Clever Geek Handbook

Fitur perlindungan jaringan nirkabel dan kabel. Bagian 1 - Tindakan perlindungan langsung



Sebelumnya kita berbicara tentang masalah teknis yang sangat tinggi dari sistem transmisi data berkabel dan nirkabel. Artikel ini akan fokus pada masalah keamanan dan jaringan yang lebih aman.



Kami melokalkan masalah



ยซWi-Fi โ€” ?ยป, : , ยซยป, , , , ยซยป, .



:



. , , .



(, -). , , ARP . .



ยซยป, .



:



, .



. , , , . . , , , WiFi.



, , port security MAC. , -, MAC , -, . . โ€” , , . , : .



, , . , , , MAC , . , , , . , , โ€” . , , .



, - โ€” . , . , - - .



:



. . !



:



. . , , WiFi. , VLAN, ACL, . , , VPN (). . , VPN .



, , , () port security. , , , MAC . . port security ACL โ€” . .



, , WiFi.



:



. . , .



Ethernet-HUB, , , .



WiFi โ€” .



:



ยซ ยป : ( ) , , , .



WiFI



, , . , , .



, ( !) ยซ ยป.



?



, :



  • , MAC ;
  • , , , , .


. , , .



WiFi



โ€” (SSID) WiFi . Hide SSID , . , , , .



SSID, โ€” BSSID (Basic Service Set Identifie). WiFi . WiFi .



MAC



ยซ ยป. (Access Control List, ACL). - port security . ( ) MAC . MAC ( โ€” MAC ). , WiFi. , .



Rogue AP



Rogue AP โ€” , . , , , .



Zyxel .





, , , , .



, . WPA/WPA2-Enterprise, Extensible Authentication Protocol (EAP) , , , .



USG FLEX 100.





1. USG FLEX 100.





, WEP (Wired Equivalent Privacy, ), WPA, WPA2...



WPA2-PSK (pre-shared key) . , , โ€” . - .



WiFi 6 c WPA3 WPA2 Enterprise , . ( RADIUS).



Nebula AX Dynamic Personal Pre-Shared Key (DPPSK) โ€” , (PSK) . , WiFi .



WiFi 6?



WiFi 6, , WPA3 . , Zyxel - Unified Pro.



Unified Pro Zyxel WAX510D, Unified Pro Zyxel WAX650S, Unified Pro Zyxel NWA110AX  802.11ax (Wi-Fi 6) Nebula, .





2. Unified Pro Zyxel WAX650S Unified Pro Zyxel WAX510D.



, 802.11ax (WiFi 6).



WPA3-Enterprise 192-bit mode



WPA3-Enterprise โ€” .



, WPA3-Enterprise :



  • 256- Galois/Counter Mode โ€” ,
  • 384- Hashed Message Authentication Mode โ€” ;
  • Elliptic Curve Diffie-Hellman exchange, Elliptic Curve Digital Signature Algorithm โ€” .


WPA3-Enterprise , SSL / TLS:



  • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, EC DH/DSA - NIST P-384;
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, EC DH/DSA - NIST P-384, RSA 3072 ;
  • TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 โ€” ยซยป , EC, RSA 3072 , DH- 15.


WPA3-Personal WPA2-PSK



Pre-Shared Key, , WPA3 SAE, ( IEEE 802.11-2016)



. , (), โ€” ( ) , SAE , .



dragonfly handshake, .



SAE (Key Reinstallation Attacks, KRACK ), offline , , , PSK-.



SAE forward secrecy, . , , , . SAE , , .



Enhanced Open โ€”



, . , , (), .



Enhanced Open โ€” Opportunistic Wireless Encryption, OWE, Internet Engineering Task Force RFC 8110, . unsophisticated packet injection, .



Enhanced Open โ€” .



27 .



:



  1. Telegram chat Zyxel
  2. Zyxel
  3. Youtube
  4. Wi-Fi โ€” ?
  5. Wi-Fi : , WPA3
  6. WiFi 6 MU-MIMO OFDMA:
  7. WiFi 6 :
  8. WPA3 โ€” WiFi 802.11
  9. Wi-Fi 6: , ?


More articles:


All Articles