

chun ca Chu u l tng ng vi cng ngh 802.11. HyperLAN loimt h tr bng thng 20Mpbs, lm vic di tn 5GHz. HyperLAN 2 cnglm vic trn di tn ny nhng h tr bng thng ln ti 54Mpbs. Cng


43/102


ngh ny s dng kiu kt ni hng i tng (connection oriented) h trnhiu thnh phn m bo cht lng, m bo cho cc ng dngMultimedia.

Hnh 3.2: Cc chun ca HyperLan

- Cng ngh Wimax: Wimax l mng WMAN bao ph mt vng rng lnhn nhiu mng WLAN, kt ni nhiu to nh qua nhng khong cch a lrng ln. Cng ngh Wimax da trn chun IEEE 802.16 v HiperMAN cho

php cc thit b truyn thng trong mt bn knh ln n 50km v tc truy nhp mng ln n 70 Mbps.

- Cng ngh WiFi: WiFi l mng WLAN bao ph mt vng rng hn mngWPAN, gii hn c trng trong cc vn phng, nh hng, gia nh, Cngngh WiFi da trn chun IEEE 802.11 cho php cc thit b truyn thng

trong phm vi 100m vi tc 54Mbps. Hin nay cng ngh ny kh phbin nhng thnh ph ln m c bit l trong cc qun cafe.

- Cng ngh 3G:3G l mng WWAN - mng khng dy bao ph phm phmvi rng nht. Mng 3G cho php truyn thng d liu tc cao v dunglng thoi ln hn cho nhng ngi dng di ng. Nhng dch v t both h k tip cng da trn cng ngh 3G.

- Cng ngh UWB:UWB (Ultra Wide Band) l mt cng ngh mng WPANtng lai vi kh nng h tr thng lng cao ln n 400 Mbps phm vi

ngn tm 10m. UWB s c li ch ging nh truy nhp USB khn g dy chos kt ni nhng thit b ngoi vi my tnh ti PC.

Cc Chun Mng 802.11A 802.11B 802.11G 802.11N

Bng Tn 5 GHZ 2.4 GHZ 2.4 GHZ 2.5GHZ -


44/102


5GHZ

Tc 54

Mbps

11Mbps 54 Mbps 300Mbps

Tng Hot ng 25-75 M 30-100 M 25-75 M 50-1253.4. Giithiu Wireless Lan

WLAN l mt loi mng my tnh nhng vic kt ni gia cc thnh phn trongmng khng s dng cc loi cp nh mt mng thng thng, mi trng truynthng ca cc thnh phn trong mng l khng kh. Cc thnh phn trong mng s

dng sng in t truyn thng vi nhau.

3.4.1. Lch s ra i.

- Cng ngh WLAN ln u tin xut hin vo cui nm 1990, khi nhng nhsn xut gii thiu nhng sn phm hot ng trong bng tn 900Mhz.

Nhng gii php ny (khng c thng nht gia cc nh sn xut) cungcp tc t truyn d liu 1Mbps, thp hn nhiu so vi tc 10Mbps ca

hu ht cc mng s dng cp hin thi.- Nm 1992, nhng nh sn xut bt u bn nhngsn phm WLAN s dng

bng tn 2.4Ghz. Mc du nhng sn phm ny c tc truyn d liucao hn nhng chng vn l nhng gii php ring ca mi nh sn xutkhng c cng b rng ri. S cn thit cho vic hot ng thng nhtgia cc thit b nhng dy tn s khc nhau dn n mt s t chc btu pht trin ra nhng chun mng khng dy chung.

- Nm 1997, Institute of Electrical and Electronics Engineers(IEEE) phchun s ra i ca chun 802.11, v cng c bit vi tn gi WIFI(Wireless Fidelity) cho cc mng WLAN. Chun 802.11 h tr ba phng

php truyn tn hiu, trong c bao gm phng php truyn tn hiu vtuyn tn s 2.4Ghz.


45/102


- Nm 1999, IEEE thng qua hai s b sung cho chun 802.11 l cc chun802.11a v 802.11b (nh ngha ra nhng phng php truyn tn hiu). Vnhng thit b WLAN da trn chun 802.11b nhanh chng tr thnhcng ngh khng dy vt tri. Cc thit b WLAN

- 802.11b truyn pht tn s 2.4Ghz, cung cp tc truyn d liu c thln ti 11Mbps. IEEE 802.11b c to ra nhm cung cp nhng c imv tnh hiu dng, thng lng (throughput) v bo mt so snh vi mngc dy.

- Nm 2003, IEEE cng b thm mt s ci tin l chun 802.11g m c thtruyn nhn thng tin c hai dy tn 2.4Ghz v 5Ghz v c th nng tc truyn d liu ln n 54Mbps. Thm vo , nhng snphm p dng

802.11g cng c th tng thch ngc vi cc thit b chun 802.11b. Hinnay chun 802.11g t n tc 108Mbps-300Mbps.

- Nm 2009, ng nh d kin, cui cng T chc IEEE cng thng quachun Wi-Fi th h mi - 802.11n sau su nm thnghim. Chun 802.11nWi-Fi c kh nng truyn d liu tc 300Mbps, hay thm ch c th caohn.

- Trn thc t, 802.11n Wi-Fi xut hin cch y by nm nhng mt mtnm u tin nghin cu v nh gi. Chun chthc s c th nghim

trong su nm qua, v trong tng y nm 802.11n Wi-Fi c ti hng chcphin bn th nghim khc nhau.

Thng tin trn c cng bbi Ch tch nhm 802.11n Task Group, BruceKraemer. Nhm ny gmphn ln cc nh sn xut chip Wi-Fi ln trn th gii,cc nh pht trin phn mm, v nh sn xut thitb gc. Theo Hip hi Wi-FiAlliance, huht cc thitb khng dy hin nay u c th nng cp ln phin

bn Wi-Fi Certified N thng qua vic nng cp firmware.

3.4.2. u im ca WLAN.- S tin li: Mng khng dy cng nh h thng mng thng thng. N cho

php ngi dng truy xut ti nguyn mng bt k ni u trong khu vcc trin khai (nh hay vn phng). Vi s gia tng s ngi s dng mytnh xch tay (laptop), l mt iu rt thun li.


46/102


- Kh nng di ng: Vi s pht trin ca cc mng khng dy cng cng,ngi dng c th truy cp Internet bt c u. Chng hn cc qunCafe, ngi dng c th truy cp Internet khng dy min ph.

- Hiu qu: Ngi dng c th duy tr kt ni mng khi h t ni ny n nikhc.

- Trin khai: Vic thit lp h thng mng khng dy ban u ch cn t nhtmt access point. Vi mng dng cp, phi tn thm chi ph v c th gpkh khn trong vic trin khai h thng cp nhiu ni trong ta nh.

- Kh nng m rng: Mng khng dy c th p ng tc th khi gia tng slng ngi dng. Vi h thng mng dng cp cn phi gn thm cp.

3.4.3. Nhc im ca WLAN.

- Bo mt: Mi trng kt ni khng dy l khng kh nn kh nng b tncng ca ngi dng l rt cao.

- Phm vi: Mt mng chun 802.11g vi cc thit b chun ch c th hotng tt trong phm vi vi chc mt. N ph hp trong mt cn nh, nhngvi mt ta nh ln th khng p ng c nhu cu. p ng cn phimua thm Repeater hay access point, dn n chi ph gia tng.

-

tin cy: V s dng sng v tuyn truyn thng nn vic b nhiu, tnhiu b gim do tc ng ca cc thit b khc (l vi sng.) l khng trnhkhi. Lm gim ng k hiu qu hot ng ca mng.

- Tc : Tc ca mng khng dy (1- 125 Mbps) rt chm so vi mng sdng cp (100Mbps n hng Gbps).

3.4.4. Cc m hnh mng WLAN.

Mng 802.11 linh hot vthitk, gm ba m hnh mng sau:- M hnh mngc lp (IBSSs) hay cn gi l mng AdHoc.- M hnh mng cs(BSSs).- M hnh mng mrng (ESSs).

M hnh mng AD HOC (Independent Basic Service sets (BSSs ): Mng Ad-


47/102


hoc l: Cc nt di ng(my tnh c h tr card mng khng dy) tp trung litrong mt khng gian nh hnh thnh nn kt ni ngang cp (peer-to-peer) giachng. Cc nt di ng c card mng wireless l chng c th trao i thng tintrc tip vi nhau, khng cn phi qun tr mng. V cc mng ad -hoc ny c ththc hin nhanh v d dng nn chng thng c thit lp m khng cn mtcng c hay k nng c bit no v vy n rt thch hp s dng trong cc hingh thng mi hoc trong cc nhm lm vic tm thi. Tuy nhin chng c thc nhng nhc im v vng ph sng b gii hn, mi ngi s dng u phinghe c ln nhau.

Hnh 3.3: M hnh mng Adhoc

M hnh mng c s(Basic service sets (BSSs)): Baogm cc im truy nhp AP(Access Point) gn vi mng ng trc hu tuyn v giao tip vi cc thit b ding trong vng ph sng ca mt cell. AP ng vai tr iu khin cell v iukhin lu lng ti mng. Cc thit b di ng khng giao tip trc tip vi nhau

m giao tip vi cc AP. Cc cell c th chng ln ln nhau khong 10 n15 %cho php cc trm di ng c th di chuyn m khng b mt kt ni v tuyn vcung cp vng ph sng vi chi ph thp nht. Cc trm di ng s chn AP ttnht kt ni. Mt im truy nhp nm trung tm c th iu khin v phn

phi truy nhp cho cc nt tranh chp, cung cp truy nhp ph hp vi mng


48/102


ng trc, n nh cc a ch v cc mc u tin, gim st lu lng mng, qunl chuyn i cc gi v duy tr theo di cu hnh mng. Tuy nhin giao thc a truynhp tp trung khng cho php cc nt di ng truyn trc tip ti nt khc nmtrong cng vng vi im truy nhp nh trong cu hnh mng WLAN c lp.Trong trng hp ny, mi gi s phi c pht i hailn (t nt pht gc v sau l im truy nhp) trc khin ti nt ch, qu trnh ny s lm gim hiu qutruyn dn v tng tr truyn dn.

Hnh 3.4: M hnh mng c s

M hnh mng mrng (Extended Service Set (ESSs)): Mng 802.11 m rngphm vi di ng ti mt phm vi bt k thng qua ESS. Mt ESSs l mt tp hpcc BSSs ni m cc Access Point giao tip vi nhau chuyn lu lng t mtBSS ny n mt BSS khc lm cho vic di chuyn d dng ca cc trm gia

cc BSS, Access Point thc hin vic giao tip thng qua h thng phn phi. Hthng phn phi l mt lp mng trong mi Access Point m n xc nh ch ncho mt lu lng c nhn t mt BSS. H thng phn phi c tip sng trli mt ch trong cng mt BSS, chuyn tip trn h thng phn phi ti mtAccess Point khc, hoc gi ti mt mng c dy ti ch khng nm trong ESS.


49/102


Cc thng tin nhn bi Access Point t h thng phn phi c truynti BSS sc nhn bi trm ch.

3.4.5. Cc thit b phtr WLAN.

RF Amplifier (B khuch i). RF Attennuator (B suy hao). Lightning Arrestor (B thu st). RF Connector (u ni RF). RF Cable. RF Splitter (b tch RF).3.4.6. WireLess Access Point

L mt thit b ngoi vi dng thu pht tn hiu, truyn ti thng tin gia cc thitb Wireless, v mng dng dy. Th trng ph bin l Access Point chun B(11MB/s) chun G (54MB/s) chun Super G (108MB/s) dung cng ngh MIMO(Multi InputMulti Output), v chun N l chun c tc cao nht hin nay vitc ln ti 300MB/s. Access Point c ba ch c bn:

Ch gc (Root Node): L kiu thng dng nht, khi Access Point (AP) kt nitrc tip ti mng dy thng thng, trong ch Root mode, AP kt ni nganghng vi cc on mng dy khc v c th truyn ti thng tin nh trong mtmng dng dy bnh thng.


50/102


Hnh 3.5: Ch gc

Ch lp (Repeater Mode):AP trong ch repeater kt ni vi client nh mtAP v kt ni nh 1 client vi AP server.Ch Repeater thng c s dng m rng vng ph sng nhng 1 im yu ca ch Repeater l phm vi phsng ca hai AP b trng lp t nht 50%.M hnh di y s din t ch Repeater.

Hnh 3.6: Ch lp


51/102


Ch cu ni (Bridge Mode):Ch Bridge mode thngc s dng khimun kt ni haion mngc lp vi nhau.

Hnh 3.7: Ch cu ni

3.4.7. M hnh thc t ca mng WLAN.

- M hnh mng khng dy kt ni vi mng c dy: Trn thc t th c rtnhiu m hnh mng khng dy t mt vi my tnh kt ni Adhoc n mhnh WLAN, WWAN, mng phc hp. Sau y l hai loi m hnh kt nimng khng dy ph bin, t hai m hnh ny c th kt hp to ra nhium hnh phc tp, a dng khc. AP s lm nhim v tp trung cc kt nikhng dy, ng thi n kt ni vo mng WAN (hoc LAN) thng qua giaodin Ethernet RJ45, phm vi hp c th coi AP lm nhim v nh mtrouter nh tuyn gia hai mng ny.


52/102


WAN

Access

Point

Wireless Station

Wireless Station

`

Wireless

Network

Wireline

Network

Hnh 3.7: M hnh mng khng dy kt ni vi mng c dy

- Hai mng c dy kt ni vi nhau bng kt ni khng dy:Kt ni khngdy gia hai u ca hai mng WAN s dng thit b Bridge lm cu ni, cth kt hp s dng cho thupht nh truyn sng viba. Khi khong cchgia hai u kt ni c th t vi trm mt n vi chc km ty vo loi thit

b cu ni khng dy.

Wireless NetworkWAN

Wireline Network

BridgeBuilding

WAN

Wireline Network

BridgeBuilding

Hnh 3.8: M hnh hai mng khng dy kt ni vi nhau

3.4.8. Mt s c ch trao i thng tin trong WLAN

C ch CSMA-CA:Nguyn tc c bn khi truy cp ca chun 802.11 l s dngc ch CSMA-CA vit tt ca Carrier Sense Multiple Access Collision Avoidance

a truy cp s dng sng mang phng trnh xung t. Nguyn tc ny gn gingnh nguyn tc CSMA- CD (Carrier Sense Multiple Access Collision Detect) cachun 802.3 (cho Ethernet). im khc y l CSMA-CA n s ch truyn dliu khi bn kia sn sng nhn v khng truyn, nhn d liu no khc trong lc ,y cn gi l nguyn tc LBT listening before talking nghe trc khi ni


53/102


Trc khi gi tin c truyn i, thit b khng dy s kim tra xem c cc thitb no khc ang truyn tin khng, nu ang truyn, n s i n khi no cc thitb kia truyn xong th n mi truyn. kim tra vic cc thit b kia truynxong cha, trong khi i n s hi thm d u n sau cc khong thi giannht nh.

C ch RTS/CTS: gim thiu nguy xung t do cc thit b cng truyn trongcng thi im, ngi ta s dng c ch RTS/CTS Request To Send/ Clear ToSend. V d nu AP mun truyn d liu n STA, n s gi 1 khung RTS nSTA, STA nhn c tin v gi li khung CTS, thng bo sn sng nhn d liut AP, ng thi khng thc hin truyn d liu vi cc thit b khc cho n khi

AP truyn xong cho STA. Lc cc thit b khc nhn c thng bo cng stm ngng vic truyn thng tin n STA. C ch RTS/CTS m bo tnh sn snggia 2 im truyn d liu v ngn chn nguy c xung t khi truyn d liu.

C ch ACK: ACK Acknowledging l c ch thng bo li kt qu truyn dliu. Khi bn nhn nhn c d liu, n s gi thng bo ACK n bn gi bo l nhn c bn tin ri. Trong tnh hung khi bn gi khng nhn c ACK ns coi l bn nhn cha nhn c bn tin v n s gi li bn tin . C ch ny

nhm gim bt nguy c b mtd liu trong khi truyn gia haiim.

3.5. Tng ktchng

Qua chng ny chng ta bit c cu trcc bnca mt mng WLAN vcc cng ngh thng c dng.Cng nh cc t chc chnh trong WLAN ctrch nhim phn phi qui nh cch thc hot ng ca cc chun WLAN. Bncnh chng ta cng c tm hiu cc chun 802.11, u nhc im camng WLAN. Bit c cc m hnh mng WLAN cn bn trn c s gip

chng ta c phn no khi c nh xy dng mt m hnh mng khng dy choc nhn hay mt doanh nghip va v nh.


54/102


CHNG 4: BO MT MNG KHNG DY4.1. Cch thctin hnhbo mt cho WLAN

Do nng cp ln t h thng mng c dy truyn thng ln h thng mngkhng dy nn c chbo mt ny sinh ra nhng vn mi cn c giiquyt.V l h thng mng khng dy nn khng ch nhn vin trong cng ty c ths dng m k c ngi ngoi cng c th d dng t nhp vo h thng nu h cthit b thu sng wireless. gii quyt vn ny, ta cn phi thit lp cc c ch

bo mt cho h thng mng khng dy ca cng ty. cung cp mt phng thcbo mt ti thiu cho mt mng WAN th ta cn c hai thnh phn sau:

- Mt cch thc quyt nh ai hay ci g c th s dng WLAN: Yucu ny c tha mn bng c ch xc thc (authentication).

- Mt phng thc cung cp tnh ring t cho d liu khng dy: Yucu ny c tha mn bng mt thut ton (encryption).

Bo mt mng khng dy bao gm c chng thc v m ha. Nu ch c mt cch duy nht th khng bo m an ton cho mng khng dy.

Hnh 4.1: iu kin bo mt cho WLAN


55/102


4.2. C ch chngthc

Chng thc c ngha l chng nhn, xc thc s hp php ca mt ngi, mt

qu trnh tham gia, s dng no qua cc phng thc, cng c nh mkha, cha kha, ti khon, ch k, vn tayQua c th cho php hoc

khng cho php cc hot ng tham gia, s dng. Ngi c quyn tham gia,s dng s c cpmt hay nhiu phng thc chng nhn, xc thc trn.

Trong mt mng khng dy, gi s l s dng mt AP lin kt cc my tnh livi nhau, khi mt my tnh mi mun gia nhp vo mng khng dy , n cn

phi kt ni vi AP. chng thc my tnh xin kt ni , c nhiu phng phpAP c s dng nh MAC Address, SSID, WEP, RADIUS,EAP.

4.2.1. Nguyn l RADIUS SERVER

Vic chng thc ca 802.1x c thc hin trn mt server ring, server ny squn l cc thng tin xc thc ngi s dng nh tn ng nhp (username),mt khu (password), m s th, du vn tay, .. Khi ngi dng gi yu cu chngthc, server ny s tra cu d liu xem ngi dng ny c hp l khng, ccp quyn truy cp n mc noNguyn l ny c gi l RADIUS (Remote

Authentication Dialin User Service) Server My ch cung cp dch v chngthc ngi dng t xa thng qua phng thc quay s. Phng thc quay s xuthin t ban u vi mc ch l thc hin qua ng in thoi, ngy nay khngch thc hin qua quay s m cn c th thc hin trn nhngng truyn khcnhng ngi ta vn gi tn RADIUS nh xa.Cc qu trnh lin kt v xc thc c tin hnh nh m t trong hnh trn, vthc hin theo cc bc sau:


56/102



57/102


Hnh 4.2: Hot ng ca Radius ServerCc bc thc hin nh sau:

My tnh Client gi yu cu kt ni n AP. AP thu thp cc yu cu ca Client v gi n RADIUS server. RADIUS server gi n Client yu cu nhp user/password. Client gi user/password n RADIUS Server. RADIUS server kim tra user/password c ng khng, nu ng th

RADIUS server s gi cho Client m kha chung. ng thi RADIUS server cng gi cho AP m kha ny v ng thi thng

bo vi AP v quyn v phm vi c php truy cp ca Client ny.

Client v AP thc hin trao i thng tin vi nhau theo m kha c cp. nng cao tnh bo mt, RADIUS Server s to ra cc kha dng chung khcnhau cho cc my khc nhau trong cc phin lm vic (session) khc nhau, thmch l cn c c ch thay i m kha thng xuyn theo nh k. Khi nim

kha dng chung lc ny khng phi ch vic dng chung ca cc my tnhClient m ch vic dng chung gia Client v AP.

4.2.2. Giao thc chng thc m rng EAP


58/102


m bo an ton trong qu trnh trao i bn tin chng thc gia Client v APkhng b gii m trm, sa i,ngi ta a ra EAP (Extensible AuthenticationProtocol)giao thc chng thc m rng trn nn tng ca 802.1x.Giao thc chng thc m rng EAP l giao thc h tr, m bo an ninh trong khitrao i cc bn tin chng thc gia cc bn bng cc phng thc m ha thngtin chng thc. EAP c th h tr, kt hp vi nhiu phng thc chng thc cacc hng khc nhau, cc loi hnh chng thc khc nhau v d ngoi user/passwordnh chng thc bng c im sinh hc, bng th chip, th t, bng kha cngkhai, vv...Kin trc EAP c bn c ch ra hnh di y, n c thit k vn hnh trn bt c lp ng dn no v dng bt c cc phng php chngthc no.

Hnh 4.3: Kin trc EAP c bn

Hnh 4.4: Bn tin EAPCc trng ca bn tin EAP:

- Code: Trng u tin trong bn tin, l mt byte di v xc nh loi bn tinca EAP. N thng c dng th hin trng d liu ca bn tin.

- Identifier: L mt byte di. N bao gm mt s nguyn khng du cdng xc nh cc bn tin yu cu v tr li. Khi truyn li bn tin th vnl cc s identifier , nhng vic truyn mi th dng cc s identifier mi.


59/102


- Length: C gi tr l 2 byte di. N chnh l chiu di ca ton b bn tinbao gm cc trng Code, Identifier, Length, v Data.

- Data: L trng cui cng c di thay i. Ph thuc vo loi bn tin,trng d liu c th l cc byte khng. Cch th hin ca trng d liuc da trn gi tr ca trng Code.

4.3. Tngquan v m haC ch m ha d liu da trn nhng thut ton mt m (cipher) lm cho d liuxut hin theo dng ngu nhin. C hai loi mt m:

+ Mt m dng (stream cipher).+ Mt m khi (block cipher).

C hai loi mt m ny hot ng bng cch cch sinh ra mt chui kha (keystream) t mt gi tr kha b mt. Chui kha sau c trn vi d liu ( dngcha m ha gi l plaintext) sinh ra d liu c m ha hay cn gi lciphertext. Hai loi mt m trn khc nhau v kch thc ca d liu m chng thaotc ti mt thi im.

4.3.1. Mt m dng

Mt m dng pht sinh chui kha lin tc da trn gi tr kha. V d, mt mt m

dng c th sinh ra mtchui di 15 byte m ha mt khung v mtchui khakhc di 200 byte m ha mt khung khc. Hnh 1 minh ha hot ng ca mtm dng. Mt m dng kh nh v mt thut ton m ha rt hiu qu, kt qu ln khng s dng nhiu CPU. Mt m dng ph bin l RC4, chnh l nn tng cathut ton WEP.


60/102


Hnh 4.3: Hot ng ca mt m dng

4.3.2. Mt m khi

Mt mt m khi sinh ra sinh ra mtchui kha duy nht v c kch thc c nh,

chui k t cha m ha (plaintext) s c phn mnh thnh nhng khi (block)v mi khi s c trn vi mt chui kha c lp. Nu nh khi plaintext lnh hn khi chui kha th plaintext s c m thm vo c kch thc thchhp. Hnh 2 minh ha hot ng ca ca mt m khi. Tin trnh phn mnh cngvi cc thoa tc khc ca mt m khi s lm tiu tn nhiu ti nguyn CPU hn lmt m dng. Kt qu l mt m khi s lm gim thng lng ca thit b.Tin trnh m ha c m t y ca mt m dng v mt m khi c gi lch m ha khi m ha t ECB ( Electronic Code Block). Ch m ha ECB

c c im l cng mt u vo plaintext s lun sinh ra cng mt u raciphertext. Yu t ny chnh l mt nguy c bo mt tim tng bi v nhng knghe ln c th nhn thy c dng ca ciphertext c th on c plaintext banu.


61/102


Hnh 4.4: Hot ng ca mt m khiMt s k thut m ha c th khc phc vn ny bao gm:

- Vector khi to IV (Initialization vector).- Ch phn hi (FeedBack).


62/102


Hnh 4.5: M ha vectkhi toMt vector khi to IV l mt s c cng thm vo kha, kt qu cui cng lthay i chui kha. IV s c ni vo vo kha trc khi chui kha c sinhra. Mi khi IV thay i th chui kha cng thay i theo. Hnh 4 .6 minh ha haitrng hp:

- Th nht, m ha mt m dng khng s dng IV. Trong trng hp ny th dliu planintext khi trn vi chui kha 12345 s lun lun sinh ra ciphertext lAHGHE.

- Th hai, m ha s dng IV. Trong trng hp ny th chui kha s c nhng gitr khc nhau khi IV thay i, kt qu s c ciphertext khc nhau.

Ch phn hi: Ch phn hi (feedback) sa itin trnh m ha trnhmt vic plaintext sinh ra trong cng mt ciphertext trong sut qu trnh m ha.Ch phn hi thng c s dng vi mt m khi.

4.4. Cc phng thc bo mt trong WLAN

4.4.1.Bo mt bng WEP


63/102


Phng thc chng thc qua SSID kh n gin, chnh v vy m n cham bo c yu cu bo mt, mt khc n ch n thun l chng thc m

cha c m ha d liu. Do chun 802.11 a ra phng thc mi lWEP. WEP c th dch l chun bo mt d liu cho mng khng dy mc tng ng vi mng c dy, l phng thc chng thc ngi dng v mha ni dung d liu truyn trn mng LAN khng dy (WLAN).N da trnmt m dng i xng (symmetric) RC4. c im i xng ca RC4 yu cu

kha WEP phi khp nhau gia Access Point (AP) v client . WEP l mtthut ton m ha c s dng bi tin trnh xc thc ngi dng v m ha

d liu trn phn on mng khng dy ca mng LAN. Chun 802.11 yucu s dng WEP nh l phng thc bo mt cho mng khng dy.

Hnh 4.6: Khung c m ha bi WEPWEP l mt thut ton n gin s dng b pht sinh s ngu nhin PRNG(Pseudo-Random Number Generator) v mt m dng RC4. RC4 thuc s huthng mi ca RSADSL. Mt m dng RC4 l kh nhanh m ha v gii m,


64/102


v th m n tit kim c CPU, RC4 cng n gin cc nh phn mm lptrnh n vo trong sn phm ca mnh. trnh ch ECB trong qu trnh m ha, WEP s dng 24 bit IV, n c nivo kha WEP trc khi s l bi RC4. Hnh 4 m t mt khung c m ha

bi WEP c s dng IV.IV thay i theo tng khung (per-frame basis) trnhhin tng xung t. Xung t IV xut hin khi s dng cng mt IV v khaWEP kt qu l cng mt chui kha c to ra s dng m ha khung.Xung t ny gip hacker on c d liu plaintext bng cch nhn vo tnhtng t trong chui ciphertext. Vic s dng IV l ngn chn trng hp ny,v th m chng ta nn thay i thng xuyn thay i IV.Hu nh cc nh snxut u h tr tnh nng thay i IV theo tng khung (per-frame IV) cho cc sn

phm ca mnh. c t 802.11 yu cu kha WEP (c cu hnh th cng trnAP v cc thit b client) phi khp vi nhau th chng mi truyn thng c. Chng ta c th nh ngha ln bnkha WEP trn mt thit b. Nhng mi thiim chng ta c th s dng mt kha WEP duy nht m ha cc khung phtra. M ha WEP ch c s dng cho cc khung d liu trong sut tin trnh xcthc kha chia s. WEP m ha nhng trng hp trong khung d liu:

- Phn d liu (payload).- Gi tr kim tra tnh ton vn ICV (Integrity Check Value).

Tt c cc trng hp khc c truyn m khng c m ha. Gi tr IV phic gi m khng m ha cho trm nhn c th s dng n gii m phn dliu v ICV. Chi tit tin trnh m ha, truyn, nhn v gii m ca mt khung dliu.


65/102


Hnh 4.7: Tin trnh m ha v gii m

Ngoi vic m ha d liu th chun 802.11 cng cung cp mt gi tr 32 bit cchc nng kim tra tnh ton vn ca khung. Vic kim tra ny cho trm thu bit


66/102


rng khung nhn m khng c li no xy ra trong qu trnh truyn. Nu bsung cho chc nng FCS (Frame CheckSecquence) ca lp mt v lp hai. FCSc thit k kim tra li lin quan n vic truyn d liu. ICV(Integrity checkvalue) c tnh ton da trn tt c cc trng trong khung s dng CRC -32(Cyclic Redundancy Check32). Trm pht s tnh ton gitr v t gi tr v ktqu vo trong trng ICV. ICV s c bao gm trong phn c m ha biWEP ca khung, v th chng khng nhn thy c bi nhng k nghe ln. Trmthu s gii m khung, tnh ton gi tr ICV v so snh gi tr ICV c trm phttnh ton trong khung nhn c. Nu trong hai gitr trng nhau th khung cxem nh cha c thay i hay gimo.

Hnh 4.8: Hot ng ca ICV4

Tm li ta c s phng thc chng thc wepgia client v APnh sau:


67/102


Hnh 4.9: Qu trnh chc thc gia Client v AP

Cc bc c th nh sau:

- Bc 1:Client gi n AP yu cu xin chng thc.- Bc 2:AP s to ra mt chui mi kt ni (challenge text) ngu nhin gi

n Client.- Bc 3:Client nhn c chui ny ny s m ha chui bng thut ton

RC4 theo m kha m Client c cp, sau Client gi li cho AP chui m ha.

- Bc 4:AP sau khi nhn c chui m ha ca Client, n s gii m libng thut ton RC4 theo m kha cp cho Client, nu kt qu ging vichui ban u m n gi cho Client th c ngha l Client c m khangv AP s chp nhn qu trnh chng thc ca Client v cho php thchin kt ni.


68/102


4.4.1. u v nhc im ca WEP

u im ca WEP:- C th a ra rng ri, trin khai n gin.- M ha mnh.- Kh nng t ng b.- Ti u tnh ton, hiu qu ti nguyn b vi x l.- C cc la chn b xung thm.

Nhc im ca WEP:- Rt n gin, cc kho m ho ny d dng b "b gy" bi thut ton brute-

force v kiu tn cng th li (trial-and-error). Cc phn mm min ph nh

Airsnort hoc WEP Crack s cho php hacker c th ph v kho m honu h thu thp t 5 n 10 triu gi tin trn mt mng khng dy. Vinhng kho m ho 128 bit cng khng kh hn: 24 bit cho khi to m honn ch c 104 bit c s dng m ho, v cch thc cng ging nh mho c di 64 bitnn m ho 128 bit cng d dng b b kho.

- Ngoi ra, nhng im yu trong nhng vector khi to kho m ho gip chohacker c th tm ra mt khu nhanh hn vi t gi thng tin hn rt nhiu.

- Ch c chng thc mt chiu: Client chng thc vi AP m khng c chngthc tnh hp php ca AP vi Client

- WEP cn thiu c ch cung cp v qun l m kha. Khi s dng kha tnh,nhiu ngi dng kha dng chung trong mt thi gian di. Bng my tnhx l tc cao hin nay k tn cng cng c th bt nhng bn tin m hany gii m ra m kha m ha mt cch n gin. Nu gi s mt mytnh trong mng b mt hoc b nh cp s dn n nguy c l kha dngchung m cc my khc cng ang dng. Hn na, vic dng chungkha, th nguy c lu lng thng tin b tn cng nghe trm s cao hn.

4.4.2. Bo mt bng WPA/WPA2.

T chc Lin minh cc nh sn xut ln v thit b wifi Wifi Alliance, cthnh lp gip m bo tnh tng thch gia cc sn phm wifi ca cc hngkhc nhau.Nhm ci thin mc an ton v mt thng tin trong mng 802.11 mkhng cn yu cu nng cp phn cng, Wifi Alliance thng qua TKIP nh mt


69/102


tiu chun bo mt cn thit khi trin khai mng li c cp chng nhn Wifi.Kiu bo mt ny c gi vi tn l WPA. WPA ra i trc khi chun IEEE802.11i2004 c chnh thc thng qua. N bao gm vic qun l kha v qu

trnh xc thc.Tip sau , WPA2 c a ra, nh mt tiu chun bo mt bm st hn theochun 802.11i ca IEEE. im khc bit ln nht gia WPA v WPA2 l thay vs dng AES m bo tnh bo mt v ton vn d liu th WPA dng TKIP chovic m ha v thut ton Michael cho vic xc thc trn tng gi d liu.Mi phin bn ca WPA u c chia thnh hai loi: Personal dnh cho h gianh v vn phng quy m nh, Enterprise dnh cho doanh nghip ln c c s htng mng y . im khc bit duy nht ng k gia hai loi ny l hnh thcc c kha PMK. Vi Personal, kha PMK sinh ra t kha tnh c nhp vo

th cng trn AP v cc STA. R rng cch lm ny l khng kh thi i vi ccmng li c quy m ln. Do trong Enterprise, kha PMK nhn c t qutrnh xc thc IEEE 802.1X/EAP. Vic cp pht kha ny l hon ton t ng vtng i an ton. Sau khi xc thc ln nhau ri, STA v my ch xc thc xydng kha PMK da trn cc thng tin bit. Kha ny l ging nhau trn cSTA v my ch xc thc. My ch xc thc s tin hnh sao chp mt bn khaPMK ny ri gi v cho AP. Lc ny, c AP v STA u nhn c kha PMK

ph hp. Trong thc t, my ch xc thc thng c s dng l my chRADIUS.

So snh gia WEP, WPA v WPA2

WEP WPA WPA2L thnh phn ty chntrong chun IEE802.11

Tiu chun an ninh caWifi Alliance t ra

Tng t WPA

Kha WEP c cu hnhth cng trn AP v STA

Khuyn ngh nn s dngxc thc 802.1X/EAP nhn kha t ng. C htr ci t kha th cng

nh WEP

Tng t WPA

S dng m ha dng Tng t WEPS dng m ha khi

c s dng m hadng TKIP

M ha trn tng gi tinda vo vic thay i gi

S dng phng php mha v tin tin hn qu

Tng t WPA


70/102


tr IV, gi tr ny c k thp trc tip vi PMK to

thnh kha

trnh to kha c thngqua kha trung gian PTK

di kha nh 64 bithay 128 bit

di kha ln k t hpnhiu thnh phn thng

tin sinh khaTng t WPA

S dng thut ton CRC kim tra tnh ton vnnn mc bo mt thp

S dng thut tonMichael tnh ton ram MIC. C tin cy

hn CRC

S dng CCMP/AEStnh ton m MIC. C

tin cy cao nht

Khng c kh nng xcthc hai chiu

H tr xc thc hai chiu,s dng IEE 802.1X/EAP

Tng t WPA

Phng php n ginkhng yu cu nng lccao v phn cng

Tng i phc tp hnWEP nhng cng khngyu cao v phncng

Phc tp yu cu caov nng lc x lphn cng

Thch hp vi mng quim nh

Ph hp vi mng quy mnh v trung bnh

Ph hp mng lnnh doanh nghip

WPA c nh gi l km an ton hn so vi ngi anh em WPA2. Tuy nhin,

li th ca WPA l khng yu cu cao v phn cng. Do WPA s dng TKIP mha theo thut ton RC4 ging nh WEP nn hu ht cc card mng khng dy ch tr WEP ch cn c nng cp firmware l c th hot ng tng thch vitiu chun ca WPA.WPA2 s dng CCMP/AES cho vic m ha d liu v kim tra tnh ton vn cagi tin. CCMP/AES l mt c ch m ha rt mnh v phc tp do yu cu caov nng lc x l ca chip. Cng chnh v iu ny m hin nay WPA2 cha ctrin khai rng di nh WPA. L do l WPA2 cn phi nng cp v mt phn cng,tn km hn nhiu so vi vic cp nht firmware i vi WPA. Tuy nhin, vi c c

h thng mng yu cu mc an ninh cao th khuyn ngh nn s dng WPA2.Vic la chn tiu chun an ninh no l hon ton ph thuc vo s cn bng giatim lc ti chnh v mc an ton thng tin cn m bo.

4.4.4. Bo mt bng TKIP


71/102


L gii php ca IEEE c pht trin nm 2004. L mt nng cp cho WEP nhmv nhng vn bo mt trong ci t m dng RC4 trong WEP. TKIP dng hm

bm(hashing) IV chng li vic gi mo gi tin, n cng cung cp phng thc kim tra tnh ton vn ca thng ip MIC (message integrity check ) m

bo tnh chnh xc ca gi tin. TKIP s dng kha ng bng cch t cho miframe mt chui s ring chng li dng tn cng gi mo.

4.4.5. Bo mt bng AES

L mt chc nng m ha c ph chun bi NIST (Nation Instutute of Standard

and Technology). IEEE thit k mt ch cho AES p ng nhu cu camng WLAN.Ch ny c gi l CBC-CTR(Cipher Block Chaining CounterMode) vi CBC-MAC(Cipher Block Chaining Message Authenticity Check). Thp ca chng c gi l AES-CCM . Ch CCM l s kt hp ca m haCBC-CTR v thut ton xc thc thng ip CBC-MAC. S kt hp ny cung cpc vic m ha cng nh kim tra tnh ton vn ca d liu giM ha CBC-CTR s dng mt bin m b sung cho chui kha. Bin m stng ln 1 sao khi m ha cho mi khi(block). Tin trnh ny m bo ch c duy

nht mt kha cho mi khi. Chui k t cha c m ha s c phn mnh rathnh cc khi 16 byte.CBC-MAC hot ng bng cch s dng kt qu ca mha CBC cng vi chiu di frame, a ch ngun, a ch ch v d liu. Kt qus cho ra gi tr 128 bit v c ct thnh 64 bit s dng lc truyn thng.AES -CCM yu cu chi ph kh ln cho c qu trnh m ha v kim tra tnh ton vn cad liu gi nn tiu tn rt nhiu nng lc x l ca CPU kh ln.

4.4.6 Lc (Filtering).

Lc l c ch bo mt c bn c th s dng cng vi WEP. Lc hot ng gingnh Access list trn router, cm nhng ci khng mong mun v cho php nhngci mong mun. C ba kiu lc c bn c th c s dng trong WLAN:

Lc SSID. Lc c a ch MAC.


72/102


Lc giao thc (Filtering Protocol).4.4.6.1. Lc SSID

Lc SSID l mt phng thc c bn ca lc v ch nn c s dng cho viciu khin truy cp c bn. SSID ca client phi khp vi SSID ca AP c thxc thc v kt ni vi tp dch v. SSID c qung b m khng c m hatrong cc Beacon nn rt d b pht hin bng cch s dng cc phn mm. Mt ssai lm m ngi s dng WLAN mc phi trong vic qun l SSID gm:

- S dng gi tr SSID mc nh to iu kin cho hacker d tm a ch MACca AP.

-

S dng SSID c lin quan n cng ty.- S dng SSID nh l phng thc bo mt ca cng ty.- Qung b SSID mt cch khng cn thit.4.4.6.2. Lc a ch MAC

Hu ht cc AP u c chc nng lc a chMAC. Ngi qun tr c th xy dngdanh sch cc a chMAC c cho php.Nu client c a ch MAC khng nmtrong danh sch lc a ch MAC ca AP th AP s ngn chn khng cho phpclient kt ni vo mng. Nu cng ty c nhiu client th c th xy dng mych RADIUS c chc nng lc a ch MAC thay v AP. Cu hnh lc a ch MACl gii php bo mt c tnh mrng cao. n gin ch nhp a ch MAC vo mych RADIUS cng vi thng tin nh danh ca ngi dng. My ch RADIUSthng chn mt ngun chng thc khc, v th mt ngun chng thc l cnthit c th h trlc a ch MAC.


73/102


Hnh 4.10: Th hin tin trnh xc thc MAC

Lc a ch MAC c th hot ng theo ngc li. V d, ta xem xt trng hpnhn vin ri khi cng ty v mang theo card mng khng dy ca mng khngdy ca h. Card WLAN ny cha dng kha WEP v lc a ch MAC. Ngiqun tr c th to ra bng lc trn tt c cc AP khng cho php a ch MACca nhn vin ri khi cng ty. Nu lc a ch MAC c s dng trongmng khi card WLAN b mt, ta c th xo a ch MAC ca card ra khi danhsch cho php.


74/102


Hnh 4.11: Lc a ch Mac

Mc d a ch MAC dng nh l mt phng thc tt bo mt mng WLANtrong mt s trng hp. Tuy nhin vn b tn cng trong cc trng hp sau:

nh cp card WLAN c trong danh sch cho php ca AP. Lng nghe lu lng trong mng WLAN, sau n gi mo i ch MAC

u gi lm vic.Lc a ch MAC rt thch hp cho gia nh v vn phng nh ni c t client.

4.4.6.3. Lc Giao Thc

Mng Lan khng dy c th lc cc gi i qua mng da trn cc giao thc tlp2 n lp 7. Trong nhiu trng hp cc nh sn xut lm cho lc giao thc c thc cu hnh mt cch c lp cho c on mng c dy v on mng khng dy

trn AP.


75/102


Hnh 4.12: Lc giao thc

Hy tng tng trng hp trong c mt cu ni nhm khng dy (WirelessWorkgroup Bidge) c t trong mt to nh xa trong mng WLAN campuskt ni ngc li AP to nh chnh. Bi v tt ngi dng trong to nh xa

chia s bng thng 5 Mbps gia to nh ny trong mt s phng thc iu khinphi c s dng. Nu cc kt ni ny c ci t vi mc ch c

CÁC KIỂU TẤN CÔNG TRÊN MẠNG

Documents

Transcript of CÁC KIỂU TẤN CÔNG TRÊN MẠNG