ZyXEL Communications PLA-470 V2 - V3.0.5 Guía de instalación Pagina 99
- Pagina / 349
- Tabla de contenidos
- MARCADORES
Valorado. / 5. Basado en revisión del cliente
We notice that this technique requires too much time to be used efficiently.
Denial of Service Attacks
The purpose of an attack is not necessarily to crack an encryption algorithm
to recover the key and listen to the network or get into it. The single purpose of
some attacks is to sabotage the network by preventing it from operating. This
type of attack, called denial of service, or DoS, is widespread for all network
types.
In PLC networks, the simplest denial of service corresponds to scrambling. Since
these networks operate in the 1- to 30-MHz frequency band, the use of a radio unit
using the same band with a power greater than PLC power can cause interference
and, consequently, a global performance drop; it can even completely prevent the
network from operating. This attack is the simplest to implement. Unfortunately, it
is also unmanageable.
IEEE 802.1x and Improvements to PLC Network Security
IEEE 802.1x is an authentication architecture proposed by the IEEE committee
802. This is not in any case whatsoever a completely separate protocol but these
are guidelines used to define the various functionalities that are necessary to
implement a client authentication service on any type of local area network
(Ethernet, PLC).
The 802.1x architecture, called port-based network access control, is based on
two key elements, the EAP and RADIUS protocols.
The port is an important element of this authentication architecture. The port
defines any type of attachment to a local area network infrastructure. In PLC, like in
Ethernet, the connection of two machines is considered as a port.
The 802.1x architecture is illustrated in Figure 4.13. It consists of the three fol-
lowing distinct elements:
•
a client corresponding to the user who would like to connect to the network
via his or her station;
•
a controller, generally a switch or a router, relaying and controlling the infor-
mation between any requester and the authentication server;
•
an authentication server authenticating the user.
For each port, the network traffic can be controlled or not. Between the client
and the controller, the port is controlled so that only EAP authentication messages
of the request-response type are transmitted. Any other type of traffic is rejected. On
the contrary, between the controller and the authentication server, any type of traf-
fic is accepted since the medium is supposedly secure.
In 802.1x, the authentication is based on the EAP (extensible authentication
protocol) and the use of a RADIUS (remote authentication dial-in user service)
server.
80 Security
- Power Line Communications 2
- To Yves, Françoise 6
- Contents 8
- Contents ix 10
- Contents xi 12
- Organization of the Book 14
- Organization of the Book xv 16
- Acknowledgments 18
- Introduction 20
- Standard Organizations 21
- PLC Technologies 3 22
- 4 Introduction 23
- COMPANY STANDARD: 24
- CONSORTIUM STANDARD: 24
- INDUSTRY STANDARD: 24
- GOVERNMENT STANDARD: 24
- 6 Introduction 25
- PLC Technologies 7 26
- Consortiums and Associations 27
- HomePlug Alliance 27
- PUA (PLC Utilities Alliance) 28
- PLC Forum 29
- Future IEEE Standard 29
- 12 Introduction 31
- PLC Theory 32
- Architecture 34
- 16 Architecture 35
- 18 Architecture 37
- Attenuation 39
- Coupling Between Phases 40
- Frequency Response 40
- Interface Sensitivity 40
- Modeling Electrical Networks 41
- Public Networks 43
- Private Networks 43
- Analogy with a Network Hub 44
- The Concept of PLC Repeaters 44
- 26 Architecture 45
- Layered Architecture 46
- 28 Architecture 47
- Layered Architecture 29 48
- Functionality 50
- Network Mode Functionality 33 52
- Peer-to-Peer Mode 53
- Network Mode Functionality 35 54
- Network Mode Functionality 37 56
- 38 Functionality 57
- Listening to the Medium 58
- Access to the Medium 59
- Back-off Algorithm 61
- T Random CW 61
- =×(, )0 time slot 61
- Number of 62
- 44 Functionality 63
- Data Transmission Example 64
- 46 Functionality 65
- ACK Response 66
- NACK Response 67
- FAIL Response 67
- SACK Response in HomePlug AV 68
- 50 Functionality 69
- Managing Frame Priorities 70
- 52 Functionality 71
- Frame Level Functionalities 73
- MAC Encapsulation 74
- Fragmentation Reassembly 75
- Fragmentation 75
- Other Functionalities 76
- 58 Functionality 77
- Service Quality 78
- Using VLAN Labels 79
- Cryptology 81
- 64 Security 83
- RC5 and RC6 84
- Blowfish 84
- Public-Key Cryptography 85
- RSA (Rivest, Shamir, Adelman) 86
- Diffie-Hellman 86
- Mixed-Key Cryptography 87
- Electronic Signatures 87
- Use of Public Keys 88
- The Hash Function 88
- 70 Security 89
- Security for PLC Networks 91
- Access to the Physical Medium 92
- 74 Security 93
- Access to Physical Frames 94
- Authentication 94
- Network Keys 94
- 76 Security 95
- MD5 Algorithm (RFC 1321) 96
- Security in HomePlug AV 97
- Security for PLC Networks 79 98
- Denial of Service Attacks 99
- RADIUS and Diameter 100
- IEEE 802.1x in PLC 101
- 84 Security 103
- Virtual Private Networks 104
- CHAPTER 5 106
- Physical Layer Frames 107
- Bit rate 108
- 90 Frames 109
- The OFDM Interface Frame 110
- OFDM Transmission Schemes 111
- The OFDM Interface Frame 93 112
- Functional Blocks 113
- The OFDM Interface Frame 95 114
- The PLC Physical Frame 115
- The OFDM Interface Frame 97 116
- Physical Frame Data Body 117
- Physical Frame End Delimiter 117
- The OFDM Interface Frame 99 118
- MAC Layer Frames 119
- Address Fields 120
- Hexadecimal Format 121
- MAC Layer Frames 103 122
- 104 Frames 123
- PLC in Practice 124
- 106 PLC in Practice 125
- Applications 126
- Telephony over PLC 127
- Actual Rate 128
- Transit Time 129
- Differentiating IP Packets 129
- Hi-Fi Quality Telephony 130
- Streaming 131
- Capacity Problems 132
- Multimedia 133
- PLC Local Networks 134
- Internet Connection Sharing 135
- File and Printer Sharing 135
- PLC Local Networks 117 136
- Audio Broadcasting 137
- Recreational Applications 137
- Video Surveillance 137
- InternetBox and PLC 138
- 120 Applications 139
- New Applications for PLC 140
- PLC in Public Spaces 141
- PLC over Coaxial Cable 141
- PLC in Motor Vehicles 141
- Economic Perspectives 142
- 124 Applications 143
- Equipment 144
- Master-Slave Mode 145
- PLC Technologies 127 146
- Case of Ascom APA Devices 147
- Centralized Mode 148
- PLC Modems 149
- Dissipation in PLC Modems 150
- PLC USB Modems 151
- PLC Ethernet Modems 152
- PLC Cable TV Modems 153
- PLC Modems 135 154
- PLC/Wi-Fi Modems 155
- Multifunction PLC Modems 156
- 138 Equipment 157
- PLC Modems 139 158
- 140 Equipment 159
- Coupling 160
- Choice of Injection Cable 161
- Transformers and Meters 162
- Transformers 163
- Repeaters 164
- Home-Made PLC Repeater 165
- Filters 147 166
- The Cost of PLC 167
- The Cost of PLC 149 168
- 150 Equipment 169
- Installation 170
- 152 Installation 171
- Frequency Bands 153 172
- Low Bit Rate PLC 173
- High Bit Rate PLC 174
- 156 Installation 175
- Frequency Bands 157 176
- 158 Installation 177
- Frequency Bands 159 178
- 160 Installation 179
- Single-Phase Wiring 180
- 222 22222 181
- Three-Phase Wiring 182
- The Circuit Breaker Panel 183
- 166 Installation 185
- Propagation of the PLC Signal 187
- Interference 188
- 170 Installation 189
- Network Data Rates 190
- 172 Installation 191
- Network Data Rates 173 192
- 174 Installation 193
- Network Data Rates 175 194
- 176 Installation 195
- Data Rate Variation 196
- Security 197
- Configuration 198
- 180 Configuration 199
- 182 Configuration 201
- 184 Configuration 203
- Electrical Network 205
- 188 Configuration 207
- 190 Configuration 209
- 192 Configuration 211
- 194 Configuration 213
- (see Figure 9.24): 214
- Lastly, the next command: 214
- 196 Configuration 215
- PC using Ethernet; 218
- 200 Configuration 219
- Configuring an HD-PLC Network 224
- Configuring a DS2 Network 225
- Configuring a DS2 Network 207 226
- 208 Configuration 227
- Configuring a DS2 Network 209 228
- 210 Configuration 229
- Review of Network Parameters 230
- IP Addresses 230
- Structure of an IPv4 Address 231
- Address Classes 231
- Subnet Mask 233
- DNS (Domain Name Service) 233
- 216 Configuration 235
- PLC in the Home 236
- 218 PLC in the Home 237
- Choosing a PLC Technology 238
- Choosing Equipment 238
- 220 PLC in the Home 239
- 222 PLC in the Home 241
- Configuring the PLC Gateway 243
- 226 PLC in the Home 245
- Configuring PLC Security 247
- 230 PLC in the Home 249
- Firewall 250
- VPN and PPPoE 251
- 234 PLC in the Home 253
- 236 PLC in the Home 255
- DNS Addresses 256
- 238 PLC in the Home 257
- DHCP Architecture 258
- 240 PLC in the Home 259
- MAC Address 260
- 242 PLC in the Home 261
- 244 PLC in the Home 263
- PLC for Businesses 266
- Network Architecture 267
- Supervising a PLC Network 268
- Choosing a Standard 269
- QoS in HomePlug AV 271
- 254 PLC for Businesses 273
- Placing Equipment 274
- 256 PLC for Businesses 275
- Security Parameters 276
- Security Topologies 277
- HomePlug AV 278
- VLAN (Virtual LAN) 279
- VoIP Under PLC 281
- Network Implementation 282
- 264 PLC for Businesses 283
- Hotel Story PLC Networks 285
- # ifconfig eth0 287
- 268 PLC for Businesses 287
- Configuring a DHCP/NAT Server 288
- NAT Configuration 289
- MASQUERADE 290
- PLC for Communities 292
- Electrical Network Operators 293
- Topology of MV Networks 295
- Topology of LV Networks 295
- Figure 12.5 Ring topology 296
- Figure 12.6 Mesh topology 296
- 278 PLC for Communities 297
- POP = Point of Presence 299
- University 300
- Issues in Electrical Networks 301
- 284 PLC for Communities 303
- Configuring the Network 304
- 286 PLC for Communities 305
- Small-Scale PLC Networks 306
- Medium-Scale PLC Networks 307
- Large-Scale PLC Networks 308
- 290 PLC for Communities 309
- 292 PLC for Communities 311
- Hybrid PLC 314
- 296 Hybrid PLC 315
- Coexistence of PLC and Wi-Fi 317
- 300 Hybrid PLC 319
- Choosing the IEEE 802.11 Mode 320
- 302 Hybrid PLC 321
- 304 Hybrid PLC 323
- 306 Hybrid PLC 325
- 308 Hybrid PLC 327
- Resources 328
- 310 Resources 329
- Books and Articles 330
- About the Author 332
- 316 Index 335
- Index 317 336
- 318 Index 337
- Index 319 338
- 320 Index 339
- Index 321 340
- 322 Index 341
- Index 323 342
- 324 Index 343
- Index 325 344
- Telecommunications Series 346
© 2020, manymanuals.es. Todos los derechos reservados | 0.054 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales