1. system solution demonstration
1.1 Status Quo Analysis
The existing wireless LAN security products cannot completely provide wireless LAN security protection. The main problems are as follows:
1) The function is single and lacks a comprehensive security management platform. It cannot implement comprehensive functions such as wireless data monitoring, parsing, restoration, and forensics.
2) There is a lack of effective control measures for illegal site access and illegal site access. If you do not connect to a wired network, you cannot control the network.
3) failed to detect and defend against the WEP attack method. The WEP encryption method is still widely used to a certain extent. The existing solution is to defend against WEP attacks by upgrading the security modules of wireless access points and sites, however, this solution cannot be applied to a large number of deployed old wireless LAN.
1.2 system solution
Based on the above analysis, it is necessary to design a wireless LAN monitoring system that integrates functions such as real-time wireless network scanning, real-time data parsing, content restoration, audit and forensics, management and control, and attack detection and protection, to solve the current wireless network problems. Create a diagram for the System Network:
Figure 1.1 Network Erection
It can be seen that the monitoring system is independent of the network, which is easy to set up and flexible, and can monitor the selected network. The system uses linux as the operating platform and relies on PCs and two wireless network cards as hardware. One wireless network card is used for scanning sites and access points and intercepting data packets, the other one is used to send forged data packets to prevent WEP attacks. Analyze the packets intercepted by the network adapter to check whether the network is vulnerable to WEP attacks and illegal access and access. If yes, send packets to the other network adapter for protection. At the same time, through Protocol resolution, we can restore the user's online file content, so as to facilitate the audit and forensics of users' wireless Internet access behavior.
2. System Function indicators
As shown in table 1, the functions and indicators implemented by our system.
Table 1: system metrics