• Keine Ergebnisse gefunden

CSMA/CA Frame-Header Topologien Ger¨ate Standards WirelessLAN

N/A
N/A
Info
Herunterladen
Protected

Academic year: 2022

Aktie "CSMA/CA Frame-Header Topologien Ger¨ate Standards WirelessLAN"

Copied!
3
0
0

Wird geladen.... (Jetzt Volltext ansehen)

Jetzt herunterladen ( 3 Seite )

Volltext

(1)

Netzwerktechnik http://kohnlehome.de/netz/wlan.pdf

Wireless LAN

Standards

Standard Name Bandbreite Frequenz Jahr

IEEE 802.11 2 Mbit/s 2,4 GHz 1997

IEEE 802.11a 54 Mbit/s 5 GHz 1999

IEEE 802.11b 11 Mbit/s 2,4 GHz 1999

IEEE 802.11g 54 Mbit/s 2,4 GHz 2003

IEEE 802.11n Wi-Fi 4 600 Mbit/s 2,4 GHz / 5 GHz 2009 IEEE 802.11ac Wi-Fi 5 1,3 Gbit/s 5 GHz 2013 IEEE 802.11ax Wi-Fi 6 5 Gbit/s 2,4 Ghz / 5 GHz 2019

Ger¨ ate

• 802.11 NIC

• Access-Point (Autonomous / Controller-Based): verbindet 802.11 WLAN mit 802.3 Ethernet

• Wireless-Router: Access-Point, Switch, Router, Modem

• Antenne

– Omnidirectional – Directional

– MIMO (Multiple Input Multiple Output): mehrere Sende- und Empfangsantennen

Topologien

Siehe kohnlehome.de/netz/wlan-topologien.pdf

Frame-Header

• Frame Control: Protocol Version, frame Type, ...

• Duration: Remaining time to receive next Frame

• Address 1: Receiving Device or AP

• Address 2: Transmitting Device or AP

• Address 3: Destination MAC

• Sequence Control:

• Address 4: only in Ad-Hoc-mode

CSMA/CA

• half-duplex

• wait till channel is idle

• Client sends RTS (Ready To Send)

• Client waits for CTS (Clear To Send)

• All transimissions are acknowledged

Franz Kohnle Seite 1 von 3 2. Juli 2020

(2)

Netzwerktechnik http://kohnlehome.de/netz/wlan.pdf

Wireless Client and AP Association

• Vorgang

– Discover a wireless AP – Authenticate with AP – Associate with AP

• Modi

– Passive Mode: AP advertises SSID

– Active Mode: Client must know SSID and sends Probe Request

CAPWAP (Control and Provisioning of Wireless Access Points)

• WLC (Wireless LAN Controller) manages multiple APs and WLANs.

• based on LWAPP (Lightweight Access Point Protocol)

• UDP ports 5246 and 5247

• Split MAC Architecture – AP MAC Functions

∗ Beacons and probe responses

∗ ACK and Retransmission

∗ Frame queueing, prioritization

∗ MAC layer data encryption and decryption – WLC MAC Functions

∗ Authentication

∗ Association and re-association of roaming clients

∗ Frame translation to other protocols

∗ Termination of 802.11 traffic on a wired interface decryption

• DTLS (Datagram Transport Layer Security) Encryption f¨ur control channel

• FlexConnect: Verbindung WLC - AP ¨uber WAN – connected mode: WLC und AP haben Verbindung

– standalone mode: AP hat Verbindung zu WLC verloren, kann aber trotzdem alleine arbeiten

Frequency Channel Saturation

• DSSS (Direct-Sequence Spread Spectrum): Frequenzbereich wird ausgeweitet (802.11b)

• FHSS (Frequency-Hopping Spread Spectrum): schnelles Wechseln zwischen Kan¨alen (802.11)

• OFDM (Orthogonal Frequency-Division Multiplexing): mehrer Kan¨ale gleichzeitig nutzen (802.11a/g/n/ac)

• OFDMA (Orthogonal Frequency-Division Multiaccess): (802.11ax)

Channels

• 2,4 GHz: 13 Kan¨ale, non overlapping: 1, 6, 11

• 5 GHz: 24 Kan¨ale

Franz Kohnle Seite 2 von 3 2. Juli 2020

(3)

Netzwerktechnik http://kohnlehome.de/netz/wlan.pdf

Wireless Security

WLAN Threats

• DoS Attacks

• Rogue Access Points

• Man-in-the-Middle Attack

Secure WLANs

• SSID Cloaking

• MAC Address Filtering

• Authentication Methods

– Open system authentication – PSK (Shared key authentication)

∗ WEP

∗ WPA (TKIP: Temporal Key Integrity Protocol)

∗ WPA2 (AES: Advanced Encryption Standard, CCMP: Counter Cipher Mode with Block Chai- ning Message Authentication Code Protocol)

∗ WPA3

– AAA (Authentication, Authorization, and Accounting), RADIUS (Remote Authentication Dial-In User Service): 802.1X mit EAP (Extensible Authentication Protocol

– Automatisch

∗ WPS (Wi-Fi Protected Setup)

∗ DPP (Device Provisioning Protocol), auch f¨ur IoT

Franz Kohnle Seite 3 von 3 2. Juli 2020

Referenzen

Jetzt herunterladen ( PDF - 3 Seite - 68.06 KB )

ÄHNLICHE DOKUMENTE

Angriffe auf WPA2

Ηalkia - Real-life paradigms of wireless network security attacks...

Using Graphic Processing Unit in Block Cipher Calculations

As there were no chances that this difference could come due to I/O problems (encrypting same files with CPU gave same results!) the next possible explanation to this is

2SC: an Efficient Code-based Stream Cipher

Since g is similar to the output function used in SYND [12], it is straightforward to prove that the keystream generated by our scheme is indistinguishable from a random sequence

Block ciphers PRESENT and SEA in comparison

We also compare both algorithms with the most popular block cipher Advanced Encryption Algorithm (AES) as well as two stream ciphers Trivium and Grain.. Keywords: Internet of

Client Authentication in Federations Using a Security Mode

As the user’s interface to a federation of services, security features of a web browser mainly will impact trust in federated

ECB – Electronic Code Book Mode

Daher Anzahl mit gleichem Schl ¨ussel verschl ¨usselter Bl ¨ocke auf

CFB – Cipher Feedback Mode

F ¨ur jede Runde wird ein Rundenschl ¨ussel anhand eines Schl ¨usselschemas erzeugt.. Die Rundenfunktionen stellt im allgemeinen

Broadcast encryption with traitor tracing

In diesem Vortrag wird ein Verfahren f¨ ur die broadcast encryption vorgestellt, dass einen Verr¨ ater (traitor) identifizieren kann, dessen Schl¨ ussel kompromittiert ist