bao mat vlan va cac cong cu tan cong

7/30/2019 Bao Mat Vlan Va Cac Cong Cu Tan Cong

1/21

CHNG I. BO MT WLAN

1.1. Gii thiu v bo mt

Bo mt l vn ht sc quan trng i vi ngi dng trong tt c cch thng mng (LAN, WLAN). Nhng do bt ngun t tnh c huca mi trng khng dy. kt ni ti mt mng LAN hu tuyn cn

phi truy cp theo ng truyn bng dy cp, phi kt ni mt PC vomt cng mng. Vi mng khng dy Wi- Fi ch cn c thit b trongvng sng l c th truy cp c nn vn bo mt cho mng khngdyWi- Fi l cc k quan trng v lm au u nhng ngi s dngmng.

iu khin cho mng hu tuyn l n gin: ng truyn bng cpthng thng c i trong cc ta nh cao tng v cc port khng sdng c th lm cho n disable bng cc ng dng qun l. Cc mngkhng dy (hay v tuyn) s dng sng v tuyn xuyn qua vt liu cacc ta nh v nh vy s bao ph l khng gii hn bn trong mt tanh. Sng v tuyn c th xut hin trn ng ph, t cc trm pht tcc mng Wi- Fi ny, v nh vy ai cng c th truy cp nh vo cc

thit b thch hp. Do mng khng dy ca mt cng ty cng c th btruy cp t bn ngoi ta nh cng ty ca h.

Hnh 1.1 th hin mt ngi l c th truy cp n mt LAN khng dyt bn ngoi nh th no. Gii php y l phi lm sao c c s

bo mt cho mng chng c vic truy cp theo kiu ny.


2/21

Hnh 1.1: Mt ngi l truy cp vo mng

Khng ging nh cc h thng hu tuyn c bo v vt l, cc mngv tuyn khng c nh trong mt phm vi. Chng c di chuyn ra xa

khong 1000 bc chn ngoi ranh gii ca v tr gc vi mt laptop vmt anten thu. Nhng iu ny lm cho mng Wi- Fi rt d b xm phm.

Bo mt l vn rt quan trng v c bit rt c s quan tm canhng doanh nghip. Khng nhng th, bo mt cng l nguyn nhnkhin doanh nghip e ngi khi ci t mng cc b khng dy WLAN.H lo ngi v nhng im yu trong bo mt WEP (Wired EquivalentPrivacy), v quan tm ti nhng gii php bo mt mi thay th an tonhn.

IEEE v Wi-Fi Alliance pht trin cc gii php c tnh bo mt hnl: Bo v truy cp WPA (Wi-Fi Protected Access), v IEEE 802.11i(hay cn c gi l WPA2), bo mt bng xc thc 802.1x v mt gii

php tnh th khc mang tn VPN Fix cng gip tng cng bo mtmng khng dy cho mi trng mng khng dy cc b.

Theo nh Webtorial, WPA v 802.11i c s dng tng ng l 29%v 22%. Mt khc, 42% c s dng cho cc "gii php tnh th" khc

nh: bo mt h thng mng ring o VPN (Vitual Private Network) quamng cc b khng dy.

1 .2 . V sao phi bo mt

Mng WLAN vn l mt mng khng an ton, tuy nhin ngay cvi mng Wired LAN hay WAN nu khng cphngphpbo mt huhiu u khng an ton. kt ni ti mt mng LAN hu tuyn ngidng cnphi truy cp theo ngtruynbngdycp,phiktnimtPC

vo mtcngmng.Cc mngkhng dy s dng sng v tuyn xuyn quavt liu ca cc ta nh, nh vy, sbaoph ca sng v tuyn khngphi ch trongphm vi ca ta nh y. Do ,mngkhng dy ca mtcngtycngc thb truycptbnngoi tanhcngtycah nh ccthit b thch hp. Vi gi thnh xy dng mt h thngmngWLANgim,ngycngc nhiut chc, cng ty v cc c nhn s dng. iu ny s khng th


3/21

trnh khivic hacker chuyn sang tn cng v khai thc cc im yutrn nn tng mng s dng chun802.11.NhngcngcSniffers chophpbtc ccgitingiaotiptrnmng,hc thphntchvlyinhngthngtinquantrngcachngta.Ngoira,hackercth ly i nhng

d liu mt ca cng ty, xen vophin giao dch gia t chc v khchhng ly nhng thng tin nhy cm hocph hoi h thng.Nhng tntht to ln ti t chc,cngtykhngth lngtrc c. V th,xydngm hnhchnhschbo mtlcnthit.

1.3. nh gi vn an ton bo mt ton h thng

mbo an ninh cho mng, cnphi xy dng mt s tiu chunnh gi mc anninhantonmng.Mts tiuchunc thanhnlthc o mcanton ca mng.

1.3.1. Trnphng dinvtl

C thitbdphngnngcho cc tnhhunghngtngt.C khnngthay thnngtngphn hoc tonphn (hot-plug,hot-swap).

Bomtanninhnilutrccmy ch.

Khnng cpnht,nng cp,bxungphn cngvphn mm.

Yucungunin,cdphng trongtnhhung mttngt.

Cc yu cuph hp vi mi trng xung quanh: m, nhit ,chngst, phng chngchyn,vv...

1.3.2. Trnphng dinlogic Tnhbmt(Confidentiality)

L gii hn cc i tng c quyn truy xut n thng tin. itng truy xut thng tin c th l con ngi, my tnh vphn mm.Ty theo tnh cht ca thngtinmmcbmtcachng cthkhcnhau.

Tnh xcthc(Authentication)

Lin quan ti vic mbo rng mt cuc trao i thng tin lng tin cy. Trong trng hp mtbn tin n l, v dnhmt tnhiubo nghaycnhbo, chc nng ca dch v y quyn l mbo


4/21

bnnhnrngbntinltngunmnxcnhn lng.

Trongtrnghpmt tngtc angxyra,vdktnicamtucui n my ch, c hai vn sau: th nht ti thi imkhi to ktni,dchvmbo rnghai thc th lngtin.Michnglmt thc

th c xc nhn.Thhai,dchvcnphimbo rngktni lkhngbgynhiudo mt thc th thbacthgi mo l mt trong hai thcth hpphp truyn tin hoc nhn tin khng cchophp.

Tnh tonvn (Integrity)

Tnh ton vn mbo s tntinguynvncathngtin,loi trmisthay i thng tin c ch ch hoc do h hng, mt mt thngtin vsc thitbhoc phn mm.

Tnh khng thph nhn (Nonrepudiation)Tnh khng thph nhnbo m rng ngi gi v ngi nhnkhng

th chib mtbn tin c truyn. V vy, khimtbntinc gii,bnnhnc th chng minh c rngbn tin thtsc gi tngi gihpphp.Honton tngt,khimtbntinc nhn,bngic th chngminhcbntinng thtcnhnbingi nhn hpl.

Tnh khdng (Availability)

Mt h thng mbo tnhsnsngc ngha lc th truynhpdliubtclc no mong mun trong vng mt khong thi gian chophp.Cc cuc tn cng khc nhau c th to ra s mt mt hoc thiu v ssn sng ca dch v. Tnhkh dng ca dch v th hin kh nng ngnchn v khiphc nhng tn tht ca h thngdocccuctncnggyra.

Khnng iukhintruynhp (AccessControl)

Trong hon cnh ca an ninh mng, iu khintruycplkhnnghnch cc truy nhp vi my ch thng qua ng truyn thng. tc vic iu khin ny, mi mt thc th c gng t c quyn truynhp cnphi c nhn din, hoc c xc nhn sao cho quyn truynhp c th c p ng nhu cu i vi tngngi.

1.4. Cc phng php bo mt mng Wlan1.4.1. Ccphng phplc

1.4.1.1. LcSSID


5/21

Lc SSID (SSID Filtering) l mtphngphp lc ch c dngcho hu ht cc iu khin truy nhp. SSID ca mt trm WLANphikhp vi SSID trn AP hoccacctrmkhc chngthcv linktClientthitlpdchv.

Nhiu AP c kh nnglycc SSIDcacc khungthngtindnng(beacon frame). Trong trng hpnyclientphiso khpSSIDlinktvi AP.Lc SSID c coi l mtphngphp khng tin cytrong vic hnch nhngngi sdngtriphpcamtWLAN.

Mtvi lichungdongi sdng WLAN torakhi thchinSSID l:

Sdng SSIDmc nh: Sthit lpnylmtcchkhcarathngtinv WLANcamng.N ngin sdngmtbphntchmngly a ch MAC khi ngun t AP. Cch tt nht khcphc li ny l:

Lun lunthayiSSIDmcnh. S dng SSID nh nhng phng tin bo mt mng WLAN: SSIDphi c ngi dng thay i trong vic thit lp cu hnh vo mng.N nn c s dng nh mtphngtinphnonmngchkhngphibo mt,vthhy: luncoiSSIDchnhmtcitnmng.

Khng cn thit qung b cc SSID:Nu AP ca mng c khnngchuyn SSID t cc thng tin dnngvcc thngtinphnhi kimtrathhy cu hnh chng theo cch . Cuhnhnyngncnnhngnginghe v tnh khivicgy rihocsdng WLAN.

1.4.1.2. LcachMAC

WLAN c th lc da vo a chMACcacc trmkhch.HuhtttcccAP uc chc nnglc MAC.Ngi quntrmngcthbintp,phnphivbotr mt danh sch nhng a ch MACcphpvlptrnhchngvo cc AP.Nu mt cardPChoc nhngClientkhc vimtachMACmkhngtrongdanhschachMAC caAP,nskhngthncimtruynhp .


6/21

Hnh2.3:LcachMAC.

Lp trnh cc a ch MAC ca cc Client trong mng WLAN vocc AP trn mt mng rng l khng thc t. B lc MAC c th cthc hin trn RADIUS Server thay v trn mi im truy nhp. Cchcu hnh nylmcho lc MAClmt giiphp anton,vdockhnng clachnnhiuhn.

Mc dLcMACtrngc v lmtphngphpbomttt,chngvncndbnhhng binhng thmnhp sau:

SntrmmtCard PCtrongcmtblcMACcaAP Vic thm d WLAN v sau gi mo vi mt a ch MAC thm nhp vo mng. Vi nhng mnggianhhoc nhngmngtrongvnphngnh,nimc mts lngnh cc trmkhch,thvic dngb lc MAClmtgiiphpbomthiu qu.Vkhngmthacker thngminhno li tnhnggi truynhpvomtmngcgitrsdng thp

1.4.1.3. Lc giao thc

MngWLANcthlcccgiiquamngdatrnccgiaothclp2nlp Trongnhiutrnghp,cc nhsnxut lmccb lcgiaothccthnhhnh c lpcho cnhngonmnghutuynvv tuyncaAP.Nuccktnicci t vi mc ch cbitcas truynhpInternetcangi sdng, thb lc giaothcsloittcgiaothc,ngoi trSMTP, POP3,HTTP, HTTPS, FTP,...


7/21

Hnh 2.4 Lc giao thc

1.4.2. Chng thcNgi sdngmuntruynhpvo cc tinguyncamngthsphi

cxc nhnbihthngbomt.Ccccbnkimsotsxcthcngis dng: Xc thc ngi s dng: Cungcpquynsdngcc dchvcho mingi dng. Mi khi mun s dng mt ti nguyn hay dch v ca hthng,anhtasphi c xc thcbi mt my ch xc thc ngi sdng v kim tra xemcquyn sdng dchv haytinguyn cahthngkhng.

Xc thc trm lm vic: Chophp ngi s dng c quyn truynhp ti nhngmyc achxc nh.Ngc livi vic xc thc ngisdng,xc thctrmlmvic khnggiihnvi ccdchv.

Xc thc phin lm vic: Chophp ngi sdngphixc thc sdng tngdchv trongmiphinlmvic. Cccgiiphp cbnsau:

TACAC dng chovictruynhp txathngqua CiscoRouter. RADIUS khphbinchovictruynhp txa(RemoteAccess).

Firewall cnglmtcngcmnh chophpxc thcccloitrn.

1.4.3. Wlan VPN Nhiu nh sn xut WLAN tch hp phn mm VPN server vo trongAP v

gateway chophp s dng cng ngh VPN bo mt kt ni khng


8/21

dy. Lc , clientphisdngphnmmVPNclientchycc giao thcnhPPTP hayIPSec thitlptunneltrctipnAP.

Trc tin, clientphi kt nivi AP.Sau,mtktniVPNdial

-upsphi c to ra cho client truyntraffic quaAP.Ttctraffictruynquatunnelcth c m ha v a vo tunnel tng thmmtlpbo mtna.Giiphpnycuimlgichplv citkhngin.

Hnh 2.5 M hnh s sng VPN

1.4.4. Mha dliutruyn

1.4.4.1. WEP(Wired EquivalentPrivacy) WEP lthut tonmhac ixngc nghalqutrnhmhavqutrnh gii m u dng mt kha dng chung (share key), kha nyAP s dng v Client ccp. WEP lmt thut tonnhmbovstraoithngtinchnglisnghetrm, chng li nhng kt nimngkhngc chophpcngnhchnglivic thayi hoc lm nhiu thng tin truyn. Kha dng chungv vector khi to (IV) l hai ngun d liu u vo cab to m dngthut tonRC4 to rachuikha(key stream). Mc khcphn ni dung

bn tin cb xung thmphn kim tra CRCto thnhgi tinmi.Gi tinmi vnc nidungdngchamha(planttext)s c kthpvi chuicckhakeystreamtheothuttonXORtothnhmtbntin c m ha (cipher text). Bn tin ny v chui IVc ngthnhgiphpi.Vicgiimxyrangc li.


9/21

Hnh2.6:SmhaWEP

WEP s dng kha c nhc chias giamtAccess Point vnhiungi dng cng vi mt IV ngu nhin 24bit. Do , cng mt IVs c s dng li nhiu ln. Bng cc thu thp thng tin truyn i,Attacker c th c thngtincn thitcthbkhaWEPangdng.Nhng nhc imvbomtWEP:

MtkhikhaWEP cbit,k tncngcthgiimthngtintruyniv c th thay i ni dung ca thng tin truyn i. Do vy WEPkhngm boctnhbmtv tonven. Vic s dng mt kha c nh c chnbi ngi s dng v tkhi c thay i (tc c ngha l kha WEP khng c t ng thay i)lm cho WEPrtdbttcng. WEP chophp ngi dng xc thc AP trongkhiAP khngth xcminhtnh xc thc ca ngi dng.Ni mt cch khc, WEP khng cungng mutual authentication.

1.4.4.2. WPA(WifiProtectedAccess)

WEP c xy dng bo v mtmngkhngdytrnhbnghetrm.Nhng nhanhchngsau ngi taphthinranhiul hngcngnghny.Do,cng ngh mictngiWPArai,khcphc cnhiunhc imcaWEP. Mt trongnhngci tinquantrngnhtcaWPAlsdnghmthayikho TKIP (Temporal Key Integrity Protocol). WPA cng s dng

thut ton RC4 nh WEP nhngmhoy128bit.Vmtc imkhclWPAthayikhocho migi tin.Cc cngcthuthpcc gi tinphkhomhoukhngth thc hin c vi WPA. Bi WPAthay i kho lin tc nn hacker khngbao gi thu thp d liu mu tm ra mt khu. Khng nhng th, WPAcnbao gmkim tratnhtonvncathngtin(Message IntegrityCheck).Vvy,d liukhngthbthay i trong khi ang trnngtruyn.Mt trongnhngimhpdn


10/21

nhtca WPAlkhngyucuvphncngnhiu,chcnthitbchtrlcthsdng c. Ccbn nng cp minph vphn mm cho huht cc Card mng v im truycpsdng WPArtddng v csn. WPAc sn 2 la chn: WPAPersonalvWPAEnterprise.C2 la

chnny usdnggiao thc TKIP vskhcbitchlkhokhitomholcu.WPA Personal thch hp cho gia nh v mng vnphngnh, kho khi to s c s dngticc im truycpvthitbmytrm.Trongkhi,WPAchodoanhnghip cnmtmychxc thc v802.1xcungcpcckhokhitochomiphinlm vic. TrongkhiWi-FiAlliance araWPA,vccoilloi trmilhngdb tn cngcaWEP nhngngi sdngvnkhngthc s tintngvo WPA.C mt l hngtrongWPAvlinychxyraviWPAPersonal.Khimhmthayi kho TKIP c s dng to ra cc kho

m hobpht hin, nuhacker c th on c kho khi to hoc mtphncamtkhu,h c th xc nhc tonb mtkhu,do c thgiimcdliu.Tuynhin,lhngnycngsbloibbng cch sdng nhng kho khi to khng d on. iu ny cng c ngha rng kthut TKIP ca WPA ch l giiphp tm thi, cha cung cp mtphng thcbomtcaonht WPA ch thch hp vi nhng cng ty mkhng truyn d liu "mt" v thng mi, hay cc thng tin nhy cm...WPAcng thch hp vi nhnghotng hng ngy v mang tnhthnghim cngngh.

1.4.4.3. WPA2(WifiProtectedAccessversion2)

WPA2 cng tng t nh WPAnhng s dngphngphpmhamnhhn AES (AdvancedEncryption Standard) vi dikha256bits.Trnlthuyt,AES vnc thb c,nhngthi gianb kholkhngkhthi trongthc t tnhtithiimny, chonnncxemlantontuyti. Mc dvy,WPA2 cnggpphivn lkh khntrongvicgibmtkho nydo nhngngi sdngc th nicho nhauhocb l dov

tnhghikharau


11/21

CHNG II. TN CNG WLAN

2.1. Mt s hnh thc tn cng Wlan ph bin2.1.1. Tncngbng(PassiveAttack)

Tn cng b ng (passive) hay nghe ln (eavesdropping) c l l mt phngphp tn cng WLAN n gin nht nhng vn rt hiu qu. Passive attack khng li mt du vt no chng t c s hin din ca hacker trong mng v hackerkhng tht kt ni vi AP lng nghe cc gi tin truyn trn on mng khng dy.WLAN sniffer hay cc ng dng min ph c th c s dng thu thp thng tinv mng khng dy khong cch xa bng cch s dng anten nh hng. Phng

php ny cho php hacker gi khong cch vi mng, khng li du vt trong khivn lng nghe v thu thp c nhng thng tin qu gi. C nhiu ng dng c kh nng thu thp c password t nhng da chHTTP, email, instant message, phin lm vic FTP, telnet. Nhng kiu kt ni trnu truyn password theo dng clear text (khng m ha). Nhiu ng dng c th btc password hash (mt m c bm) truyn trn on mng khng dy giaclient v server lc client ng nhp vo. Bt k thng tin no truyn trn on mngkhng dy theo kiu ny u rt d b tn cng bi hacker. Hy xem xt nhng tcng nu nh hacker c th ng nhp vo mng bng thng tin ca mt ngi dngno v gy ra nhng thit hi cho mng. Hacker l th phm nhng nhng thngtin log c li ch n ngi dng m hacker ng nhp vo. iu ny c thlm cho nhn vin mt vic


12/21

Hnh 2.1 Tn cng b ng

2.1.2. Tn cng ch ng (Active Attack)

Hacker c th tn cng ch ng (active) thc hin mt s tc v trn

mng. Mt cuc tn cng ch ng c th c s dng truy cp voserver v ly c nhng d liu c gi tr hay s dng ng kt niInternet ca doanh nghip thc hin nhng mc ch ph hoi hay thmch l thay i cu hnh ca h tng mng. Bng cch kt ni vi mngkhng dy thng qua AP, hacker c th xm nhp su hn vo mng hocc th thay i cu hnh ca mng. V d, mt hacker c th sa i thm MAC address ca hacker vo danh sch cho php ca MAC filtertrn AP hay v hiu ha tnh nng MAC filter gip cho vic t nhp sau

ny d dng hn. Admin thm ch khng bit c thay i ny trong mtthi gian di nu nh khng kim tra thng xuyn.

Mt s v d in hnh ca active attack c th bao gm cc Spammer haycc i th cnh tranh mun t nhp vo c s d liu ca cng ty bn.Mt spammer (k pht tn th rc) c th gi mt lc nhiu mail n mngca gia nh hay doanh nghip thng qua kt ni khng dy WLAN. Saukhi c c a ch IP t DHCP server, hacker c th gi c ngn bc ths dng kt ni internet ca bn m bn khng h bit. Kiu tn cng ny

c th lm cho ISP ca bn ngt kt ni email ca bn v lm dng ginhiu mail mc d khng phi li ca bn.


13/21

Hnh 2.2 Tn cng ch ng

Mt khi hacker c c kt ni khng dy vo mng ca bn, hn cth truy cp vo server, s dng kt ni WAN, Internet hay truy cp nlaptop, desktop ngi dng. Cng vi mt s cng c n gin, hacker cth d dng thu thp c nhng thng tin quan trng, gi mo ngi dnghay thm ch gy thit hi cho mng bng cch cu hnh sai. D tm server

bng cch qut cng, to ra phin lm vic NULL chia s hay crackpassword, sau ng nhp vo server bng account crack c lnhng iu m hacker c th lm i vi mng ca bn.

2.1.3. Phng thcbtgitin(Sniffing)

Bt gi tin l khi nim tng qut Nghe trm (Eavesdropping) sdng trong mng my tnh.C l lphngphpnginnht,tuynhinnvnc hiuquivi vic tn cng WLAN. Bt gi tin c th hiu nh l

mtphng thc ly trmthng tin khi t mt thitb thu nm trong hocnm gn vngph sng. Tn cng kiubtgi tins khbphthinrascmtcathitbbtgi tindthitb nm trong hoc nm gn vngphsng nuthitbkhngthc sktni ti AP thuccgitin.

Vicbtgi tinmngc dythngc thc hindatrncc thitbphn cng mng, v d nh vic s dngphn mmbt gi tin trnphn


14/21

iukhinthongtin ra vo ca mt card mng trn my tnh, c ngha lcngphibit loi thitb phn cng s dng,phi tm cch ci tphnmmbtgi ln,vv..tc lkhng n gin. i vi mng khng dy,nguyn l trn vn ng nhng khng nht thit phi s dng v c nhiu

cch ly thng tin n gin, d dng hn nhiu. Bi vivi mng khngdy, thng tin cpht trn mi trng truyn sng v ai cng c ththuc.

Nhng chng trnhbt gi tin c kh nng ly cc thng tin quantrng, mt khu, ... t cc qu trnh trao i thng tintrnmycachngtavi cc site HTTP, email, cc instant messenger, ccphin FTP, ccphin Telnet nu nhng thng tin trao i di dng vnbn khngm ha (clear text). C nhngchngtrnhcth ly c mt khu trnmng khng dy ca qu trnh trao i gia Client v Server khi ang

thc hinqutrnhnhpmtkhu ngnhp.Cngtvicbtgi tin, cth nmc thngtin,phntchc lulngcamng(Trafficanalysis), ph nng lngtrongkhnggiancacc vng.T mk tncngc thbitchnosngtruyntt,chno km,chnotptrungnhiumy.

Bt gi tin ngoi vic trc tip gip cho qu trnhphhoi,n cngintipl tin cho ccphng thcphhoikhc.Btgi tinlcscaccphngthctn cng nh n trm thng tin, thuthpthngtinphnbmng(wardriving),d m,bm(keycrack),...

Binphpngnchnbtgi tin:Vbtgi tinlphngthc tncngkiub ng nn rt khpht hin v do c im truyn sng trong khnggian nn khngthphngngavic nghe trmcak tncng.Giiphpraylnngcaokhnng m ha thng tin sao cho k tncngkhngthgiim c,khi thngtinlyc s thnhv gitriviktncng.CchttnhtphngchngSniffing lmhathnglngbng IPSec.my.

2.1.4. Tn cng yu cu xc thc li (De-Authentication)

L phng php khai thc li chun 802.11.

Attacker gi thng ip deauthentication (broadcast)

Cc my client chp nhn thng ip => yu cu AP kt ni li=> mng b tt nghn.


15/21

Nhm mc ch ph hot kt ni ca cc my client

Hnh 2.3 Tn cng yu cu xc thc li

2.1.5. Tn cng truyn li (Relay Attack)

Tn cng truyn li (Replay Attack) l tin tc ng chn ngang vic truynthng tin hp l v ri s dng li n. Tin tc khng thay i bn tin m ch gi lin trong thi im thch hp theo s la chn ca tin tc.

Trong mng 802.11, tn cng truyn li to ra kiu tn cng t chi dch v vkhi nt nhn c mt bn tin hp l n s chim dng bng thng v tnh ton thigian gii m bn tin . Cc li d b tn cng nht trong 802.11 rt nhy vi hnhthc tn cng ny l cc bn tin khng c th t mt cch r rng. Trong 802.11khng c cch no d v loi b cc bn tin b truyn li.

2.1.6. Gi mo AP (Rogue Access Point)


16/21

Gi mo AP l kiu tn cng man in the middle c in. y l kiu tn cngm tin tc ng gia v trm lu lng truyn gia 2 nt. Kiu tn cng ny rtmnh v tin tc c th trm tt c lu lng i qua mng. Rt kh khn to mtcuc tn cng man in the middle trong mng c dy bi v kiu tn cng ny yu

cu truy cp thc s n ng truyn. Trong mng khng dy th li rt d b tncng kiu ny. Tin tc cn phi to ra mt AP thu ht nhiu s la chn hn APchnh thng. AP gi ny c th c thit lp bng cch sao chp tt c cc cu hnhca AP chnh thng l: SSID, a ch MAC ...

Bc tip theo l lm cho nn nhn thc hin kt ni ti AP gi. Cch th nhtl i cho ngui dng t kt ni. Cch th hai l gy ra mt cuc tn cng t chidch v DoS trong AP chnh thng do vy ngui dng s phi kt ni li vi AP gi.

Trong mng 802.11 s la chn AP c thc hin bi cng ca tn hiu nhn.iu duy nht tin tc phi thc hin l chc chn rng AP ca mnh c cng tnhiu mnh hn c. c c iu tin tc phi t AP ca mnh gn ngi b lahn l AP chnh thng hoc s dng k thut anten nh hng. Sau khi nn nhnkt ni ti AP gi, nn nhn vn hot ng nh bnh thng do vy nu nn nhn ktni n mt AP chnh thng khc th d liu ca nn nhn u i qua AP gi. Tin tcs s dng cc tin ch ghi li mt khu ca nn nhn khi trao i vi WebServer. Nh vy tin tc s c c tt c nhng g anh ta mun ng nhp vo

mng chnh thng.Kiu tn cng ny tn ti l do trong 802.11 khng yu cu chng thc 2

hng gia AP v nt. AP pht qung b ra ton mng. iu ny rt d b tin tcnghe trm v do vy tin tc c th ly c tt c cc thng tin m chng cn. Ccnt trong mng s dng WEP chng thc chng vi AP nhng WEP cng cnhng l hng c th khai thc. Mt tin tc c th nghe trm thng tin v s dng b

phn tch m ho trm mt khu ca ngi dng.


17/21

Hnh 2.4. Gi mo AP

2.1.7. Tn cng da trn s cm nhn sng mang lp vt l

Tn s l mt nhc im bo mt trong mng khng dy. Mc nguy himthay i ph thuc vo giao din ca lp vt l. C mt vi tham s quyt nh schu ng ca mng l: nng lng my pht, nhy ca my thu, tn s RF, bngthng v s nh hng ca anten.

Trong 802.11 s dng thut ton a truy cp cm nhn sng mang (CSMA) trnh xung t. CSMA l mt thnh phn ca lp MAC. CSMA c s dng chc chn rng s khng c xung t d liu trn ng truyn.. Kiu tn cng nykhng s dng tp m to ra li cho mng nhng n s li dng chnh chun .Thm ch l k thut s dng tri ph tun t trc tip (DSSS), m sa sai FEC hayCRC u v ch vi kiu tn cng ny.

C nhiu cch khai thc giao thc cm nhn sng mang vt l. Cch n

gin l lm cho cc nt trong mng u tin tng rng c mt nt ang truyn tin tithi im hin ti. Cch d nht t c iu ny l to ra mt nt gi mo truyn tin mt cch lin tc. Mt cch khc l s dng b to tn hiu RF. Mt cchtn cng tinh vi hn l lm cho card mng chuyn vo ch kim tra m ntruyn i lin tip mt mu kim tra. Tt c cc nt trong phm vi ca mt nt gi lrt nhy vi sng mang v trong khi c mt nt ang truyn th s khng c nt no


18/21

c truyn. Theo nh tin tc th l kiu rt d b tn cng v n khng i hithit b c bit.

2.1.8. Tn cng gi nh a ch MAC

Trong 802.11 a ch MAC l mt cch ngn ngi dng bt hp php gianhp vo mng. Vic gi a ch MAC l mt nhim v kh d dng i vi tin tc.Trong khi gi tr c m ho trong phn cng l khng th thay i th gi tr ca ra trong phn sn (chng trnh c s) ca phn cng li c th thay i c.C nhiu chng trnh s dng cho cc h iu hnh khc nhau c th thay i ca ch MAC c a ra trong b iu hp mng. Th tc ny thc s l rt d vc th c thc hin trong vi pht. Thm ch sau khi gi a ch MAC tr nn ph

bin, 802.11 vn cn s dng phng php chng thc ny bi v a ch MAC 48

bit l di ngn chn cc cuc tn cng vo n.

Nhiu chng trnh mi c to ra cho php tin tc vt qua c skh khn ny. Tin tc khng phi i tm a ch MAC bi v n c pht qung bra ton mng do chun 802.11 yu cu nh vy. Ch c mt vi gi tin m tin tc cnchn li ly a ch MAC v do vy bng vic gi mo a ch MAC tin tc c nhn dng nh mt ngi dng hp php ca mng.

2.1.9. Tn cng t chi dch v (Deny Of Services)

y l hnh thc tn cng lm cho cc mng khng dy khng th phc vc ngi dng, t chi dch v vi nhng ngi dng hp php. Trong mng cdy c cc hnh thc tn cng t chi dch v DoS (Denial of Service) ph bin nhPing of Death, SYN Flooding. Cc hnh thc ny da trn c ch ca b giao thcTCP/IP, c th khin cho my ch b treo. Mng khng dy tn ti nhng im yu tn cng DoS khc vi mng c dy v d nh khi sng radio truyn trong mitrng, n rt d b nh hng bi cc yu t khch quan cng nh ch quan. Mt

k tn cng c th to ra cc sng c cng tn s vi tn s truyn tn hiu gynhiu cho ng truyn. iu ny i hi mt b pht sng m bo tn hiu nnh cho mng.


19/21

2.2. Cng c tn cng Wlan2.2.1. Gii thiu cng c Aircrack-ng

Aircrack-nglb cngcminphchytrnhiuhnhlinux,cngcnychuyn crackpassword trong mng khng dy rt hiu qu nh WEP,

WPA,... Giao din cngcAircracklgiao dincommandline nns hnkhxiivi ngimis dng. Hin nay th Aircack chy ch yu trn linuxl ch yu, cn c mtsphin bn Aircrack-ng chy trn h iu hnhwindows l do mt s lptrnhvinbintpt linux sang windows nhngmt s tnh nng trongphinbn windows s khngbng phinbnchytrnlinuxc.Sau ysgiithiumtsthngdng cbn:

Chuyn cardmng wirelesstmanager sangmonitor(chnghengng):

airmon-ng Btgitintrongmng khng dy(wifi):

airodump-ng To gitinginAP nhmnhn ccgiARPphn hi:

aireplay-ng GigitinginAPnhnphn hi:

packetforge-ng Dmtkhu:

aircrack-ng

Ngoi ra c th xem thng tin chi tit aircrackmanaircrack-ng


20/21

Hnh 2.5 S dng lnh Man bit thng tin chi tit2.2.2. Gii thiu cng c Netcut chy trn Windown

Netcut l mt cng c chuyn iph trongmangLAN,vi ccphin

bn trc y th ch h tr i vi mng LAN v h iu hnh lwindows xp nhng gi y Netcut c nng cp, h tr cmng WLAN v h iu hnh windows 7. Nguyn tc lm vic caNetcutchnh ltncngarpspoof trongphndemo s trnh byrv vn ny.

Vy th trong trng hp no Attacker s dng Netcut. Trongtrng hp Attacker khng mun mt hay nhiu my Victim no y sdng mng internet hay khng mun my Victim i ra ngoi mng LANc.

Hnh 2.6. Giao din ca cng c ca Netcut

2.2.3. Gii thiu cng c Cains chy trn Windowns

Cain l cng c chy trn nn tng window kh l ni ting vinhng tnhnng nhsnifferpassword,decoders,crack,... thmch cnc thb khamngkhngdy na nh WEP, WPA,... cain c th hackcthchngtacnphic thmcngc gn ngoi l anten. Vi giao dinrt d s dng cng c cainrtphhpvi nhng Attacker mivo ngh.


21/21

Trn linux c h iuhnhbacktrackchatontpnhngcngcdng hack haynicchkhc lh iuhnhcacc hacker.Trnwindowsthccain,tuyv tnh nng cng nh tn cng khng mm dobng

backtrack nhngblicainlic giao dinrtd sdngvcungcpycc cngcchomtAttacker.phn demosnirv nguyn tctncngsnifferpassword trongmngLAN.

Hnh 2.7 Giao din cng c Cain chy trn Windown

bao mat vlan va cac cong cu tan cong

Documents