Wireless LAN model IEEE 802 11 802 11
- Slides: 49
Wireless LAN model
IEEE 802. 11? 802. 11 b 802. 11 a 802. 11 g Year 1997 1999 2001 2002 Speed 1 -2 Mbps 5/11 Mbps <54 Mbps Freq. 2. 4 GHz 5 GHz 2. 4 GHz Chan. FHSS-75 11 (3 n. DSSS-14 over) 12 (3 nover) 3 n-over Range ? 30 m 100 m
Infrastructure Mode Access Point Basic Service Set (BSS) – Single cell Station Extended Service Set (ESS) – Multiple cells
Ad-Hoc Mode Independent Basic Service Set (IBSS)
Discovery - Open Network Node SSID Matches Beacon Association Req Association Resp Node is Associated Access Point Accepts Node
Discovery - Closed Network Node SSID Matches Probe Req Access Point Probe Resp SSID Matches Association Req Association Resp Node is Associated Access Point Accepts Node
User authentication l l ตามมาตรฐาน 802. 11 กำหนดรปแบบของการ Authentication ไว 2 รปแบบคอ Open System Authentication และ Share-Key Authentication: Open System authentication - ทำการ Authentication ใหกบทกคนท - ไมมการกำหนดรหสผาน Request Authentication request Device Authentication response Access Point
User authentication l Shared-Key authentication l ม Key ในการ Authentication เพอเขาใชงานระบบ l ขอเสยคอสามารถดกจบขอมลดงกลาว และมกระบวนการเพอหาคยได Initiator Responder Authentication request “challange“ text string WEP encryption WEP decryption of challange text„challange“ text string of encrypted text Encrypted with shared key Positive / negative response based on decryption result
WEP ใน 802. 11 b l l l Confidentiality l ใชคยขนาด 40 -bit ในการเขารหส (เพมเปน WEP 2) l ใช RC 4 algorithm Access Control l ใช Shared key authentication + Encryption Data Integrity l มการสราง checksum ในทกๆ messages 104 -bit ใน
802. 11 WEP Frame 802. 11 header IV KEY ID Unencrypted Encrypted Payload ICV (FCS) ICV is a CRC-32 checksum over the Payload (802 Header and the Data)
จดออนของ l l WEP Poorly implemented encryption l Key reuse, small keys Weak authentication No key management No interception detection
การโจมตใน 802. 11 l l l Key recovery - Air. Snort Man-in-the-middle Denial of service Authentication forging Known plaintext Known ciphertext
Net. Stumbler
Misconfiguration l l Default configuration l Default SSID l Broadcast SSID l Default WEP Key l Default SNMP Community Word Configuration Interface l SNMP l Web l Serial l Telnet
Misconfiguration l l Client Side Security Risk l ตำแหนงทเกบ WEP Key และ SSID ในระบบ Installation Risk l Default Installation
WPA 2 / 802. 11 Task Group i l l WPA 2 = 802. 11 i ใชหลกการของ Robust Security Network (RSN) การปรบปรงหลกจาก WPA คอการใช AES ในการเขารหส มกใช Hardware ในการเขารหส AES มการทำงานเปน 2 โหมดเหมอน WPA: l Enterprise Mode: authentication ใช 802. 1 X/EAP และ encryption ใช AES-CCMP l Personal Mode: authentication ใช PSK และ encryption ใช AESCCMP
802. 11 i Authentication Source: Cam-Winget, Moore, Stanley and Walker
Comparison of the standards WEP Cipher Key Size Key Life Packet Key Data Integrity Key Management RC 4 40 or 104 bits 24 bit IV Concatenation CRC 32 None WPA 2 RC 4 104 bits per. Pack 48 bit IV Two. Phase. Mix Michael MIC 802. 1 X/EAP/PSK AES 128 bits encry. 48 bit IV Not Needed CCM 802. 1 X/EAP/PSK Security Level
Secure Wireless Deployment Components Wireless Clients Wireless Access Points l. Radio Types: 802. 11 a/b/g l. Network Authentication: 802. 1 X, WPA 2/802. 11 i* l. Encryption: WEP, TKIP, AES l. RADIUS Server l. EAP/TLS l. PEAP-MSCHAPv 2 l. Remote User account database Certificate Authority (optional) Access Policies l. Remote Access permissions l. Credentials = Passwords l. Credentials = Certificates
- Wireless lan 802
- Bridges from 802.x to 802.y
- Bridges from 802.x to 802.y
- 802-11-wireless-security
- Gast 802 11 wireless networks "torrent"
- 802 ieee
- 802 ieee
- Ieee 802 family
- Wlan standards
- Ieee 802 standard
- Ieee 802
- Ieee 802 3 compliance
- Arquitetura ieee 802
- Bluetooth ieee 802
- Telecommunications the internet and wireless technology
- Fujitsu wifi controller
- Juniper wlan controller
- Juniper wlm series wireless lan managers
- High speed wireless lan
- Wireless lan protocols
- Wireless lan protocols
- What does a wireless lan (wlan) act as to a wired network?
- Lan 1232
- Lan switching and wireless
- Free space propagation model in wireless communication
- Friis free space propagation model
- Free space propagation model in wireless communication
- Mac address
- 802 15
- Project 802
- Wlan 802
- Geo 802
- Multical 602
- 09 802 0561
- Project 802
- 802 5
- 802 3
- 802 eap
- Ccna 640-802
- 802 3
- 802 16
- 802 11
- Ssin-802
- 802 11 b
- Standardy 802
- 802 701
- 507-802-380
- Nn dfe
- 802 protocols
- 802/11