Doko.vn Bao Mat Trong Mang Khong Day W

7/29/2019 Doko.vn Bao Mat Trong Mang Khong Day W

1/110

Bo mt mng khngdy

LI M U

Trong x hi cng ngh hin i,h thng thng tin lin lc c tm quan

trng ging nh h thng thn kinh xuyn sut c th con ngi.S gia tng nhu

cu truyn s liu tc cao v a dng ho cc loi hnh dch v cung cp nh

truy nhp Internet,thng mi in t thc y s pht trin ca cc gii php

mng cc b v tuyn (WLAN) vi nhng u im vt tri khc phc nhc

im ca Lan hu tuyn, cung cp nhng gii php mng hiu qu hn.

Cng ngh khng dy l mt phng php chuyn giao t im ny ti

im khc x dng sng v tuyn lm phng tin truyn dn nh sng

radio,cell,hng ngoi v v tinh gip gim thiu dy dn trong qu trnh truyn

v nhn thng tin.

Ngy nay mng khng dy t c nhng bc pht trin ng k.

Ti mt s nc c nn kinh t pht trin ti Chu u, Chu M mng khng dy

rt pht trin trong i sng.Ch vi mt laptop,PDA hoc mt phng tin

truy cp mng khng dy bt k ta cng c th truy cp vo mng ti bt c

u,ti c quan,trng hc, ngoi ng trong qun caf hay nhng ngay trn

cc phng tin giao thng cng cng khc,bt c u nm trong phm vi ph

sng ca mng WLAN.

Nhng chnh s h tr truy nhp cng cng vi cc phng tin truy cp

n gin cng nh phc tp em li nhiu rc ri cho cc nh qun tr trong

vic bo mt thng tin.Vn tch hp cc bin php bo mt vo cc phng

tin truy nhp nhng vn m bo nhng tin ch v vic h tr truy cp cng

cng l vn rt ng quan tm.

V c Thng T 901 - 1 - Trng i Hc Dn L p Hi Phng


2/110

Bo mt mng khngdy

Do em chn vn bo mt trong mng khng dy WLAN l ni

dung chnh ca An ny. An gm 8 chng vi 3 ni dung chnh :

Th nht l a ra ci nhn bao qut v mng khng dy t cu trc,

m hnh cho ti cc gii php k thut.Ni dung nm trong chng 1,chng 2v chng 3.

Th hai l tm hiu v cc kh nng tn cng t ngoi vo h thng

mng khng dy t a ra cc khuyn co v bo mt. Ni dung bao qut

trong 2 chng l chng 4 v chng 5.

Cui cng l vic tm hiu vic trin khai h thng mng khng dy

ti Trng i hc Dn L p Hi Phng.Ni dung nm trong 3 chng cn li l

chng 6, chng 7 v chng 8.

Mong rng An s gip mi ngi hiu thm 1 phn v mng Wireless

LAN v cc vn lin quan ti bo mt mng khng dy.Do hn ch v mt

kin thc v ti liu nn An s khng trnh khi nhiu thiu st.V vy em

rt mong c s ch bo, ph bnh v gp chn thnh t pha cc thy c v

cc bn.



3/110

Bo mt mng khngdy

Chng 1

GII THIU V WIRELESS LAN

1.1.KHI NIM WLAN

Mng WLAN (Wireless Local Area Network) l mt mng truyn d liu

trn c s mt mng cc b LAN. WLAN s dng sng v tuyn lm phng

tin truyn dn v vy gim thiu kt ni dy dn trong vic truyn v nhn

thng tin.

WLAN l 1 cng nghtruy cp mng bng thng rng khng dy theo chun

ca 802.11 ca IEEE. c pht trin vi mc ch ban u l mt sn phm

phc v gia nh v vn phng kt ni cc my tnh c nhn m khng cn

dy,n cho php trao i d liu qua sng radio vi tc d rt nhanh .L c hi

cung cp ng truy cp internet bng thng rng ngy cng nhiu cc a

im cng cng nh sn bay, ca hng caf, nh ga, cc trung tm thng mi

hay trung tm bo ch.

1.2.CU TRC V C TNH CA MNG WLAN

1.2.1 Cu trc ca mng Wlan

WLAN tng t nh mt h thng t bo, mi im truy cp l mt trm

c s truyn d liu gia WLAN v c s h tng mng c dy. Mt im truy

cp n l c th h tr mt nhm ngi dng v cung cp thng tin trong mt

bn knh cho php. Cc im truy cp c kt ni ti mng c dy thng qua

hub Ethernet hoc switch. V nhng ngi dng truy cp WLAN thng qua cc

adapter WLAN (cc adapter ny cng tn ti trong cc laptop) hoc thng qua

cc PC card.



4/110

Bo mt mng khngdy

Hnh 1.1: Cu trc ca WLAN

1.2.2 c tnh ca mng Wlan

Kh nng di chuyn:

Ngi dng c th di chuyn nhng vn c th truy nhp nhng h s,

nhng ti nguyn mng v internet m khng phi ni dy n mng c dy

truyn thng. Nhng ngi s dng c th di chuyn, tuy th vn gi nguyn struy nhp mng LAN vi tc cao v thi gian thc.

Ci t nhanh:

Thi gian yu cu cho vic ci t c rt ngn bi v nhng kt ni

mng c th lm m khng cn chuyn ng, thm dy hoc ko chng xuyn

qua tng v trn nh nh mng c dy vn hay lm.

Linh hot:

N linh hot v d thit lp v tho g mi ni. V th nhng ngi dng

c th nhanh chng thit lp mt WLAN nh cho nhng nhu cu tm thi nh

hi ngh thng mi hoc trong cc cuc hp.



5/110

Bo mt mng khngdy

Tnh chuyn i:

Mng cu hnh WLAN c th d dng c nh hnh p ng nhu cu

ng dng v ci t c bit v c th chuyn i t nhng mng nh ln mng

ln hn. Kh nng m rng:

H thng WLAN c th cu hnh trong nhiu m hnh p ng cc ng

dng v cu hnh c th d thay i v phm vi t mng im - im xy dng

cho s nh ngi dng n cc mng phi hp vi hng ngn ngi dng cho

php chuyn vng trn phm vi rng.

H thp chi ph trin khai:

Mc d u t ban u v phn cng c th cao hn mng c dy, tuy

nhin xt chi ph tng th v chi ph theo tui th c th thp hn ng k. V

lu di, WLAN s em li li ch rt ln trong cc mi trng ng yu cu s

di chuyn v thay i nhiu.

1.3.I TNG V NG DNG CA MNG WLAN

1.3.1 i tng s dng

Mng WLAN ang tr nn ph bin trong cc mi trng:

H thng thng tin doanh nghip:

Cc nh qun l mng c th di chuyn nhn vin, lp ra cc vn phng

tm thi, hoc ci t my in v nhiu thit b khc m khng b nh hng bi

chi ph v tnh phc tp ca mng c dy. Cp lnh o c th truy cp vo h

thng thng tin quan trng ca cng ty t phng hp thng qua cc thit b cmtay c ci t card WLAN.

Du lch:

Khch sn v cc im du lch c th x l thng tin t phng, yu cu



6/110

Bo mt mng khngdy

dch v hoc thng tin v hnh l ca khch hng.

Gio dc:

Sinh vin v ging vin c th lin lc vi nhau t bt c v tr no trong

khun vin i hc trao i hoc ti v cc bi ging c sn trn mng. MngWLAN cn gim thiu nhu cu s dng phng lab (phng thc hnh).

Thng tin sn phm:

Cc nhn vin chu trch nhim v xut kho c th cp nht v trao i

cc thng tin quan trng ca sn phm.

Y t:

Bc s, y t c th trao i cc thng tin v bnh nhn hoc liu php chatr

Ti vit nam th cc i tng c quan tm l cc khch hng dng

Laptop, Pocket PC hay PC c card moderm nh sinh vin ,doanh nhn, khch du

lch.

1.3.2 Kha nng ng dng

Kh khn trong lp t cp l yu t thc y mi trng v tuyn tr

thnh xu hng ngy cng nhn c s chp nhn rng ri ca con ngi. Mi

trng v tuyn c bit hu ch thit lp mng cho:

Nhng khu vc nhn nhp nh tin snh hay phng tip tn.

Nhng ngi lin tc di chuyn nh y t, bc s trong bnh vin.

Khu vc v to nh bit lp.

Nhng phng ban thng xuyn b thay i kiu b tr vt l.

WLAN c lp t ti cc khu tp trung ng ngi nh : Cc vn

phng, to nh,trng i hc,sn bay,nh ga,sn vn ng, khu trin lm,khch

sn,siu th hay khu dn c



7/110

Bo mt mng khngdy

Chng 2

Cc gii php k thut

2.1.GII THIU TNG QUAN

WLAN lmt cng ngh truy cp mng bng rng khng dy theo chun

ca 802.11 ca IEEE. Tiu chun IEEE 802.11 nh ngha c hai kiu c s

h tng, vi s lng ti thiucc im truy nhp trung tm ti mt mnghu tuyn,v mt ch l Peer-to-peer, trong mt tp hp nhng i vtuyn lin lc trc tip vi nhau m khng cn mt im truy nhp trungtm hoc mng v tuyn no. S hp dn ca WLAN l tnh linh hot cachng. Chng c th m rng m rng truy cp ticc mng cc b, nhIntranet, cng nh h trs truy nhp bng rng ti Internet ti cc Hotspot.

WLAN c th cung cp kt ni khng dy nhanh chng v d dng ti cc my

tnh, cc my mc hay cc h thng trong mt khu vc, ni m cc hthng c s h tng truyn thng c nh khng tn ti hoc ni m s truy

nhp nh vy lkhng c php. Ngi dng c th c nh hoc di nghoc thm ch c th ang ngi trn 1 phng tin chuyn ng.

V kh nng s dng WLAN m rng mng hu tuyn thng thng,vi tc cao v tin li trong truy cp mng.



8/110

Bo mt mng khngdy

Hnh 2.1: kh nng mrng mngV kh nng truy cp mng trong cc ta nh, nh kho, bnb i m

khnggpphi vn tn km v phc tp trong vici dy.

Hnh 2.2: kh nng truy cp mng m khng phi i dy

V kh nng n gin ha vic kt ni mng gia hai ta nh m giachng l a hnh phc tp kh thi cng i vi mng thng thng:

Hnh 2.3: tin li trong vic xy dng mng trn min ni



9/110

Bo mt mng khngdy

Hay cc khu vc c a hnh lng ging vn c th truy cp mngbnh thng nh cc nikhc:

Hnh 2.4: Ti ni c a hnh lng cho

V s tin li trong vic truy cp mng m vn c th di chuyn:

Hnh 2.5 : kh nng truy cp trong khi di chuyn

T cc vn phng, nh ring:

Hnh 2.6 : truy cp t nh ringn cc khu ln hn nhiu nh cc trng i hc, cc khu trung c



10/110

Bo mt mng khngdy

u c th truy cp mng vi tc cao v qu trnh thit lp n gin:

Hnh 2.7 : truy cp t cc trng i hc

2.2.CC CHUN 802.11

802.11 : Nm 1997, IEEE (Institute of Electrical and ElectronicsEngineers) gii thiu mt chun u tin cho WLAN. Chun ny c gi l

802.11 sau khi tn ca nhm c thit lp nhm gim st s pht trin ca n.

Tuy nhin, 802.11ch h tr cho bng tn mng cc i ln n 2Mbps qu

chm i vi hu ht cc ng dng. Vi l do , cc sn phm khng dy thit

k theo chun 802.11 ban u dn khng c sn xut.

802.11b: IEEE m rng trn chun 802.11 gc vo thng By nm

1999, chnh l chun 802.11b.

Chun ny h tr bng thng ln n 11Mbps,tng quan vi Ethernet truyn thng.

802.11b s dng tn s v tuyn (2.4 GHz) ging nh chun ban u

802.11. Cc hng thch s dng cc tn s ny chi ph trong sn xut ca h

c gim. Cc thit b 802.11b c th b xuyn nhiu t cc thit b in thoi

khng dy (ko di), l vi sng hoc cc thit b khc s dng cng di tn 2.4

GHz. Mc d vy, bng cch ci t cc thit b 802.11b cch xa cc thit b nh

vy c th gim c hin tng xuyn nhiu ny. u im ca 802.11b : gi thnh thp nht; phm vi tn hiu tt v

khng d b cn tr.

Nhc im ca 802.11b : tc ti a thp nht; cc ng dng gia



11/110

Bo mt mng khngdy

nh c th xuyn nhiu.

802.11a: Trong khi 802.11b vn ang c pht trin, IEEE to mt

m rng th cp cho chun 802.11 c tn gi 802.11a. V 802.11b c s dng

rng ri qu nhanh so vi 802.11a, nn mt s ngi cho rng 802.11a c tosau 802.11b. Tuy nhin trong thc t, 802.11a v 802.11b c to mt cch

ng thi. Do gi thnh cao hn nn 802.11a ch c s dng trong cc mng

doanh nghip cn 802.11b thch hp hn vi th trng mng gia nh.

802.11a h tr bng thng ln n 54 Mbps v s dng tn s v tuyn

5GHz. Tn s ca 802.11a cao hn so vi 802.11b chnh v vy lm cho

phm vi ca h thng ny hp hn so vi cc mng 802.11b. Vi tn s ny, cc

tn hiu 802.11a cng kh xuyn qua cc vch tng v cc vt cn khc hn.Do 802.11a v 802.11b s dng cc tn s khc nhau, nn hai cng ngh

ny khng th tng thch vi nhau. Chnh v vy mt s hng cung cp cc

thit b mng hybrid cho 802.11a/b nhng cc sn phm ny ch n thun l b

sung thm hai chun ny.

u im ca 802.11a : tc cao; tn s 5Ghz trnh c s xuyn

nhiu t cc thit b khc.

Nhc im ca 802.11a : gi thnh t; phm vi hp v d b che

khut.

802.11g: Vo nm 2002 v 2003, cc sn phm WLAN h tr mt chun

mi hn l 802.11g, c nh gi cao trn th trng. 802.11g thc hin s

kt hp tt nht gia 802.11a v 802.11b. N h tr bng thng ln n 54Mbps

v s dng tn s 2.4 Ghz c phm vi rng. 802.11g c kh nng tng thch

vi cc chun 802.11b, iu c ngha l cc im truy cp 802.11g s lm

vic vi cc adapter mng khng dy 802.11b v ngc li.

u im ca 802.11g : tc cao, phm vi tn hiu tt v t b che

khut.

Nhc im ca 802.11g : gi thnh t hn 802.11b; cc thit b c



12/110

Bo mt mng khngdy

th b xuyn nhiu t nhiu thit b khc s dng cng bng tn.

802.11n : Chun mi nht trong danh mc Wi-Fi chnh l 802.11n. y l

chun c thit k ci thin cho 802.11g trong tng s bng thng c h

tr bng cch tn dng nhiu tn hiu khng dy v cc anten (cng nghMIMO).

Khi chun ny c a ra, cc kt ni 802.11n s h tr tc d liu

ln n 100 Mbps. 802.11n cng cung cp phm vi bao ph tt hn so vi cc

chun Wi-Fi trc n nh cng tn hiu mnh ca n. Thit b 802.11n s

tng thch vi cc thit b 802.11g. D n nm 2010, 802.11n mi chnh thc

c ph duyt, cc sn phm dng chun ny (thc cht l theo "d tho"

chun) s khng thay i nhiu. Hn na, cc router802.11n c kh nng tngthch ngc vi thit b dng chun c, ch cn ngi dng ci t vi bc.

u im ca 802.11n : tc nhanh v phm vi tn hiu tt nht; kh

nng chu ng tt hn t vic xuyn nhiu t cc ngun bn ngoi.

Nhc im ca 802.11n : gi thnh t hn 802.11g; s dng nhiu

tn hiu c th gy nhiu vi cc mng 802.11b/g gn.

Ln u tin xut hin ti mt trng i hc ngoi thnh ph New

York (M), mng cc b khng dy theo chun 802.11n ny c 720 im truy

cp dng thit b AP 320 thay cho cc access point chun 11a/b/g.

Cha thi gian kim nghim hot ng thc t ton h thng nhng

thy tr v nhn vin trng Morrisville State u ghi nhn s ci thin ln so

vi h tng khng dy theo cc chun 11 a/b/g c, c th l nhng ng dng

ngn bng thng chy nhanh hn trn mng ny.

Cc lp hc trong trng c th pht bn tin dng video v t chc hptrc tuyn m khng b tnh trng ngng tr khi np d liu (buffering delay).

Hin ti, gi cao im nht ghi nhn hn 1.200 my khch truy cp khng

dy ng thi, trong ngoi laptop cn c cc thit b nh my nghe nhc



13/110

Bo mt mng khngdy

iPod, in thoi iPhone, mt s thit b cm tay hoc my chi game console c

tnh nng kt ni wireless.

Trn y l 4 chun c nhc ti nhiu nht trong WLAN, ngoi ra

chng ta cn c bit ti mt s chun khc l cc chun m rng, michun phc v cho 1 mc ch c th nh:

802.11h: chun ny l mt bin th ca 802.11a Chu u c thm cc

c tnh ti u.

802.11i: chun ny vn ang c pht trin, n l mt l chn bo v

cc chun WLAN tn ti, n s nng cao mc bo mt bng cch nh l

mt ho tt hn v iu khin truy cp.

802.16: mt bn phc tho ca chun WLAN cho mng thnh ph (MAN)da trn OFDM v s dng 802.11a lm c s, c cng b vo thng 4

nm 2002. 802.16 h tr kin trc point-to-multipoint trong di tn t 10

n 66 GHz, tc d liu ln ti 120Mbps.

802.11e: ci thin cht lng dch v, cho php thit lp mc u tin.

802.11x: v bo mt WLAN v cc lp khc ca cc dch v c th.

802.11c: ci thin thao tc gia hai thit b.802.11d: chun LAN/MAN, ci thin roaming.

(roaming l kh nng a mt thit b khng dy t phm vi ca mt im

truy cp ny ti phm vi ca mt im truy cp khc m khng lm mt kt

ni). Ni cch khc roaming tc l chuyn vng.

802.11f: iu chnh lin im truy cp (regulate inter access point

handoffs).

Cho d chun WLAN no c s dng th cc khi nim c bn v

trin khai v bo mt u nh nhau.



14/110

Bo mt mng khngdy

2.3 .TRUY CP KNH TRUYN , C CH A TRUY NHP

CSMA/CA

Mt trm khng dy mun truyn khung, u tin n s nghe trn mi

trng khng dy xc nh hin c trm no ang truyn hay khng(nhy cm sng mang). Nu mi trng ny hin dang b chim, trm

khng dy tnh ton mt khong tr lp li ngu nhin. Ngay sau khi thi

gian tr tri qua, trm khng dy li nghe xem liu c trm no ang

truyn hay khng. Bng cch to ra thi gian tr ngu nhin, nhiu trm

ang mun truyn tin s khng c gng truyn li ti cng mt thi im

(trnh xung t). Nhng va chm c th xy ra v khng ging nh

Ethernet, chng khng th b pht hin bi cc node truyn dn. Do ,802.11b dng giao thc Request To Send (RTS)/ Clear To Send (CTS) vi

tn hiu Acknowlegment (ACK) m bo rng mt khung no c

gi v nhn thnh cng.

Important factors:

Wait for silence Then talk Listen while talking. What do we do if theres 2 talkers? Backoff. Repeat

Hnh 2.8: Mt qu trnh truyn t A n B

Trong c ch CSMA/CA ta cn quan tm n hai vn l u cui



15/110

Bo mt mng khngdy

n (Hidden Terminal) v u cui hin (Exposed Terminal).

2.3.1 Vn u cui n

Hnh 2.9: u cui n

A ni chuyn vi B. C cm nhn knh truyn.

C khng nghe thy A do C nm ngoi vng ph sng ca A.

C quyt nh ni chuyn vi B.

Ti B xy ra xung t.

Gii quyt vn u cui n:

Hnh 2.10: Gii quyt vn u cui n



16/110

Bo mt mng khngdy

A gi RTS cho B. B gi li CTS nu n sn sng nhn. C nghe thy CTS. C khng ni chuyn vi B v ch i. A gi d liu thnh cng cho B.

Trong trng hp ny nu C mun ni chuyn vi D th n hon

ton c th gim cng sut cho ph hp.

Vn t ra l C phi ch bao lu th mi ni chuyn c vi B:

Trong RTS m A gi cho B c cha di ca DATA m n mun gi. B

cha thng tin chiu di ny trong gi CTS m n gi li A C, khi "nghe"

thy gi CTS s bit c chiu di gi d liu v s dng n t thi

gian km hm s truyn.

2.3.2 Vn u cui hin:

Hnh 2.11: u cui hin

B ni chuyn vi A. C mun ni chuyn vi D. C cm nhn knh truyn v thy n ang bn. C gi im lng (trong khi n hon ton c th ni chuyn vi D).

Gii quyt vn u cui hin :

Hnh 2.12: Gii quyt vn u cui n

B gi RTS cho A (bao trm c C).

A gi li CTS cho B (nu A ri).



17/110

Bo mt mng khngdy

C khng th nghe thy CTS ca A.

C coi rng A hoc "cht" hoc ngoi phm vi.

C ni chuyn bnh thng vi D.

Tuy nhin cn c vn xy ra:Gi RTS c th b xung t,v d: C v A cng nhn thy c th

truyn cho B v cng gi RTS cho B, ti B s c xung t, nhng xung t

ny khng nghim trng nh xung t gi DATA bi chiu di gi RTS

thng nh hn nhiu DATA. Tuy nhin nhng gi CTS c th gy giao

thoa, nu kch thc ca gi RTS/CTS nh ca DATA thi iu ny rt ng

quan tm. Vn ny c khc phc bng cch to ra mt khong thi

gian tr lp li ngu nhin (nh trn trnh by).

2.4.CC K THUT IU CH

2.4.1 Ki thut iu ch s Shift Keying

Hin nay, c rt nhiu phng thc thc hin iu ch s Shift

Keying nh: ASK, FSK, PSK . . . Qu trnh iu ch c thc hin bi

kha chuyn (keying) gia hai trng thi (states), mt cch l thuyt th mt

trng thi s l 0 cn mt trng thi s l 1, (chui 0/1 trc khi iu ch lchui s c m ha ng truyn).

PSK

c pht trin trong sut thi k u ca chng trnh pht trin

v tr v ngy nay c s dng rng ri trong cc h thng thng tin qun

s v thng mi. N to ra xc sut li thp nht vi mc tn hiu thu cho

trc khi o mt chu k du hiu.

Nguyn l c bn ca iu ch PSK l dng xung nh phn coi nh l

u vo ca b iu ch PSK s bin i v pha dng tn hiu ra thnh

mt trng thi xc nh trc, khi s lng cac trng thi pha tng ln th

tc bit cng tng nhng tc baud vn gi nguyn. Tuy nhin mun



18/110

Bo mt mng khngdy

tng tc s liu th phi tr gi. Ngha l, yu cu v SNR tng ln

gia nguyn c BER (t l li bit).

Binary PSK(Binary Phase Shifp Keying -Kha chuyn dch pha

nh phn):y l phng php thng dng nht, tn hiu sng mang c iu

ch da vo chui nh phn, tn hiu iu ch c bin khng i v bin

i gia hai trng thi 00 v 1800, mi trng thi ca tn hiu iu ch

c gi l mt symbol.

QPSK(Quardrature Phase Shift Keying):

phng php BPSK, mi symbol bin din cho mt bit nh phn.

Nu mi symbol ny biu din nhiu hn 1 bit, th s t c mt tc bit

ln hn. Vi QPSKs gp i s data throughput ca PSK vi cng mt

bng thng bng cch mi symbol mang 2 bits. Nh vy trng thi phase

ca tn hiu iu ch s chuyn i gia cc gi tr -900, 00, 900 v 1800.

CCK(Complementary Code Keying):

CCK l mt l mt k thut iu ch pht trin t iu ch QPSK,

nhng tc bit t n 11Mbps vi cng mt bng thng (hay dng sng)nh QPSK. y l mt k thut iu ch rt ph hp cho cc ng dng bng

rng. Theo chun IEEE802.11b, iu ch CCK dng chui s gi ngu nhin

complementary spreading code c chiu di m l 8 v tc chipping rate

l 11Mchip/s. 8 complex chips s kt hp to thnh mt symbol n (nh

trong QPSK 4 symbol). Khi tc symbol l 1,375MSymbol/s th tc

d liu s t c:1,375x8=11Mbps vi cng bng thng xp x nh iu

ch QPSK tc 2Mbps.



19/110

Bo mt mng khngdy

2.4.2 K THUT IU CH SONG CNG( DUPLEX SCHEME)

Trong cc h thng im-a im, hin nay tn ti hai k thut song

cng (hot ng c chiu ln v chiu xung, upstream v downstream)

l:

Phn chia theo tn s (Frequency Division Duplexing, FDD):

K thut ny cho php chia tn s s dng ra lm hai knh ring bit:

mt knh cho chiu xung v mt knh cho chiu ln.

Phn chia theo thi gian (Time Division Duplexing, TDD):

K thut ny mi hn, cho php lu lng lu thng theo c hai

chiu trong cng mt knh, nhng ti cc khe thi gian khc nhau.

Vic la chn FDD hay TDD ph thuc ch yu vo mc ch s dng

chnh ca h thng, cc ng dng i xng (thoi-voice) hay khng i xng

(d liu- data). K thut FDD s dng bng thng t ra khng hiu qu i vi

cc ng dng d liu. Trong h thng s dng k thut FDD, bng thng cho

mi chiu c phn chia mt cch c nh. Do , nu lu lng ch lu

thng theo chiu xung (downstream), v d nh khi xem cc trang Web, th

bng thng ca chiu ln (upstream) khng c s dng. iu ny li khng

xy ra khi h thng c s dng cho cc ng dng thoi: Hai bn ni

chuyn thng ni nhiu nh nghe, do bng thng ca hai chiu ln, xung

c s dng xp x nh nhau. i vi cc ng dng truyn d liu tc

cao hoc ng dng hnh nh th ch c bng thng chiu xung c s

dng, cn chiu ln gn nh khng c s dng.

i vi k thut TDD, s lng khe thi gian cho mi chiu thay i

mt cch linh hot v thng xuyn. Khi lu lng chiu ln nhiu, s

lng khe thi gian dnh cho chiu ln s c tng ln, v ngc li. Vi s

gim st s lng khe thi gian cho mi chiu, h thng s dng k thut



20/110

Bo mt mng khngdy

TDD h tr cho s bng n thng lng truyn dn i vi c hai chiu. Nu

mt trang Web ln ang c ti xung th cc khe thi gian ca chiu ln s

c chuyn sang cppht cho chiu xung.

Nhc im ch yu ca k thut TDD l vic thay i chiu ca lulng tn nhiu thi gian, vic cp pht khe thi gian l mt vn rt phc

tp cho cc h thng phn mm. Hn na, k thut TDD yu cu s chnh

xc cao v thi gian. Tt cc my trm trong khu vc ca mt h thng s

dng k thut TDD cn c mt im thi gian tham chiu c th xc c

nh chnh xc cc khe thi gian. Chnh iu ny lm gii hn phm vi a l

bao ph i vi cc h thng im-a im.

2.5.CC K THUT TRUY CP

2.5.1 FDMA

FDMA(Frequency Division Multiple Access) a truy nhp phn chia

theo tn s.

Ph tn dng cho thng tin lin lc c chia thnh 2N di tn s k

tip, cch nhau bi mt di tn phng v. Mi di tn s c gn cho mtknh lin lc, N di dnh cho lin lc hng ln, sau mt di tn phn cch

l N di tn dnh cho lin lc hng xung. Mi CPE c cp pht mt i

knh lin lc trong sut thi gian kt ni, nhiu giao thoa xy ra y l rt

ng k.

2.5.2 TDMA

TDMA (Time Division Multiple Access) a truy nhp phn chia

theo thi gian.

Ph tn s c chia thnh cc di tn lin lc, mi di tn ny c

dng chung cho N knh lin lc. Mi knh lin lc l mt khe thi gian

trong chu k mt khung. Lin lc c thc hin song cng theo mi hng



21/110

Bo mt mng khngdy

thuc cc di tn lin lc khc nhau, iu ny s lm gim nhiu giao thoa

mt cch ng k.

2.5.3 CDMA

CDMA (Code Divison Multiple Access) - a truy nhp phn chia theo

m. Mi CPE c gn mt m ring bit, vi k thut tri ph tn hiu gip

cho cc CPE khng gy nhiu ln nhau trong iu kin ng thi dng

chung mt di tn s. Di tn s tn hiu c th rng ti hng chc Mhz. S

dng k thut tri ph phc tp cho php tn hiu v tuyn s dng c cng

trng rt nh v chng pha inh hiu qu hn FDMA, TDMA. Bn cnh

vic cc CPE trong cng mt trm gc s dng chung di tn s s gip

cho cu trc h thng truyn dn thu pht v tuyn tr nn rt n gin .

2.6.K THUT V TUYN

2.6.1 Ki thut Viba truyn thng:

Trong k thut vi ba truyn thng mi CPE s c cung cp mt hoc

mt cp tn s bng hp hot ng. Di tn bng hp ny c dnh vnh

vin cho thu bao ng k, mi tn hiu ca cc CPE khc lt vo trong ditn ny c coi l nhiu v lm nh hng n hot ng ca knh. Vic

cp pht tn s nh trn lm hn ch s ngi s dng knh v tuyn v ti

nguyn v tuyn l c hn. V v l di tn bng hp nn ng nhin s dn

n s hn ch v tc ca knh truyn dn. Do viba truyn thng t ra

ch thch hp cho cc ng dng thoi v d liu tc thp.



22/110

Bo mt mng khngdy

Hnh 2.13: Tn hiu bng hp

2.6.2 K thut tri ph :

Khi ti nguyn v tuyn ngy cng tr nn cn kit, ngi ta bt u phi p

dng k thut tri ph nhm nng cao hiu nng s dng tn s. C hai k thut

tri ph thng dng nht hin nay l FHSS v DSSS. Bng thng cho mi

CPE s khng cn l mt di hp m s l ton b bng tn s, vic xc

nh CPE thng qua mt m code ca mi CPE - m gi ngu nhin (PN

sequence).

2.6.3 FHSS (Frequency Hopping Spread Spectrum):

Hnh 2.14: Nhy tn s



23/110

Bo mt mng khngdy

Hnh 2.15: Cc knh trong FHSS

Tn hiu d liu c truyn trn mt di tn rng bng k thut

truyn tn hiu trn nhng tn s sng mang khc nhau ti nhng thi im

khc nhau. Khong cch gia cc tn s sng mang FHSS c qui nh trc,

bng thng cho mi knh khong 1Mhz, trt t nhy tn c xc nh bng

mt hm gi ngu nhin. FCC yu cu bng thng phi c chia t nht thnh

75 knh (subchannel). FHSS radio c gii hn ch gi mt lng nh d liutrn mi knh trong mt chu k thi gian xc nh, trc khi nhy sang knh

tn s k tip trong chui nhy tn. Chu k thi gian ny gi l dwell time,

thng c gi tr khong 400 microseconds. Sau mi bc nhy (hop) thit

b thu pht cnphi thc hin ng b li (resynchronize) vi nhng tn s v



24/110

Bo mt mng khngdy

tuyn khc trc khi c th truyn d liu. Mc ch ch yu ca vic nhy

tn gi ngu nhin nh trn l trnh hin tng giao thoa tn hiu do

knh d liu khng lm vic qu lu trn mt knh tn s c th no . Gi

s nu nh xy ra nhiu giao thoa nghim trng trn mt tn s no trong

chui nhy tn th n cng s nh hng khng nhiu n h thng. Bi qu

trnh truyn ch c thc hin ti y trong mt khong thi gian nh.

2.6.4 DSSS (Direct Sequence Spread Strectrum) :

DSSS cng thc hin vic tri ph tn hiu nh trn nhng theo mt

k thut hon ton khc. Bng thng ca tn hiu thay v c truyn trn mt

bng hp (narrow band) nh truyn thng vi ba, s c truyn trn mt khong

tn s ln hn bng k thut m ha gi ngu nhin (Pseudo-Noise sequence).

Hnh 2.16: Qu trnh tri v nn ph trong DSSS

Tn hiu bng hp v tn hiu tri ph cng c pht vi mt cng sut

v mt dng thng tin nhng mt ph cng sut (power density) ca tn hiu



25/110

Bo mt mng khngdy

triph ln hn nhiu so vi tn hiu bng hp. Tn hiu d liu kt hp vi

chui m gi ngu nhin trong qu trnh m ha s cho ra mt tn hiu vi

bng thng m rng hn nhiu so vi tn hiu ban u nhng vi mc cng

sut li thp hn. Mt u im ni bt ca k thut DSSS l kh nng d phng

d liu. Bn trong tn hiu DSSS s gp d phng t nht 10 d liu ngun

trong cng mt thi gian. Pha thu ch cn m bo thu tt c 1 trong 10

tn hiu d phng trn l thnh cng. Nu c tn hiu nhiu trong bng

tn hot ng ca tn hiu DSSS, tn hiu nhiu ny c cng sut ln hn v

s c hiu nh l mt tn hiu bng hp. Do , trong qu trnh gii m ti

u thu, tn hiu nhiu ny s c tri ph v d dng loi b bi vic s l

li (gain processing). X l li l qu trnh lm gim mt ph cng

xut khi tn hiu c x l truyn v tng mt ph cng sut khidespread, vi mc ch chnh l lm tng t s S/N (Signal to Noise ratio).

2.6.5 Tng quan gia FHSS v DSSS

FH khng c qu trnh x l li do tn hiu khng c tri ph. V

th n s phi dng nhiu cng xut hn c th truyn tn hiu vi cng

mc S/N so vi tn hiu DS. Tuy nhin ti ISM band theo quy nh c mc gii

hn cng xut pht, do FH khng th c t S/N ging nh DS. Bncnh vic dng FH rt kh khn trong vic ng b gia my pht v thu v

c thi gian v tn s u yu cu cn phi c ng b. Trong khi DS ch cn

ng b v thi gian ca cc chip. Chnh v vy FH s phi mt nhiu thi

gian tm tn hiu hn, lm tng tr trong vic truyn d liu hn so vi

DS.

Nh vy chng ta c th thy DSSS l k thut tri ph c nhiu c

im u vit hn hn FHSS.Theo chun 802.11b, th s dng 14 knh DS (Direct Sequence) trong di

tn s 2,402GHz 2,483GHz, mi knh truyn rng 22MHz, nhng cc

knh ch cch nhau 5MHz, v vy cc knh cnh nhau s gy giao thoa ln



26/110

Bo mt mng khngdy

nhau, do trong mt khu vc ngi ta b ch cc knh truyn sao cho

min tn s ca chng khng trng ln nhau, trong h thng 14 knh DS th

ch c 3 knh m bo khng chng ln. V d nh trong hnh sau th cc

knh 1,6,11 c sdng pht trong mt khu vc m khng gy nhiu giao

thoa cho nhau:

Hnh 2.17: B tr s knh pht trong mt khu vc

Hnh 2.18: Kh nng s dng li tn s ca phng php DSSS



27/110

Bo mt mng khngdy

Nh vy trong 1 vng n tc bt vn chuyn n c th ln ti : 11Mbps x 3

= 33 Mbps, thay v 11Mbps nh khi ch c 1 knh truyn c s dng trong 1

khu vc.

2.7.CHNG THC V BO MT H THNG WLAN

2.7.1 Chng thc qua h thng m (Open Authentication) :

y l hnh thc chng thc qua vic xc nh chnh xc SSIDs (Service

Set Identifiers). Mt tp dch v m rng (ESS - Extended Service Set) gm 2

hoc nhiu hn cc im truy nhp khng dy c kt ni n cng mt

mng c dy ) l mt phn on mng logic n ( cn c gi l mt

mng con ) v c nhn dng bi SSID. Bt k mt CPE no khng c SSIDhp l s khng c truy nhp ti ESS.

2.7.2 Chng thc qua kho chia s (Shared-key Authentication):

L kiu chng thc cho php kim tra xem mt khch hng khng dy

ang c chng thc c bit v b mt chung khng. iu ny tng t

vi kho chng thc c chia s trc trong Bo mt IP ( IPSec ). Chun

802.11 hin nay gi thit rng Kho dng chung c phn phi n cc ttc cc khch hng u cui thng qua mt knh bo mt ring, c lp vi

tt c cc knh khc ca IEEE 802.11. Tuy nhin, hnh thc chng thc qua

Kho chia s ni chung l khng an ton v khng c khuyn ngh s dng.

2.7.3 Bo mt d liu thng qua WEP (Wired Equivalent

Privacy)

Vi thuc tnh c hu ca mng khng dy, truy nhp an ton ti lp

vt l n mng khng dy l mt vn tng i kh khn. Bi v khng

cn n mt cng vt l ring, bt c ngi no trong pham vi ca mt

im truy nhp dch v khng dy cng c th gi v nhn khung cng nh

theo di cc khung ang c gi khc. Chnh v th WEP (c nh



28/110

Bo mt mng khngdy

ngha bi chun IEEE 802.11) c xy dng vi mc ch cung cp mc bo

mt d liu tng ng vi cc mng c dy.

Nu khng c WEP, vic nghe trm v pht hin gi t xa s trnn

rt d dng. WEP cung cp cc dch v bo mt d liu bng cch m ho dliu c gi gia cc node khng dy. M ho WEP dng lung mt m i

xng RC4 vi t kho di 40 bit hoc104 bit. WEP cung cp ton vn ca d

liu t cc li ngu nhin bng cch gp mt gi tr kim tra ton vn (ICV -

Integrity Check Value) vo phn c m ho ca khung truyn khng

dy. Vic xc nh v phn phi cc cha kho WEP khng c nh ngha v

phi c phn phi thng qua mt knh an ton v c lp vi 802.11.

2.7.4 Bo mt d liu thng qua EAP (Extensible AuthenticationProtocol) :

y l mt trong nhng hnh thc chng thc ng, kho chng thc

c thay i gi tr mt cch ngu nhin mi ln chng thc hoc ti cc

khong c chu k trong thi gian thc hin mt kt ni c chng thc.

Ngoi ra, EAP cn xc nh chng thc qua RADIUS c ngha l: khi mt CPE

mun kt ni vo mng th n s gi yu cu ti AP. AP s yu cu CPE gi

cho n mt tn hiu Identify. Sau khi nhn c tn hiu Identify ca CPE,

AP s gi tn hiu Identify ny ti server RADIUS tin hnh chng thc.

Sau , RADIUS s tr li kt qu cho AP AP quyt nh c cho php

CPE ng nhp hay khng.



29/110

Bo mt mng khngdy

Chng 3

TRUYN DN TI IM T HOTSPOT V CC M HNH

U NI CHO HOTSPOT

3.1.PHNG N TRUYN DN :

Cc im hotspot s c kt ni tp trung v trung tm qun l mng

di s iu khin ca Subsscriber Gateway chung ra Internet. Phng

thc truyn dn c la chn i vi m hnh ny s l dich v xDSL

WAN. Da trn chun cng nghip ton cu ITU, gii php SHDSL s dng

truyn d liu cn bng trn mt i cp n.

Thm vo , tn hiu SHDSL c kh nng truyn dn xa hn so vi cc

kt ni s dng cng ngh ADSL v SDSL, cho php cc nh cung cp dch

v tho mn nhu cu cc khch hng xa.Cng ging nh ADSL Router,

SHDSL Router cng c tch hp DHCP v NAT server bn trong. Cng

ngh ny khin cho chi ph u t c gim i ng k do khng phi u t

thm hai server ngoi phc v DHCP vNAT.

Hnh 3.1: Phng n truyn dn



30/110

Bo mt mng khngdy

3.2.M HNH U NI CHO CC HOTSPORT

3.2.1 Cac gii php ki thut trong m hnh Wireless Hotspot:

i vi h thng Wi-Fi: mi trng truyn dn l mi trng sng,truyn tin theo cc chun 802.11a, 802.11b Thc cht y c th coi l mi

trngbroadcast, tt c cc my client ng vo vng ph sng u c th bt

c tn hiu, cc AP t c kh nng iu khin c truy nhp. Cc Acces

Point hin nay bt u c pht trin h tr chun bo mt thng tin trong mi

trng Wireless l EAP (cc hng sn xut thit b a ra cc chun EAP

khc nhau nh Cisco LEAP, Microsoft PEAP, Funk PEAP).

Vi 802.1x cc AP c kh nng xc thc client, v acconting nhng

hin ang cn rt nhiu hn ch nh: cc client phi c phn mm iu khin

thch hp, AP khng c kh nng iu khin truy nhp nh Access Server trong

mi trng Dial-up, AP c h trRADIUS nhng do c nhng thng s k

thut mi nn cha cho php c kh nng s dng cc h thng database tp

trung nh ORACLE do khng c kh nng cung cp dch v trn AP nh

Access Server trong mi trng Dialup.

Gii php c a ra l s dng thit b Subscriber Gateway: Subscriber

Gateway s ng chn ti ng ra ca cc AP i Internet, mi trng sng s

lun c cc AP cung cp cho bt c mt my trm no ng trong mi

trng truyn sng. Nhng khi ngi s dng truy nhp vo mi trng sng

ca mt Access point (AP) th ngay lp tc Subscriber Gateway s tin hnh

vic xc thc thu bao.

Ngi s dng s c iu khin t ng truy nhp vo mt trang

Web xc thc c xy dng tch hp trn cc Subcriber Gateway. Ti y,username/password s c nhp vo. Subscriber Gateway lin lc vi

AAA Server tp trung ti trung tm qun l iu hnh mng theo giao thc

RADIUS ly thng tin v khch hng trong h thng c s d liu. Nu xc

thc thnh cng th ngi s dng mi c php thng qua Subscriber



31/110

Bo mt mng khngdy

Gateway i ra Internet, v thng tin tnh cc s c Subscriber Gateway

gi v AAA Server. Subscriber Gateway cn c kh nng iu khin truy nhp

theo thi gian thc, linh ng, cho php cung cp cc loi dch v a dng.

3.2.2 M hinh trin khai cua Subscriber Gateway

Yu cu ca Subcriber Gateway l n phi c t ti ng ra duy

nht ca nhng h thng m n qun l, nh n mi c th iu khin

c vic truy nhp thng tin ca khch hng. Phng n trong iu kin hin

nay l dng Subcriber Gateway tp trung ti trung tm mng.

c im: Trong m hnh ny tt c cc im truy nhp (hotspot) phi

kt ni tp trung v trung tm mng, sau i qua h thng Subcriber

Gateway i ra Internet. H thng mng gia cc im truy nhp vi trung

tm mng phi l mng ring khng lin quan ti Internet, ng ra Internet

duy nht l qua h thng SubcriberGateway.

Hnh 3.2: M hnh trin khai Gateway

u im: Qun l tp trung, trao i thng tin AAA gia

Subcriber Gateway v AAA Server ch l trao i thng tin trong

mng nib.

Nhc im: Tt c lu lng u phi i qua WAN v Subcriber

Gateway ti trung tm mng cho d thu bao l khng hp l, v



32/110

Bo mt mng khngdy

khng c php i Internet,cc lu lng ny s lm gim hiu sut

mng.

3.2.3 M hinh u ni ca cc hotspot

Trin khai theo m hnh tp trung, k thut truyn dn s dng u

ni lSHDSL.

Hnh 3.3: M hnh u ni cc Hotspot

Trong m hnh ny cc im hotspot bao gm cc AP c kt ni v

trung tm bng mt SHDSL Router. Cc chc nng DHCP v NAT s c

thc hin trn cc Router.



33/110

Bo mt mng khngdy

Chng 4

WEP VLC(FILTERING)

Wireless Lan vn khng phi l mt mng an ton, tuy nhin ngay c

vi Wired Lan v Wan, nu bn khng c bin php bo mt th n cng khng

an ton. Cha kha m ra s an ton ca WLAN v gi cho n c an

ton l s thc hin v qun l n. o to ngi qun tr mt cch cn bn,

trn nhng cng ngh tin tin l cch quan trng to s an ton cho WLAN.

Trong phn ny chng ta s bn n bin php bo mt theo chun 802.11

bit, WEP. Tuy nhin bn thn WEP khng phi l ngn ng bo mt duy

nht, mt mnh WEP khng th m bo an ton tuyt i cho WLAN. V vym chng ta cn xem xt ti sao c s hn ch trong bo mt ca WEP, phm vi

ng dng ca WEP, v cc bin php khcphc.

Trong phn ny chng ta cng cp n mt vi bin php tn cng,

t m ngi qun tr s a c ra cc bin php phng nga. Sau

chng ta cng bn v cc bin php bo mt sn c, nhng cha c tha

nhn chnh thc bi bt c chun 802. no. Cui cng chng ta cng a ra vi

khuyn ngh v cc chnh sch bo mt cho WLAN.

4.1.WEP ( WIRED EQUIVALENT PRIVACY )

WEP (Wired Equivalent Privacy) l mt thut ton m ha s dng qu

trnh chng thc kha chia s cho vic chng thc ngi dng v m ha

phn d liu truyn trn nhng phn on mng Lan khng dy. Chun

IEEE 802.11 c bit s dng WEP.

WEP l mt thut ton n gin, s dng b pht mt chui m ngu nhin,

Pseudo Random Number Generator (PRNG) v dng m RC4. Trong vi nm,

thut ton ny c bo mt v khng sn c, thng 9 nm 1994, mt vi

ngi a m ngun ca n ln mng. Mc d bay gi m ngun l sn c,



34/110

Bo mt mng khngdy

nhng RC4 vn c ng k bi RSADSI.Chui m RC4 th m ha v gii

m rt nhanh, n rt d thc hin, v n gin cc nh pht trin phn

mm c th dng n m ha cc phn mm ca mnh.

Hnh 4.1: S qu trnh m ha s dng WEP

Hnh 4.2: S qu trnh gii m WEP

- ICV gi tr kim tra tnh ton vn

Thut ton RC4 khng thc s thch hp cho WEP, n khng lm

phng php bo mt duy nht cho mng 802.11. C hai loi 64 bit v 128bit u c cng vector khi to, Initialization Vector (IV), l 24 bit. Vector

khi to bng mt chui cc s 0, sau tng thm 1 sau mi gi dc gi. Vi

mt mng hot ng lin tc, th s kho st ch ra rng, chui m ny c th

s b trn trong vng na ngy, v th m vector ny cn c khi ng li



35/110

Bo mt mng khngdy

t nht mi ln mt ngy, tc l cc bit li tr v 0. Khi WEP c s dng,

vectorkhi to (IV) c truyn m khng c m ha cng vi mt gi

c m ha. Vic phi khi ng li v truyn khng c m ha l

nguyn nhn cho mt vi kiu tn cng sau:

-Tn cng ch ng chn gi tin mi: Mt trm di ng khng

cphp c th chn cc gi tin vo mng m c th hiu c, m khng

cn gii m.

- Tn cng ch ng gii m thng tin: Da vo s nh la im

truy nhp.

- Tn cng nh vo t in tn cng c xy dng: Sau khi thu

thp thng tin, cha kha WEP co th b crack bng cc cng c phn mmminph. Khi WEP key b crack, th vic gii m cc gi thi gian thc c

th thc hin bng cch nghe cc gi Broadcast, s dng cha kha WEP.

- Tn cng b ng gii m thng tin: S dng cc phn tch

thng k gii m d liu ca WEP.

4.1.1 Tai sao WEP c chon

WEP khng c an ton, vy ti sao WEP li c chn v a vo

chun 802.11? Chun 802.11 a ra cc tiu chun cho mt vn c gi

lbo mt, l:

- C th xut khu

- mnh

- Kh nng tng thch

- Kh nng c tnh c

- Ty chn, khng btbuc

WEP hi t cc yu t ny, khi c a vo thc hin, WEP d

nh h tr bo mt cho mc ch tin cy, iu khin truy nhp, v ton vn d

liu. Ngi ta thy rng WEP khng phi l gii php bo mt y cho



36/110

Bo mt mng khngdy

WLAN, tuy nhin cc thit b khng dy u c h tr kh nng dng

WEP, v iu c bit l h c th b sung cc bin php an ton cho WEP.

Mi nh sn xut c th s dng WEP vi cc cch khc nhau. Nh chun

Wi-fi ca WECA ch s dng t kha WEP 40 bit, mt vi hng sn xut la

chn cch tng cng cho WEP, mt vi hng khc li s dng mt chun mi

nh l 802.1X vi EAP hoc VPN.

4.1.2 Chia khoa WEP

Vn ct li ca WEP l cha kha WEP (WEP key). WEP key l

mt chui k t ch ci v s, c s dng cho hai mc ch cho WLAN

- Cha kha WEP c s dng xc nh s cho php ca mt Station

- Cha kha WEP dng m ha d liu

Khi mt client m s dng WEP c gng thc hin mt s xc thc v

lin kt ti vi mt AP (Access Point). AP s xc thc xem Client c cha

kha c xc thc hay khng, nu c, c ngha l Client phi c mt t kha l

mt phn ca cha kha WEP, cha kha WEP ny phi c so khp trn c

kt ni cui cng ca WLAN.

Mt nh qun tr mng WLAN (Admin), c th phn phi WEP key bngtay hoc mt phng php tin tin khc. H thng phn b WEP key c th

n gin nh s thc hin kha tnh, hoc tin tin s dng Server qun l cha

kha m ha tp trung. H thng WEP cng tin tin, cng ngn chn c

kh nngb ph hoi, hack.

WEP key tn ti hai loi, 64 bit v 128 bit, m i khi bn thy vit l 40

bit v 104 bit. L do ny l do c hai loi WEP key u s dng chung mt

vectorkhi to, Initialization Vector (IV) 24 bit v mt t kha b mt 40 bithoc 104 bit. Vic nhp WEP key vo client hoc cc thit b ph thuc

nh l bridge hoc AP th rt n gin. N c cu hnh nh hnh v sau :



37/110

Bo mt mng khngdy

Hnh 4.3: Giao din nhp cha kha Wep

Hu ht cc Client v AP c th a ra ng thi 4 WEP key, nhm h

trcho vic phn on mng. V d, nu h tr cho mt mng c 100 trm

khch: a ra 4 WEP key thay v mt th c th phn s ngi dng ra lm

4 nhm ring bit, mi nhm 25, nu mt WEP key b mt, th ch phi

thay i 25 Station v mt n hai AP thay v ton b mng.

Mt l do na cho vic dng nhiu WEP key, l nu mt Card tch

hp c kha 64 bit v kha 128 bit, th n c th dng phng n ti u nht,

ng thi nu h tr 128 bit th cng c th lm vic c vi cha kha 64 bit.

Theo chun 802.11, th cha kha Wep c s dng l cha kha Wep

tnh. Nu chn Wep key tnh bn phi t gn mt wep key tnh cho mt

AP hoc Client lin kt vi n, Wep key ny s khng bao gi thay i. N c

th l mt phng php bo mt cn bn, n gin, thch hp cho nhng

WLAN nh, nhng khng thch hp vi nhng mng WLAN quy m ln

hn. Nu ch s dng Wep tnh th rt d dn n s mt an ton.

Xt trng hp nu mt ngi no lm mt Card mng WLAN ca

h, card mng cha chng trnh c s m c th truy nhp vo WLAN

cho ti khi kha tnh ca WLAN c thay i.



38/110

Bo mt mng khngdy

Hnh 4.4 : S h tr s dng nhiu cha kha WEP

4.1.3 Sever qun l cha kho m ho tp trung

Vi nhng mng WLAN quy m ln s dng WEP nh mt phng

phpbo mt cn bn, server qun l cha kha m ha tp trung nn c s

dng v nhng l do sau :

- Qun l sinh cha kha tp trung.

- Qun l vic phn b cha kha mt cch tp trung.

- Thay i cha kha lunphin.

- Gim bt cng vic cho nh qun l.

Bt k s lng thit b khc nhau no cng c th ng vai tr mt

server qun l cha kha m ha tp trung. Bnh thng, khi s dng WEP,

nhng cha kha (c to bi ngi qun tr) thng c nhp bng tay

vo trong cc trm v cc AP. Khi s dng server qun l cha kha m ha tp

trung, mt qu trnh t ng gia cc trm, AP v server qun l s thc hin

vic trao cc cha kha WEP. Hnh sau m t cch thit lp mt h thng nh



39/110

Bo mt mng khngdy

vy

Hnh 4.5 : Cu hnh qun l cha kha m ha tp trungServer qun l cha kha m ha tp trung cho php sinh cha kha trn

mi gi, mi phin, hoc cc phng php khc, ph thuc vo s thc hin ca

cc nh sn xut.

Phn phi cha kha WEP trn mi gi, mi cha kha mi s c gn

vophn cui ca cc kt ni cho mi gi c gi, trong khi , phn phi

cha kha WEP trn mi phin s dng mt cha kha mi cho mi mt

phin mi gia cc node.

4.1.4 Cach s dng WEP

Khi WEP c khi to, d liu phn ti ca mi gi c gi, s

dng WEP, c m ha; tuy nhin, phn header ca mi gi, bao gm

a ch MAC, khng c m ha, tt c thng tin lp 3 bao gm a ch

ngun v a ch ch c m ha bi WEP.

Khi mt AP gi ra ngoi nhng thng tin dn ng ca n trn mtWLAN ang s dng WEP, nhng thng tin ny khng c m ha. Hy

nh rng, thng tin dn ng th khng bao gm bt c thng tin no ca lp

3.



40/110

Bo mt mng khngdy

Khi cc gi c gi i m s dng m ha WEP, nhng gi ny phi

c gii m. Qu trnh gii m ny chim cc chu k ca CPU, n lm gim

ng k thng lng trn WLAN. Mt vi nh sn xut tch hp cc CPU

trn cc AP ca h cho mc ch m ha v gii m WEP. Nhiu nh sn xut

li tch hp c m ha v gii m trn mt phn mm v s dng cng CPU

m c s dng cho qun l AP, chuyn tip gi. Nh tch hp WEP trong

phn cng, mt AP c th duy tr thng lng 5Mbps hoc nhiu hn. Tuy

nhin s bt li ca giiphp ny l gi thnh ca AP tng ln hn so vi AP

thng thng.

WEP c th c thc hin nh mt phng php bo mt cn bn,

nhng cc nh qun tr mng nn nm bt c nhng im yu ca WEP v

cch khc phc chng. Cc Admin cng nn hiu rng, mi nh cung cp s

dng WEP c th khc nhau, v vy gy ra tr ngi trong vic s dng phn

cng ca nhiu nh cung cp.

khc phc nhng khim khuyt ca WEP, chun m ha tin tin

Advanced Encryption Standard (AES) ang c cng nhn nh mt s

thay th thch hp cho thut ton RC4.AES s dng thut ton Rijndale (RINE-

dale) vi nhng loi cha kha sau:

- 128bit- 192bit- 256bit

AES c xt l mt phng php khng th crack bi hu ht ngi

vit mt m, v NIST (National Institute of Standards and Technology) chn

AES cho FIPS (Federal Information Processing Standard). Nh mt phn ci

tin cho chun 802.11, 802.11i c xem xt s dng AES trong WEP v.2.

AES, nu c ng bi 802.11i, s dng trong WEP v2, s c thc

hin trong phn vi chng trnh v cc phn mm bi cc nh cung cp.

Chng trnh c s trong AP v trong Client (Card v tuyn PCMCIA) s

phi c nng cp h tr AES. Phn mm trm khch (cc driver v cc



41/110

Bo mt mng khngdy

tin ch my khch) s h tr cu hnh AES cng vi cha kha b mt.

4.2.LC ( FILTERING)

Lc (Filtering) l mt c ch bo mt cn bn m c th dng b sungcho WEP v/hoc AES. Lc theo ngha en l chn nhng g khng mong

mun v cho php nhng g c mong mun. Filter lm vic ging nh l

mt danh sch truy nhp trn router: bng cch xc nh cc tham s m cc

trm phi gn vo truy cp mng. Vi WLAN th vic xc nh xem

cc my trm l ai v phi cu hnh nh th no. C ba loi cn bn ca

Filtering c th thc hin trn WLAN.

- Lc SSID- Lc a ch MAC- Lc giao thc

on ny s miu t mi loi ny l g, n c th lm g cho ngi

qun tr v phi cu hnh n nh th no.

4.2.1 Loc SSID

Lc SSID (SSID Filtering) l mt phng php lc s ng, v nn chc dng cho hu ht cc iu khin truy nhp. SSID (Service Set Identifier)

ch l mt thut ng khc cho tn mng. SSID ca mt trm WLAN phi

khp vi SSID trn AP (ch c s, infracstructure mode) hoc ca cc

trm khc (ch c bit, Ad-hoc mode) chng thc v lin kt Client

thit lp dch v. V l do SSID c pht qung b trong nhng bn tin dn

ng m AP hoc cc Station gi ra, nn d dng tm c SSID ca mt

mng s dng mt b phn tch mng, Sniffer. Nhiu AP c kh nng ly

cc SSID ca cc khung thng tin dn ng (beacon frame). Trong trng

hp ny client phi so khp SSID lin kt vi AP. Khi mt h thng c

cu hnh theo kiu ny, n c gi l h thng ng, closed system. Lc

SSID c coi l mt phng php khng tin cy trong vic hn ch nhng



42/110

Bo mt mng khngdy

ngi s dng tri php ca mt WLAN.

Mt vi loi AP c kh nng g b SSID t nhng thng tin dn ng

hoc cc thng tin kim tra. Trong trng hp ny, gia nhp dch v mt

trmphi c SSID c cu hnh bng tay trong vic thit t cu hnh driver.Mt vi li chung do ngi s dng WLAN to ra khi thc hin SSID l:

-S dng SSID mc nh: S thit lp ny l mt cch khc a ra

thng tin v WLAN ca bn. N n gin s dng mt b phn tch mng

ly a ch MAC khi ngun t AP, v sau xem MAC trong bng

OUI ca IEEE, bng ny lit k cc tin t a ch MAC khc nhau m c

gn cho cc nh sn xut. Cch tt nht khc phc li ny l: Lun lun

thay i SSID mc nh.-Lm cho SSID c g lin quan n cng ty: Loi thit lp ny l

mt mo him v bo mt v n lm n gin ha qu trnh mt hacker tm

thy v tr vt l ca cng ty. Khi tm kim WLAN trong mt vng a l c

bit th vic tm thy v tr vt l ca cng ty hon thnh mt na cng

vic. Khi mt ngi qun tr s dng SSID m t tn lin quan n tn cty

hoc t chc, vic tm thy WLAN s l rt d dng. Do hy nh rng:

lun lun s dng SSID khng lin quan n Cng ty.

-S dng SSID nh nhng phng tin bo mt mng WLAN: SSID

phi c ngi dng thay i trong vic thit lp cu hnh vo mng. N

nn c s dng nh mt phng tin phn on mng ch khng phi

bo mt, v th hy: lun coi SSID ch nh mt ci tn mng.

- Khng cn thit qung b cc SSID: Nu AP ca bn c kh

nng chuyn SSID t cc thng tin dn ng v cc thng tin phn hi

kim tra th hy cu hnh chng theo cch . Cu hnh ny ngn cn nhng

ngi nghe v tnh khi vic gy ri hoc s dng WLAN cabn.



43/110

Bo mt mng khngdy

4.2.2 Loc a ch MAC

WLAN c th lc da vo a ch MAC ca cc trm khch. Hu ht

tt c cc AP, thm ch c nhng ci r tin, u c chc nng lc MAC.

Ngi qun tr mng c th bin tp, phn phi v bo tr mt danh sch nhnga ch MAC c php v lp trnh chng vo cc AP. Nu mt Card PC hoc

nhng Client khc vi mt a ch MAC m khng trong danh sch a ch

MAC ca AP, n s khng th n c im truy nhp . Hnh v:

Hnh 4.6: Lc a ch MAC

Tt nhin, lp trnh cc a ch MAC ca cc Client trong mng

WLAN vo cc AP trn mt mng rng th khng thc t. B lc MAC c th

c thc hin trn vi RADIUS Server thay v trn mi im truy nhp.

Cch cu hnh ny lm cho lc MAC l mt gii php an ton, v do c kh

nng c la chn nhiu hn. Vic nhp a ch MAC cng vi thng tin xc

nh ngi s dng vo RADIUS kh l n gin, m c th phi c nhp

bng bt c cch no, l mt gii php tt. RADIUS Server thng tr n cc

ngun chng thc khc, v vy cc ngun chng thc khc phi c h tr b

lc MAC.

B lc MAC c th lm vic tt trong ch ngc li. Xt mt v d,

mt ngi lm thu b vic v mang theo c Card Lan khng dy ca h. Card

Wlan ny nm gi c cha kha WEP v b lc MAC v th khng th h



44/110

Bo mt mng khngdy

cn c quyn s dng. Khi ngi qun tr c th loi b a ch

MAC ca my khch ra khi danh sch chophp.

Mc d Lc MAC trng c v l mt phng php bo mt tt, chng

vn cn d b nh hng bi nhng thm nhp sau:- S n trm mt Card PC trong c mt b lc MAC ca AP.

- Vic thm d WLAN v sau gi mo vi mt a ch MAC thm nhp vo mng.

Vi nhng mng gia nh hoc nhng mng trong vn phng nh, ni m

c mt s lng nh cc trm khch, th vic dng b lc MAC l mt gii

phpbo mt hiu qa. V khng mt hacker thng minh no li tn hng gi

truy nhp vo mt mng c gi tr s dng thp.

4.2.3 Circumventing Mac Filter

a ch MAC ca Client WLAN thng c pht qung b bi cc AP

v Bridge, ngay c khi s dng WEP. V th mt hacker m c th nghe c

lu lng trn mng ca bn c th nhanh chng tm thy hu ht cc a ch

MAC m c cho php trn mng khng dy ca bn. mt b phn

tch mng thy c a ch MAC ca mt trm, trm phi truyn mt khungqua on mng khng dy, y chnh l c s a n vic xy dng mt

phng phpbo mt mng, to ng hm trong VPN, m s c cp

phn sau.

Mt vi card PC khng dy cho php thay i a ch MAC ca h thng

qua phn mm hoc thm ch qua cch thay i cu hnh h thng. Mt

hacker c danh sch cc a ch MAC cho php, c th d dng thay i a ch

MAC ca card PC ph hp vi mt card PC trn mng ca bn, v do truynhp ti ton b mng khng dy cabn.

Do hai trm vi cng a ch MAC khng th ng thi tn ti trn mt

WLAN, hacker phi tm mt a ch MAC ca mt trm m hin thi khng

trn mng. Chnh trong thi gian trm di ng hoc my tnh sch tay khng c



45/110

Bo mt mng khngdy

trn mng l thi gian m hacker c th truy nhp vo mng tt nht.

Lc MAC nn c s dng khi kh thi, nhng khng phi l c ch

bo mt duy nht trn my cabn.

4.2.4 Loc giao thc

Mng Lan khng dy c th lc cc gi i qua mng da trn cc giao

thc lp 2-7. Trong nhiu trng hp, cc nh sn xut lm cc b lc giao

thc c th nh hnh c lp cho c nhng on mng hu tuyn v v tuyn

ca AP.

Tng tng mt hon cnh, trong mt nhm cu ni khng dy c

t trn mt Remote building trong mt mng WLAN ca mt trng ihc m kt ni li ti AP ca ta nh k thut trung tm. V tt c nhng ngi

s dng trong remote building chia s bng thng 5Mbs gia nhng ta nh

ny, nn mt s lng ng k cc iu khin trn cc s dng ny phi c

thc hin. Nu cc kt ni ny c ci t vi mc ch c bit ca s truy

nhp internet ca ngi s dng, th b lc giao thc s loi tr tt c cc

giao thc, ngoi trSMTP, POP3, HTTP, HTTPS, FTP. . .

Hnh 4.7: Lc giao thc



46/110

Bo mt mng khngdy

Chng 5

KH NNG TN CNG TRN WLAN,CC GII

PHP,CHNH SCH V KHUYN CO V BO MT

5.1. CC KH NNG TN CNG TRN WLAN

Mt s tn cng c c th gy v hiu ha hoc c th tm cch truy

nhp WLAN tri php theo mt vi cch.

Tn cng b ng (Nghe trm) Passive attacks.

Tn cng ch ng (kt ni, d v cu hnh mng) Active attacks.

Tn cng theo kiu chn p, Jamming attacks.

Tn cng theo kiu thu ht, Man-in-the-middle attacks.

Trn y ch lit k mt vi kiu tn cng, trong mt vi kiu c th

thc hin c theo nhiu cch khc nhau.

5.1.1 Tn cng b ng

Nghe trm c l l phng php n gin nht, tuy nhin n vn c hiu

qu i vi WLAN. Tn cng b ng nh mt cuc nghe trm, m khng pht

hin c s c mt ca ngi nghe trm (hacker) trn hoc gn mng khi

hacker khng thc s kt ni ti AP lng nghe cc gi tin truyn qua

phn on mng khng dy. Nhng thit b phn tch mng hoc nhngng dng khc c s dng ly thng tin ca WLAN t mt khong

cch vi mt antenhng tnh.



47/110

Bo mt mng khngdy

Hnh 5.1 : Tn cng b ng

Phng php ny cho php hacker gi khong cch thun li khng

b pht hin, nghe v thu nht thng tin qu gi.

Hnh 5.2 : Qu trnh ly cha kha WEP

C nhng ng dng c kh nng ly pass t cc Site HTTP, email,

cc instant messenger, cc phin FTP, cc phin telnet m c gi di dng

text khng c m ha. C nhng ng dng khc c th ly pass trn nhng



48/110

Bo mt mng khngdy

phn on mng khng dy gia Client v Server cho mc ch truy nhp

mng.

Hy xem xt tc ng nu mt hacker tm c cch truy nhp ti

mt domain ca ngi s dng, hacker s ng nhp vo domain cangi s dng v gy hu qu nghim trng trn mng. Tt nhin vic l

do hacker thc hin, nhng ngi dng l ngi phi trc tip chu trch

nhim, v gnh chu mi hu qu, v c th i ti ch mt vic.

Xt mt tnh hung khc m trong HTTP hoc email password b ly

trn nhng phn on mng khng dy, v sau c hacker s dng vi mc

ch truy nhp ti WLAN .

5.1.2 Tn cng ch ng

Nhng hacker c th s dng phng php tn cng ch ng thc

hin mt vi chc nng trn mng. Mt s tn cng ch ng c th c

dng tm cch truy nhp ti mt server ly nhng d liu quan trng,

s dng s truy nhp ti mng internet ca t chc cho nhng mc ch c

hi, thm ch thay i cu hnh c s h tng mng. Bng cch kt ni ti

mt mng WLAN thng qua mt AP, mt ngi s dng c th bt uthm nhp xu hn vo trong mng v thm ch lm thay i chnh mng

khng dy .

Chng hn mt hacker qua c b lc MAC, sau hacker c th tm

cch ti AP v g b tt c cc b lc MAC, lm cho n d dng hn trong ln

truy nhp tip theo. Ngi qun tr c th khng n s kin ny trong

mt thigian. Hnh di y m t mt kiu tn cng ch ng trn WLAN.



49/110

Bo mt mng khngdy

Hnh 5.3 : Tn cng ch ng

Mt vi v d ca tn cng ch ng c th nh vic gi bomb, cc spam

do cc spammer hoc cc doanh nghip i th mun truy nhp n h s ca

bn. Sau khi thu c mt a ch IP t DHCP server ca bn, hacker c th gi

hng ngn l th s dng kt ni Internet v ISPs email server ca bn m bn

khngbit. Kiu tn cng ny c th l nguyn nhn m ISP ca bn ct kt

ni cho email ca bn do s lm dng email, mc d li khng phi dobn gy ra. Mt i th c th ly bng danh sch khch hng, bng lng

ca bn m khng b pht hin.

Khi hacker c kt ni khng dy ti mng ca bn th anh ta cng c th

truy cp vo mng hu tuyn trong vn phng, v hai s kin khng khc nhau

nhiu. Nhng kt ni khng dy cho php hacker v tc , s truy nhp ti

server, kt ni ti mng din rng, kt ni internet, ti desktop v laptop ca

nhng ngi s dng.Vi mt vi cng c n gin, c th ly cc thng

tin quan trng, chim quyn ca ngi s dng, hoc thm ch ph hy

mng bng cch cu hnh li mng.

S dng cc server tm kim vi vic qut cc cng, to nhng phin rng

chia s v c nhng server phc v vic c nh password, hacker khng



50/110

Bo mt mng khngdy

th thay i c pass, nng cao cc tin ch v ngn chn kiu tn cng

ny.

5.1.3 Tn cng theo kiu chn p

Trong khi mt hacker s dng phng php tn cng b ng, ch

ng ly thng tin t vic truy cp ti mng ca bn, tn cng theo kiu chn

p, Jamming, l mt k thut s dng n gin ng mng ca bn.

Tng t nh vic k ph hoi sp t mt s t chi dch v mt cch p

o, s tn cng c nhm vo Web server, v vy mt WLAN c th ngng

lm vicbi mt tn hiu RF p o. Tn hiu RF c th v tnh hoc c ,

v tn hiu c th di chuyn hoc c nh. Khi mt hacker thc hin mt

cuc tn cng Jamming c ch , hacker c th s dng thit b WLAN nhngc nhiu kh nng hn l hacker s dng mt my pht tn hiu RF cng sut

cao hoc myto sng qut.

Hnh 5.4 : Tn cng theo kiu chn p

loi b kiu tn cng ny, yu cu trc ht l tm c ngun pht

tnh hiu RF ,bng cch phn tch ph.C nhiu my phn tch ph trn

th trng, nhng mt my phn tch ph cm tay v chy bng pin thi tin li



51/110

Bo mt mng khngdy

hn c.

Mt vi nh sn xut ch to nhng b phn tch ph cm tay, trong khi

mt vi nh sn xut khc to ra cc phn mm phn tch ph cho ngi

dng tch hp ngay trong cc thit b WLAN.Khi Jamming gy ra bi mt ngun c nh, khng ch , nh mt

thp truyn thng hoc cc h thng hp php khc, th ngi qun tr WLAN

c thphi xem xt n vic s dng b thit t cc tn s khc nhau.

V d nu mt admin c trch nhim thit k v ci t mt mng RF

trong mt khu phng rng, phc tp, th ngi cn phi xem xt mt cch k

cng theo th t. Nu ngun giao thoa l mt in thoi, hoc cc thit b lm

vic di tn 2,4Ghz, th admin c th s dng thit b di tn UNII, 5Ghz,thay v di tn 802.11b, 2,4Ghz v chia s di tn ISM 2,4Ghz vi cc thit b

khc.

S Jamming khng ch xy ra vi mi thit b m dng chung di

tn 2,4Ghz. Jamming khng phi l s e da nghim trng v jamming khng

th c thc hin ph bin bi hacker do vn gi c ca thit b, n

qu t trong khi hacker ch tm thi v hiu ha c mng.

5.1.4 Tn cng bng cch thu ht

Kiu tn cng ny, Man-in-the-middle Attacks, l mt tnh trng m

trong mt c nhn s dng mt AP chim ot s iu khin ca mt

node di ng bng cch gi nhng tn hiu mnh hn nhng tn hiu hp

php m AP ang gi ti nhng node . Sau node di ng kt hp vi

AP tri php ny, gi cc d liu ca ngi xm nhp ny, c th l cc

thng tin nhy cm. Hnh v sau a ra mt m hnh cho s tn cng kiu ny



52/110

Bo mt mng khngdy

Hnh 5.5 : Man-in-the-middle attacks

cc client lin kt vi AP tri php th cng sut ca AP phi cao

hn nhiu ca cc AP khc trong khu vc v i khi phi l nguyn nhntch cc cho cc user truy nhp ti. Vic mt kt ni vi AP hp php c th

nh l mt vic tnh c trong qu trnh vo mng, v mt vi client s kt

ni ti AP triphp mt cch ngu nhin.

Ngi thc hin man-in-the-middle attack trc tin phi bit SSID

m client s dng, v phi bit WEP key ca mng, nu n ang c s dng.

Kt ni ngc (hng v pha mng li) t AP tri php c iu

khin thng qua mt thit b client nh l PC card, hoc workgroup bridge.

Nhiu khi man-in-the-middle attack c sp t s dng mt laptop vi

hai PCMCIA card. Phn mm AP chy trn mt laptop m mt PC card

c s dng nh l mt AP v PC card th hai c dng kt ni laptop ti

gn AP hpphp. Kiu cu hnh ny lm laptop thnh mt man-in-the-middle

attack vn hnh gia client v AP hp php. Mt hacker theo kiu man-

in-the-middle attack c th ly c cc thng tin c gi tr bng cch chy mt

chng trnhphn tch mng trn laptop trong trng hp ny.



53/110

Bo mt mng khngdy

Hnh 5.6 : Trc cuc tn cng

Hnh 5.7 : V sau cuc tn cng

Mt iu c bit vi kiu tn cng ny l ngi s dng khng th

pht hin ra c cuc tn cng, v lng thng tin m thu nht c bng kiu

tn cng ny l gii hn, n bng lng thng tin th phm ly c trong

khi cn trn mng m khng b pht hin.

Bin php tt nht ngn nga loi tn cng ny l bo mt lp vt l



54/110

Bo mt mng khngdy

5.2.CC GII PHP BO MT C NGH

V WLAN vn khng phi l an ton, bn cnh WEP cng

khng phi l phng php bo mt duy nht v hon ho cho WLAN,nn y l c hi quan trng a ra cc phng php bo mt b sung

cho WLAN.

Nhng phng php bo mt ny c a ra c th ng vai tr

quan trng trong mng Lan khng dy ca bn.

5.2.1 Quan l cha kho WEP

Thay v s dng cha kha WEP tnh, m c th d dng b pht hinbi hacker. WLAN c th c bo mt hn bi vic thc hin cc cha

kha trn tng phin hoc tng gi, s dng mt h thng phn phi cha

kha tp trung.

S phn phi cha kha WEP cho mi phin, mi gi s gn mt cha

kha WEP mi cho c Client v AP cho mi phin hoc mi gi

c gi gia chng. Trong khi kha ng thm nhiu overhead v gim

bt lu lng, chng lm cho vic hack vo mng thng qua nhng onmng khng dy tr ln kh khn hn nhiu. Hacker c th phi d on

chui cha kha m serverphnphi cha kha ang dng, iu ny l rt

kh.

Hy nh l WEP ch bo v thng tin lp 3-7 v d liu phn ti,

nhng khng m ha a ch MAC hoc cc thng tin dn ng. Mt

b phn tch mng c th bt bt c thng tin no c truyn qung b

trong bn tin dn ng t AP hoc bt c thng tin a ch MAC notrong nhng gi unicast t client.

t mt server qun l cha kha m ha tp trung vo ch

thch hp, ngi qun tr WLAN phi tm mt ng dng m thc hin

nhim v ny, mua mt server vi mt h iu hnh thch hp, v cu hnh



55/110

Bo mt mng khngdy

ng dng theo nhu cu. Qu trnh ny c th tn km v cn nhiu thi gi,

ph thuc vo quy m trin khai. Tuy nhin chi ph s nhanh chng thu li

c nh vic ngn nga nhngph tn thit hi do hacker gy ra.

5.2.2 Wireless VPNs

Nhng nh sn xut WLAN ngy cng tng cc chng trnh phc v

mng ring o, VPN, trong cc AP, Gateway, cho php dng k thut VPN

bo mt cho kt ni WLAN. Khi VPN server c xy dng vo AP, cc

client s dng phn mm Off-the-shelf VPN, s dng cc giao thc nh

PPTP hoc Ipsec hnh thnh mt ng hm trc tip ti AP.

Trc tin client lin kt ti im truy nhp, sau quay s ktni VPN, c yu cu thc hin client i qua c AP. Tt c lu

lng c qua thng qua ng hm, v c th c m ha thm mt

lp an ton. Hnh sau y m t mt cu hnh mng nh vy :

Hnh 5.8: Wireless VPN



56/110

Bo mt mng khngdy

S s dng PPTP vi nhng bo mt c chia s rt n gin

thc hin v cung cp mt mc an ton hp l, c bit khi c thm m

ha WEP. S s dng Ipsec vi nhng b mt dng chung hoc nhng scho php l gii php chung ca s la chn gia nhng k nng bo

mt trong phm vi hot ng ny. Khi VPN server c cung cp vo

trong mt Gateway, qu trnh xy ra tng t, ch c iu sau khi client

lin kt vi AP, ng hm VPN c thit lp vi thit b gateway thay

v vi bn thn AP.

Cng c nhng nh cung cp ang n gh ci tin cho nhng gii

php VPN hin thi ca h (phn cng hoc phn mm) h tr ccclient khng dy v cnh tranh trn th trng WLAN. Nhng thit b

hoc nhng ng dng ny phc v trong cng kh nng nh Gateway,

gia nhng on v tuyn v mng li hu tuyn. Nhng gii php VPN

khng dy kh n gin v kinh t. Nu mt admin cha c kinh nghim

vi cc gii php VPN, th nn tham d mt kha o to trc khi thc

hin n. VPN m h tr cho WLAN c thit k mt cch kh n gin,

c th c trin khai bi mt ngi ang tp s, chnh iu l gii tisao cc thit b ny li ph bin nh vy i vi ngi dng.

5.2.3 Ki thut ch kho nhy

Gn y, k thut cha kha nhy s dng m ha MD5 v nhng

cha kha m ha thay i lin tc tr ln sn dng trong mi trng

WLAN. Mng thay i lin tc, hops, t mt cha kha ny n mt

cha kha khc thng thng 3 giy mt ln. Gii php ny yu cu phn

cng ring v ch l gii php tm thi trong khi ch s chp thun

chun bo mt tin tin 802.11i. Thut ton cha kha ny thc hin nh

vy khc phc nhng nhc im ca WEP, nh vn v vector khi

to.



57/110

Bo mt mng khngdy

5.2.4 Temporal Key Intergrity Protocol(TKIP)TKIP thc cht l mt s ci tin WEP m vn gi nhng vn bo

mt bit trong WEP ca chui dng s RC4. TKIP cung cp cch lm ri

vectorkhi to chng li vic nghe ln cc gi mt cch th ng. N

cng cung cp s kim tra tnh ton vn thng bo gip xc nh liu

c phi mt ngi s dng khng hp php sa i nhng gi tin bng

cch chn vo lu lng c th crack cha kha. TKIP bao gm s s

dng cc cha kha ng chng li s n cp cc cha kha mt cch bng, mt l hng ln trong chun WEP.

TKIP c th thc hin thng qua cc vi chng trnh c nng cp

cho AP v bridge cng nh nhng phn mm v vi chng trnh nng cp

cho thit b client khng dy. TKIP ch r cc quy tc s dng vector

khi to, cc th tc to li cha kha da trn 802.1x, s trn cha kha

trn mi gi v m ton vn thng bo. S c s gim tnh thc thi khi s

dng TKIP, tuy nhin b li l tnhbo mt c tng cng ng k, nto ra mt s cn bng hp l.

5.2.5 Nhng gii php da trn AES

Nhng gii php da trn AES c th thay th WEP s dng RC4,

nhng ch l tm thi. Mc d khng c sn phm no s dng AES

ang c trn th trng, mt vi nh sn xut ang thc hin a chng

ra th trng. Bn d tho 802.11i ch r s s dng ca AES, v xemxt cc ngi s dng trong vic s dng n. AES c v nh l mt b

phn hon thnh chun ny.

K thut m ha d liu ang thay i ti mt gii php mnh

nh AES s tc ng ng k trn bo mt mng WLAN, nhng vn phi



58/110

Bo mt mng khngdy

l gii php ph bin s dng trn nhng mng rng nh nhng server

qun l cha kha m ha tp trung t ng ha qu trnh trao i cha

kha. Nu mt card v tuyn ca client b mt, m c nhng cha

kha m ha AES, n khng quan trng vi vic AES mnh n mc

no bi v th phm vn c th c c s truy nhp ti mng.

5.2.6 Wireless Gateway

Trn wireless gateway by gi sn sng vi cng ngh VPN, nh l

NT, DHCP, PPPoE, WEP, MAC filter v c l thm ch l mt filewall

xy dng sn. Nhng thit b ny cho cc vn phng nh vi mt vi

trm lm vic v dng chng kt ni ti internet. Gi ca nhng thit b

ny rt thay i ph thuc vo phm vi nhng dch v c ngh.

Nhng wireless gateway trn mng quy m ln hn l mt s thch

nghi cbit ca VPN v server chng thc cho WLAN. Gateway ny

nm trn on mng hu tuyn gia AP v mng hu tuyn. Nh tn

ca n, Gateway iu khin s truy nhp t WLAN ln on mng hu

tuyn, v th trong khi mt hacker c th lng nghe hoc truy cp c ti

on mng khng dy, gateway bo v h thng phn b hu tuyn khi

s tn cng.

Mt v d mt trng hp tt nht trin khai m hnh gateway nh

vy c th l hon cnh sau: gi thit mt bnh vin s dng 40 AP trn

vi tng cabnh vin. Vn u t ca h vo y l kh ln, v th nu cc

AP khng h trcc bin php an ton m c th nng cp, th tng tnh

bo mt, bnh vin phi thay ton b s AP. Trong khi nu h thu

mt gateway th cng vic ny s n gin v tn km hn nhiu.

Gateway ny c th c kt ni gia chuyn mch li v chuyn mch

phn b (m ni ti AP) v c th ng vai tr ca server chng thc,

server VPN m qua tt c cc client khng dy c th kt ni. Thay v

trin khai tt c cc AP mi, mt (hoc nhiu hn ty thuc quy m mng)

gateway c th c ci t ng sau cc AP.



59/110

Bo mt mng khngdy

S dng kiu gateway ny cung cp mt s an ton thay cho nhm

cc AP. a s cc gateway mng khng dy h tr mt mng cc giao thc

nh PPTP, IPsec, L2TP, chng thc v thm ch c QoS

5.2.7 V 802.1x v giao thc chng thc m

Chun 802.1x cung cp nhng chi tit k thut cho s iu khin truy

nhp thng qua nhng cng c bn. S iu khin truy nhp thng qua

nhng cng cbn c khi u, v vn ang c s dng vi chuyn

mch Ethernet. Khi ngi dng th ni ti cng Ethernet, cng s t

kt ni ca ngi s dng ch kha v ch i s xc nhn ngi s

dng ca h thng chng thc.

Giao thc 802.1x c kt hp vo trong h thng WLAN v gn

nh tr thnh mt chun gia nhng nh cung cp. Khi c kt hp

giao thc chng thc m (EAP), 802.1x c th cung cp mt s

chng thc trn mt mi trng an ton v linh hot.

EAP, c nh ngha trc tin cho giao thc point-to-point

(PPP), l mt giao thc chuyn i mt phng php chng thc.

EAP c nh ngha trong RFC 2284 v nh ngha nhng c trngca phng php chng thc,bao gm nhng vn ngi s dng c

yu cu (password, certificate, v.v), giao thc c s dng (MD5, TLS,

GMS, OTP, v.v), h tr sinh cha kha t ng v h tr s chng thc ln

nhau. C l hin thi c c t loi EAP trn th trng, mt khi c nhng

ngi s dng cng ngh v IEEE u khng ng bt k mt loi

ring l no, hoc mt danh sch nh cc loi, t to ra mt chun.

M hnh chng thc 802.1x-EAP thnh cng thc hin nh sau:



60/110

Bo mt mng khngdy

Hnh 5.9: Qu trnh chng thc 802.1x-EAP

1. Client yu cu lin kt ti AP.

2. AP p li yu cu lin kt vi mt yu cu nhn dng EAP.

3. Client gi p li yu cu nhn dng EAP cho AP.

4. Thng tin p li yu cu nhn dng EAP ca client cchuyn ti Server chng thc.

5. Server chng thc gi mt yu cu cho php ti AP.

6. AP chuyn yu cu cho php ti client.7. Client gi tr li s cp php EAP ti AP.

8. AP chuyn s tr li ti Server chng thc.

9. Server chng thc gi mt thng bo thnh cng EAP ti AP.

10. AP chuyn thng bo thnh cng ti client v t cng caclient trong ch forward.



61/110

Bo mt mng khngdy

5.3.CHNH SCH BO MT

Mt cng ty m s dng WLAN nn c mt chnh sch bo mt

thch hp. V d , nu khng c chnh sch ng n m cho kch thc

cell khng thch hp, th s to iu kin cho hacker c c hi tt truycp vo mng ti nhng im ngoi vng kim sot ca cty, nhng vn

nm trong vng ph sng ca AP. Cc vn cn a ra trong chnh

sch bo mt ca cng ty l cc vn v password, cha kha WEP,

bo mt vt l, s s dng cc gii php bo mt tin tin, v nh gi

phn cng WLAN. Danh sch ny tt nhin khng y , bi cc gii php

an ton s thay i vi mi mt t chc. phc tp ca chnh sch bo

mt ph thuc vo nhng yu cu an ton ca t chc cng nh l phmvi ca mng WLAN trong mng.

Nhng li ch ca vic thc hin, bo tr mt chnh sch bo mt

em li l vic ngn nga s n cp d liu, s ph hoi ca cc tp on

cnh tranh, v c th pht hin v bt gi cc k xm nhp tri php.

S bt u tt nht cho cc chnh sch bo mt l vic qun l.

Cc chnh sch bo mt cn c xem xt v d on, v cn a vo cng

vi cc ti liu xy dng tp on. Vic bo mt cho WLAN cn c phn

b thch hp, v nhng ngi c giao trch nhim thc hin phi c

o to mt cch quy m. i ng ny li phi thnh lp chng mc ti

liu mt cch chi tit c th lm ti liu tham kho cho cc i ng k

cn.

5.3.1 Bao mt cc thng tin nhy cm

Mt vi thng tin nn ch c bit bi ngi qun tr mng l:

- Username v password ca AP v Bridge- Nhng chui SNMP- Cha kha WEP- Danh sch a ch MAC



62/110

Bo mt mng khngdy

Nhng thng tin ny phi c ct gi bi mt ngi tin cy,

c kinh nghim, nh ngi qun tr mng, l rt quan trng bi n l

nhng thng tin nhy cm m nu l ra th c th l nguyn nhn ca

s truy nhp tri php, hoc thm ch l s ph hy c mt mng. Nhng

thng tin ny c th c ct gi trong nhiu kiu khc nhau.

5.3.2 S an ton vt l

Mc d bo mt vt l khi s dng mng hu tuyn truyn thng

l quan trng, thm ch quan trng hn cho mt cng ty s dng cng

ngh WLAN. Nh cp t trc, mt ngi m c card PC

wireless (v c th l mt anten) khng phi trong cng khu vc mng c

th truy cp ti mng . Thm ch phn mm d tm s xm nhp

khng ngn cn nhng hacker n cp thng tin nhy cm. S nghe ln

khng li du vt trn mng bi v khng c kt ni no c thc hin.

C nhng ng dng trn th trng by gi c th pht hin cc card

mng trong ch pha tp (dng chung), truy nhp d liu m khng

to kt ni.

Khi WEP l gii php bo mt WLAN thch hp, nhng iu khin

cht ch nn t trn nhng ngi dng m c s hu cc thit b client

khng dy ca cng ty, khng cho php h mang cc thit b client

ra khi cng ty. V cha kha WEP c gi trong cc chng trnh c s

trn thit b client, bt k ni no c card, v th ;lm cho mi lin kt an

ton ca mng yu nht.Ngi qun tr WLAN cn phi bit ai, u, khi

no mi card PC c mang i.

Thng nhng yu cu nh vy l qu gii hn ca mt ngi

qun tr, ngi qun tr cn nhn ra rng, bn thn WEP khng phi l

mt gii php an ton thch hp cho WLAN. K c vi s qun l cht

nh vy, nu mt card b mt hoc b n trm, ngi c trch nhim vi

card (ngi s dng) phi c yu cu bo co ngay vi ngi qun

tr, c nhng bin php phng thch hp. Nhng bin php ti thiu



63/110

Bo mt mng khngdy

phi lm l t li b lc MAC, thay i cha kha WEP,v.v.

Cho php nhm bo v qut nh k xung quanh khu vc cng ty

pht hin nhng hot ng ng ng. Nhng nhn s ny c hun

luyn nhn raphn cng 802.11 v cnh gic cc nhn vin trong cngty lun lun quan st nhng ngi khng trong cng ty ang trn quanh

ta nh vi cc phn cng c bn ca 802.11 th cng rt hiu qu trong

vic thu hp nguy c tn cng.

5.3.3 Kim k thit b Wlan v kim nh s an ton

Nh mt s b sung ti chnh sch an ton vt l, tt c cc thit b

WLAN cn c kim k u n lp chng mc cho php v khngcho php cc ngi s dng thit b WLAN truy nhp ti mng ca t

chc. Nu mng qu ln v bao gm mt s lng ng k cc thit b

khng dy th vic kim k nh k c th khng kh thi. Trong nhng

trng hp nh vy th cn thit thc hin nhng gii php bo mt WLAN

m khng da trn phn cng, nhng dnhin l vn da trn username v

password hoc mt vi loi khc trong cc gii php bo mt khng da

trn phn cng. Vi nhng mng khng dy trung bnh v nh, s kim khng thng hoc hng qu gip pht hin nhng s mt mt cc phn cng.

Qut nh k vi cc b phn tch mng pht hin cc thit b xm

nhp, l cch rt tt bo mt mng WLAN.

5.3.4 S dng cc gii php bo mt tin tin

Nhng t chc WLAN cn tn dng mt vi c ch bo mt tin tin

c sn trn th trng. iu cng cn c cp trong chnh sch

bo mt ca cng ty. V nhng cng ngh ny kh mi,cn c quyn

v thng c s dng phi hp vi cc giao thc, cc cng ngh khc.

Chng cn c lp thnh ti liu hng dn, nu c mt s xm phm

xut hin, th ngi qun tr c th xc nh ni v cch m s xm nhp

xut hin.



64/110

Bo mt mng khngdy

Bi ch c s t c o to v bo mt WLAN, do nhng

ngi ny l rt quan trng, v th chnh sch tin lng cng c

cp n trong cc chnh sch bo mt ca cng ty, tp on. N cng l

mt trong cc mc cn c lp ti liu chi tit.

5.3.5 Mang khng dy cng cng

iu tt yu s xy ra l nhng ngi s dng ca cng ty vi

nhng thng tin nhy cm ca h s kt ni t laptop ca h ti WLAN

cng cng. iu ny cng nm trong chnh sch bo mt ca cng ty.

Nhng ngi dng phi chy nhng phn mm firewall c nhn v

cc phn mm chng virus trn laptop ca h. a s cc mng WLANcng cng c t hoc khng c s bo mt no, nhm lm cho kt ni

ca ngi dng n gin v gim bt s lng cc h tr k thut

c yu cu.

5.3.6 S truy cp c kim tra v gii hn

Hu ht cc mng Lan ln u c mt vi phng php gii hn

v kim tra s truy nhp ca ngi s dng.

Tiu biu l mt h thng h tr chng thc,s cp php,v cc dch

v Accounting(Authentication,Authorization,Accountting(AAA))c trin

khai.Nhng dch v AAA cho php t chc gn quyn s dng vo nhng

lp cbit ca ngi dng. V d mt ngi dng tm thi c th ch

c truy cp vo internet trong mt phm vi no .

Vic qun l ngi s dng cn cho php xem xt ngi lm

g trn mng, thi gian v chng mc h vo.



65/110

Bo mt mng khngdy

5.4.KHUYN CO V BO MT

Vi khuyn co trong vic bo mt mng WLAN :

5.4.1 Khuyn co v WEP

Khng c ch tin cy vo WEP, khng c mt bin php no hon

ton tt m bn c th ch dng n bo mt. Mt mi trng

khng dy m ch c bo v bi WEP th khng phi l mt mi

trng an ton. Khi s dng WEP khng c s dng cha kha WEP

m lin quan n SSID hoc tn ca t chc lm cho cha kha WEP kh

nh v kh lun ra. C nhiu trng hp trong thc t m cha kha WEP

c th d dng on c nh vic xem SSID hoc tn ca t chc.

WEP l mt gii php c hiu qa gim bt vic mt thng tin

khi tnh cb nghe thy, bi ngi khng c cha kha WEP thch hp,

do trnh c s truy nhp ca i tng ny.

5.4.2 inh c CELL

gim bt c hi nghe trm, ngi qun tr nn chc chn rng

kch ccell ca AP phi thch hp. Phn ln hacker tm nhng ni m tn

t thi gian v nng lng nht tm cch truy cp mng. V l do ny,

rt quan trng khi khng cho php nhng AP pht ra nhng tn hiu ra

ngoi khu vc an ton ca t chc, tr khi tuyt i cn thit. Vi AP cho

php cu hnh mc cng sut u ra, do c th iu khin kch thc

Cell RF xung quanh AP. Nu mt ngi nghe trm nm trong khu vc

khng c bo v ca t chc v khng pht hin c mng ca bn,

th mng ca bn khngphi l d b nh hng bi loi tn cng ny.

C th ngi qun tr mng s dng cc thit b vi cng sut ln

nht t thng lng ln v vng bao ph rng, nhng iu ny s phi

tr gi bng vic chi ph v cc bin php bo mt. V vy vi mi im

truy nhp cn bit cc thng s nh cng sut, vng ph sng, kh nng



66/110

Bo mt mng khngdy

iu khin kch thc cell. V vic iu khin bn knh cell cn phi c

nghin cu cho k v lp thnh ti liu hng dn cng vi cu hnh ca

AP hoc ca bridge cho mi vng. Trong vi trng hp c th cn thit

t hai AP c kch c cell nh hn thay v mt AP trnh nhng tn hi

khng nn c.

C gng t AP ca bn v pha trung tm ca ta nh, n s gim

thiu vic r tn hiu ra ngoi phm vi mong i. Nu bn ang s

dng nhng anten ngoi, phi la chn ng loi anten c ch cho vic

ti gin phm vi tn hiu. Tt cc AP khi khng s dng. Nhng iu ny

s gim thiu nguy c b tn cng v gim nh gnh nng qun l mng.

5.4.3 S chng thc ngi dung

S chng thc ngi dng l mt mi lin kt yu nht ca

WLAN, v chun 802.11 khng ch r bt k mt phng php chng

thc no, l yu cu bt buc m ngi qun tr phi lm vi ngi s

dng ngay khi thit lp c s h tng cho WLAN. S chng thc

ngi dng da vo Username v Password, th thng minh, m thng

bo, hoc mt vi loi bo mt no dng xc nh ngi dng, khngphi l phn cng. Gi php thc hin cn h tr s chng thc song

hng gia Server chng thc v cc client khng dy, v d nh

RADIUS server).

RADIUS l chun khng chnh thc trong h thng chng thc

ngi s dng. Cc AP gi nhng yu cu chng thc ngi s dng n

mt RADIUS server, m c th hoc c mt c s d liu c gn sn

hoc c th qua yu cu chng thc ti mt b iu khin vng, nh

NDS server, active directory server, hoc thm ch l mt h thng c s

d liu tng hp LDAP.

Mt vi RADIUS vendor c nhng sn phm Radius hu hiu

hn, h trcc bn mi nht cho cc giao thc chng thc nh l nhiu



67/110

Bo mt mng khngdy

loi EAP.

Vic qun tr mt Radius server c th rt n gin nhng cng

c th rtphc tp, ph thuc vo yu cu cn thc hin. Bi cc gii php

bo mt khng dy rt nhy cm, do cn cn thn khi chn mt giiphp Radius server chc chn rng ngi qun tr c th qun tr n

hoc n c th lm vic hiu qa vi ngi qun tr Radius ang tn ti.

5.4.4 S bo mt cn thit

Chn mt gii php bo mt m ph hp vi nhu cu v ngn

sch ca t chc, cho c by gi v mai sau. WLAN ang nhanh chng

ph bin nh vy v s thc hin d dng. Mt WLAN bt u vi 1 APv 5 client c th nhanh chng ln ti 15 AP v 300 client. Do cng

mt c ch an ton lm vic cho mt AP l iu hon ton khng th chp

nhn c cho 300 Ap, nh th s lm tng chi ph bo mt mt cch

ng k. Trong trng hp ny, t chc cn c cc phng php bo mt

cho c h thng nh: h thng pht hin xm nhp, firewalls, Radius server.

Khi quyt nh cc gii php trn WLAN, th cc thit b ny xt v lu

di, l mt nhn t quan trng gim chi ph.5.4.5 S dng thm cc cng c bo mt

Tn dng cc cng ngh sn c nh VPNs, firewall, h thng pht

hin xm nhp, Intrusion Detection System (IDS), cc giao thc v cc

chun nh 802.1x v EAP, v chng thc client vi Radius c th gip

cc gii php an ton nm ngoi phm vi m chun 802.11 yu cu,

v tha nhn. Gi v thi gian thc hin cc gii php ny thay i ty

theo quy m thc hin.



68/110

Bo mt mng khngdy

5.4.6 Theo doi cc phn cng tri php

pht hin ra cc AP tri php, cc phin d cc AP cn

c hoch nh c th nhng khng c cng b. Tch cc tm v xa

b cc AP tri php s gi n nh cu hnh AP v lm tng tnh an ton.Vic ny c th c thc hin trong khi theo di mng mt cch bnh

thng v hp l. Kiu theo di ny thm ch c th tm thy cc thit b b

mt.

5.4.7 Swiches hay Hubs

Mt nguyn tc n gin khc l lun kt ni cc AP ti switch thay

v hub, hub l thit b qung b, do d b mt pass v IP address.

5.4.8 Wireless DMZ

tng khc trong vic thc hin bo mt cho nhng segment khng

dy l thit lp mt vng ring cho mng khng dy, Wireless

DeMilitarized Zone (WDMZ). To vng WDMZ s dng firewalls hoc

router th c th rt tn km, ph thuc vo quy m, mc thc hin.

WDMZ ni chung c thc hin vi nhng mi trng WLAN rng

ln. Bi cc AP v c bn l cc thit b khng bo m v khng an

ton, nn cn phi tch ra khi cc on mng khc bng thit b firewall.



69/110

Bo mt mng khngdy

Hnh 5.10: Wireless DeMilitarized Zone

5.4.9 Cp nhp cc vi chng trnh v cc phn mm

Cp nht vi chng trnh v driver trn AP v card khng dy ca

bn. Lun lun s dng nhng chng trnh c s v driver mi nht

trn AP v card khng dy ca bn. Thng th cc c tnh an ton, cc

vn c bn s c c nh, b sung thm nhng c tnh mi, s khcphc cc l hng trong cc cp nht ny.



70/110

Bo mt mng khngdy

Chng 6

TRIN KHAI MNG KHNG DY TI TRNG I

HC DN LP HI PHNG

Hin nay mng khng dy ngy cng ph bin, s ging vin, cn b,

sinh vin c my tnh xch tay ngy cng nhiu , nhu cu lm vic,hc tp

thng qua mng cng tng. Trc nhng i hi thc t , vic xy dng

h thng mng khng dy cho nh trng ngy cng cp thit.

6.1.Y NGHIA,MUC ICH CUA VIC TRIN KHAI MNGKHNG DY :

Phc v cho nhu vu lm vic , hc tp, nghin cu ca ging vin,

cn b cng nhn vin v sinh vin nh trng.

- Phc v nhu cu ca hc ch tn ch.

- Tn dng ti a ngun ti nguyn mng Lan v cc ng truyninternet ca nh trng.

- M rng kh nng lm vic ca cc ng dng nh trng.

- Phc v sinh vin ngy cng tt hn.

Trung tm Thng tin th vin thnh cng nghin cu v thit k

mng khng dy cho khu Ging ng v khu Khch sn sinh vin vi mc

tiu :

- Cung cp mng khng dy cho khch sn sinh vin v khu ging

ng Trng i hc Dn lp Hi Phng.

- Kt ni mng gia khu Ging ng v khu Khch sn Sinh vin.

- Ngi dng kt ni c ng LAN, s dng cc ng dng ca



71/110

Bo mt mng khngdy

mng ni b.

- Ngi dng kt ni c vo mng Internet tc cao.

- p ng c cho 630 ngi dng ng thi.

- p ng c cc nhu cu bo mt khc nhau.

- Linh hot kh nng ty bin , thay i theo nhu cu thc t.

ng trc nhu cu nghin cu hc tp ngy cng ln cn b, sinh

vin, vi xu hng ngy cng hin i ha c s vt cht nhm a trng

i hc Dn Lp Hi Phng tr thnh 1 ngi trng hin i h thng mng

khng dy c chp thun trin khai ti khu Ging ng v khu Khch

sn sinh vin vi trang thit b h tng c s hin i.

6.2.S TRIN KHAI :

6.2.1 Khu Ging ng

S thit k :

Hnh 6.1 : V tr lp t cc AP ti khu Ging ng



72/110

Bo mt mng khngdy

H thng cc AccessPoint bao gm 11 Wireless Router c b tr

lp t ti cc v tr ln lt 2 Wireless Router ti pha trc khu nh A, 1

Wireless Router ti pha trc nh C , 1 Wireless Router ti nh D, 1 thit b

ti nh H, 1 thit b ti nh E , 1 thit b ti nh phng qun tr mng, 1 thit

b ti cawngtin sinh vin v 4 Wireless Router lp t ti cc tng khu nhG.

AP Loi thit b V tr Knh Ghi ch

AP1 WRT110N hoc WRT610N A202 1

AP2 WRT110N hoc WRT610N A204 5

AP3 WRT110N hoc WRT610N E301 9

AP4 WRT110N hoc WRT610N Ban d n 11

AP5 WRT110N hoc WRT610N C203 3

AP6 WRT110N hoc WRT610N D202 7

AP7 WRT110N hoc WRT610N Pha sau C104 10 Dng cho cngtin SV

AP8 WRT110N hoc WRT610N Tng 2 nh G 2




S kt ni vt l :



73/110

Bo mt mng khngdy

Hnh 6.2 : s kt ni vt l cc AP ti khu Ging ng

Cc AP 1,2,3,5 c ni v phng

Doko.vn Bao Mat Trong Mang Khong Day W

Documents

Transcript of Doko.vn Bao Mat Trong Mang Khong Day W