&size(24){&color(darkgreen){''&color(red){W};i-Fi &color(red){P};rotected &color(red){A};ccess''};};
#navi(Linux)
''CONTENTS''
#contents
----
''REFERENCES''
-[[Windows XP の WPA ワイヤレス セキュリティ アップデートの概要>http://support.microsoft.com/default.aspx?scid=kb;ja;815485]]
-[[802.11セキュリティ>http://www.famm.jp/wireless/modules/newbb/]]
-[[Host AP driver for Intersil Prism2/2.5/3, hostapd, and WPA Supplicant>http://hostap.epitest.fi/]]
----

**はじめに [#w0785e0b]

-WPA Supplicantで動くようにks2101のdriverをつくる
-なんか仕様書には、以下の設定ができるように書いてあるんだけど、実験するにはどういう環境が必要なのかいまいち調べてないから、わからない。

***用語・略語 [#pc8e891b]
:WPA|Wireless Projecter Adaptorとは関係ない。
:WPA|Windows Product Activation氏ね。
:PSK|Pre-Shared Key
:TKIP|Temporal Key Integrity Protocol
:AES|Advanced Encryption Standard

***WPA関連MIB [#n1e4a746]
|~MIB|~description|
|DOT11_RSN_ENABLED| WPA enable or disable |
|DOT11_RSN_CONFIG_MULTICAST_CIPHER| WEP40,TKIP,CCMP(AES),WEP104 |
|DOT11_RSN_CONFIG_UNICAST_CIPHER| WEP40,TKIP,CCMP(AES),WEP104 |
|DOT11_RSN_CONFIG_AUTH_SUITE| WPA(802.1x),WPA(PreSharedKey),WPA-none(11Adhoc)|
|DOT11_PMK_TSC||
|DOT11_GMK1_TSC||
|DOT11_GMK2_TSC||

***AuthenticationSuite Set? [#h468fe5e]
|~OID_AUTH_MODE|~OID_WEP_STATUS   |~ENABLED   |~UNICAST_CIPHER|~MULTICAST_CIPHER|~AUTH_SUITE|
|Open/Shared   |Encyption1Enabled |WPA disable||||
|WPAPSK        |TEncyption2Enabled|WPA enable | TKIP | TKIP  | WPA(PreSharedKey) |
|WPAPSK        |TEncyption2Enabled|WPA enable | TKIP | WEP40 | WPA(PreSharedKey) |
|WPAPSK        |TEncyption3Enabled|WPA enable | CCMP(AES) | CCMP(AES) | WPA(PreSharedKey) |
|WPAPSK        |TEncyption3Enabled|WPA enable | CCMP(AES) | TKIP | WPA(PreSharedKey) |
|WPAPSK        |TEncyption3Enabled|WPA enable | CCMP(AES) | WEP40 | WPA(PreSharedKey) |
|WPA           |TEncyption2Enabled|WPA enable | TKIP | TKIP | WPA(802.1x) |
|WPA           |TEncyption2Enabled|WPA enable | TKIP | WEP40 | WPA(802.1x) |
|WPA           |TEncyption3Enabled|WPA enable | CCMP(AES) | CCMP(AES) | WPA(802.1x) |
|WPA           |TEncyption3Enabled|WPA enable | CCMP(AES) | TKIP | WPA(802.1x) |
|WPA           |TEncyption3Enabled|WPA enable | CCMP(AES) | WEP40 | WPA(802.1x) |

-これは、WindowsXPのNDIS5.1の場合以下の設定で対応するってことらしい。(OID_802_11_AUTHENTICATION_MODE,OID_802_11_WEP_STATUS)
-wpa_supplicantはどーなのかな?
-なんかこの表変???間違ってんのか?

**WPA Supplicant [#acbcd824]

***Install [#xcd128cd]
''FreeBSD'' ガ━━ΣΣ(゚Д゚;)━━ン
 # portinstall security/wpa_supplicant/
 [Updating the pkgdb <format:bdb1_btree> in /var/db/pkg ... - 204 packages found (-0 +0)  done]
 ** Port marked as IGNORE: security/wpa_supplicant:
         is not supported on FreeBSD < 6.0

''Debian''
 # apt-get install wpasupplicant

***Driver I/F [#v08ce7af]
-driver に対してのI/Fはどうなんでしょ?driverが実装しなきゃいけない、ioctlとかあるのかな?
-wpa_supplicantにpatch当てる必要あり?
--driverごとに、I/Fを定義する必要があるので、patchをあてる必要がある
-wireless extension version
--WPAのサポートは、version 18から。
--kernel-src/include/linux/wireless.h (original kernel)
|~kernel|~wireless extension|
|2.4.20|14|
|2.4.24|16|
|2.4.31|16|
|2.6.8|16|
|2.6.9|16|
|2.6.10|17|
|2.6.12|17|
--取り合えず、KS2101ドライバで現在(2005-06-21)動作確認がとれているのは、version 16まで。
--[[wireless.h version 18>http://wiki.wivicom.co.jp/cgi-bin/viewcvs.cgi/wpasupplicant/wireless_copy.h?rev=1.1.1.1&content-type=text/vnd.viewcvs-markup]] 抜粋
 V16 to V17
 ----------
 	- Add flags to frequency -> auto/fixed
 	- Document (struct iw_quality *)->updated, add new flags (INVALID)
 	- Wireless Event capability in struct iw_range
 	- Add support for relative TxPower (yick !)
 
 V17 to V18 (From Jouni Malinen <jkmaline@cc.hut.fi>)
 ----------
  	- Add support for WPA/WPA2
  	- Add extended encoding configuration (SIOCSIWENCODEEXT and
  	  SIOCGIWENCODEEXT)
  	- Add SIOCSIWGENIE/SIOCGIWGENIE
  	- Add SIOCSIWMLME
  	- Add struct iw_range bit field for supported encoding capabilities
  	- Add extended scan request (SIOCSIWSCANEXT)
  	- Add SIOCSIWAUTH/SIOCGIWAUTH for setting authentication and WPA
  	  related parameters (extensible up to 4096 parameter values)
  	- Add wireless events: IWEVGENIE, IWEVMICHAELMICFAILURE

-driverのI/Fは、[[これ?>http://wiki.wivicom.co.jp/cgi-bin/viewcvs.cgi/wpasupplicant/driver.h?rev=1.1.1.1&content-type=text/vnd.viewcvs-markup]]結構関数たくさんです。 (^^;
**実験 [#g44778a0]
***WPA-PSK (TKIP) on KS2910 [#rbc5e6f7]
予定 &color(red){KS2970};ね :)

***WPA-PSK (AES) on KS2910 [#rbc5e6f7]
予定

***WPA-PSK (TKIP) on WN-AG/CB2 [#e9c55e11]
''/etc/default/wpasupplicant''
 ENABLED=1
 OPTIONS="-Dmadwifi -iath0 -c/etc/wpa_supplicant.conf -dd -w"

''/etc/wpa_supplicant.conf''
 ctrl_interface=/var/run/wpa_supplicant
 ctrl_interface_group=0
 ap_scan=1
 network={
    ssid="ioAirportAp13"
    psk="hidemaru4000en"
    priority=1
 }

''# /etc/init.d/wpasupplicant start''
 Starting wpasupplicant: Initializing interface 
   'ath0' conf '/etc/wpa_supplicant.conf' driver 'madwifi'
 Configuration file '/etc/wpa_supplicant.conf' -> '/etc/wpa_supplicant.conf'
 Reading configuration file '/etc/wpa_supplicant.conf'
 ctrl_interface='/var/run/wpa_supplicant'
 ctrl_interface_group=0
 ap_scan=1
 Line: 4 - start of a new network block
 ssid - hexdump_ascii(len=13):
      69 6f 41 69 72 70 6f 72 74 41 70 31 33            ioAirportAp13   
 PSK (ASCII passphrase) - hexdump_ascii(len=14): [REMOVED]
 priority=5 (0x5)
 PSK (from passphrase) - hexdump(len=32): [REMOVED]
 Priority group 5
    id=0 ssid='ioAirportAp13'
 Daemonize..
 done.

''# iwconfig ath0''
 ath0      IEEE 802.11g  ESSID:"ioAirportAp13"  
           Mode:Managed  Frequency:2.472 GHz  Access Point: 00:A0:B0:6A:09:00
           Bit Rate:36 Mb/s   Tx-Power:50 dBm   Sensitivity=0/3
           Retry:off   RTS thr:off   Fragment thr:off
           Encryption key:41E0-9CF8-AF33-EDF7-00DD-4CC4-3C9D-2277
           Security mode:restricted
           Power Management:off
           Link Quality=46/94  Signal level=-49 dBm  Noise level=-95 dBm
           Rx invalid nwid:0  Rx invalid crypt:0  Rx invalid frag:0
           Tx excessive retries:0  Invalid misc:0   Missed beacon:0

''# dhclient ath0''
 Internet Software Consortium DHCP Client 2.0pl5
 Copyright 1995, 1996, 1997, 1998, 1999 The Internet Software Consortium.
 All rights reserved.
 
 Please contribute if you find this software useful.
 For info, please visit http://www.isc.org/dhcp-contrib.html
 
 sit0: unknown hardware address type 776
 eth1: unknown hardware address type 24
 sit0: unknown hardware address type 776
 eth1: unknown hardware address type 24
 Listening on LPF/ath0/00:a0:b0:4c:5b:b8
 Sending on   LPF/ath0/00:a0:b0:4c:5b:b8
 Sending on   Socket/fallback/fallback-net
 DHCPDISCOVER on ath0 to 255.255.255.255 port 67 interval 7
 DHCPOFFER from 192.168.104.1
 DHCPREQUEST on ath0 to 255.255.255.255 port 67
 DHCPACK from 192.168.104.1
 bound to 192.168.104.3 -- renewal in 43200 seconds.

''# ifconfig ath0''
 ath0      Link encap:Ethernet  HWaddr 00:A0:B0:4C:5B:B8  
           inet addr:192.168.104.3  Bcast:192.168.104.255  Mask:255.255.255.0
           inet6 addr: fe80::2a0:b0ff:fe4c:5bb8/64 Scope:Link
           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
           RX packets:319 errors:24 dropped:0 overruns:0 frame:24
           TX packets:40 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:199 
           RX bytes:98324 (96.0 KiB)  TX bytes:5139 (5.0 KiB)
           Interrupt:10 Memory:dfc3f000-dfc4f000 

''# ping 192.168.104.1''
 PING 192.168.104.1 (192.168.104.1) 56(84) bytes of data.
 64 bytes from 192.168.104.1: icmp_seq=1 ttl=127 time=0.627 ms

***WPA-PSK (AES) on WN-AG/CB2 [#f032f8cc]
''/etc/wpa_supplicant.conf''
 network={
    ssid="tacoma"
    psk="aesaesaes"
    priority=2
 }
トップ   編集 差分 履歴 添付 複製 名前変更 リロード   新規 一覧 検索 最終更新   ヘルプ   最終更新のRSS