Mohd Nawawi Abd Halim DCS 041 125

1. ACKNOWLEDGEMENT

A big grateful to Allah (s.w.t) because of His bless; I finally succeed to complete my practical training for semester II 2006 200!. "irst and foremost I would li#e to e$press my heartfelt gratitude and appreciation to my Industrial %uper&isor' (adam )orlaila (at *ali; the %enior Assistant +o,curriculum of %e#olah (enengah -ebangsaan .embah -eramat because she gi&es me the opportunity to do my practical training and gain new e$periences during the practical training period. )ot forget to mention' my A+A/ %uper&isor (adam )oor 0alina 0ainal; without her guidance and patience ness I will ne&er stand a chance to complete the practical training course. %pecial than#s also goes to (r -amal /ahlan; the Information 1echnology /epartment (anager of International Islamic +ollege. 2ithout his support' ideas and teaching I will ne&er complete my pro3ect as well as my other tas#s. .ast but not least' than# you to e&erybody who has been in&ol&ed directly or indirectly in order to complete this practical training. 1han# you &ery much and I really appreciate it.

2assalam

Wireless Network Authentication

Mohd Nawawi Abd Halim DCS 041 125

TABLE OF CONTENTS

1. ACKNOWLEDGEMENT 2. INTRODUCTION 2.1. Introduction to Pr ctic ! Tr inin" 2.2. B c#"round o$ t%& Co'( n) 2.2.1. M in cti*iti&+ 2.2.2. Or" ni, tion C% rt -. WIRELESS LOCAL AREA NETWORK .WLAN/ -.1. N&t0or#in" D&$inition -.1.1. O12&cti*&+ -.1.2. Pro2&ct Sco(& -.1.-. N&t0or# Di "r ' -.2. Lit&r tur& R&*i&0 -.2.1. An !)+i+ o$ Si'i! r N&t0or# Pro2&ct -.2.2. An !)+i+ o$ To(o!o") U+&d -.2.-. An !)+i+ o$ C 1!& U+&d -.-. M&t%odo!o") -.-.1. P! nnin" -.-.2. An !)+i+ -.-.-. D&+i"n -.3. Conc!u+ion -.3.1. B&n&$it o$ t%& Pro2&ct -.3.2. Contri1ution o$ Pro2&ct -.3.-. Pro1!&'+ nd I++u&+ -.3.3. Su""&+tion 4 So!ution -.5. Att c%'&nt+ 4 Pro2&ct Docu'&nt tion

Wireless Network Authentication

Mohd Nawawi Abd Halim DCS 041 125

INTRODUCTION 1.1. Introduction o$ Pr ctic ! Tr inin" 5ractical 1raining is a type of apprenticeship related to the student6s field of study. 1he students need to undergo this practical training after they ha&e completed 78 credit hours. It is a compulsory for the students of %chool of +omputer %tudies to complete this course. 1his practical training carries 6 credit hours' which will be included in the +umulati&e 5ercentage A&erage (+95A). Objective 1he ob3ecti&e of this practical training is to e$pose the student to the real wor#ing en&ironment and as well as to allow the student to practically apply the #nowledge gained in the entire course that the student has learned in the International Islamic +ollege (II+). 1his also will ensure that the student has achie&ed the target and ob3ecti&e of studying in the International Islamic (II+). Duration 1he duration of the practical training will ta#es about 4! wee#s starting from the first day of the training. Placement for Practical Training As what has been agreed by the committee' the student needs to find the company regardless to the desirable location of the practical training. 1here is no restriction of places as the student is allowed to choose where to undergo the practical training.

Wireless Network Authentication

Mohd Nawawi Abd Halim DCS 041 125

1.2. B c#"round o$ t%& Co'( n) 1.2.1. M in Acti*iti&+ 4 1u+in&++ o(&r tion %e#olah (enengah -ebangsaan .embah -eramat (%(-.-) is secondary school which is registered under the (inistry of ;ducation. %(-.- welcomed its first batch on :rd *anuary 4<76. 1he construction of the 8 bloc# building was funded by the 2orld =an#. %(-.- started as a single,session school with 20 teachers and :2! students in forms 4 and 2. 1he number of students increased gradually in the following years. In 4<77' the number of students rose to 42:2 and %(-.- has been a two,session school e&er since. %tudents in forms 4 and 2 are placed in the afternoon session whereas students in forms :' > and 8 are in the morning session. The School Philosophy 2e belie&e students are endowed with the attitude' aptitude and attributes to e$cel; thus with appropriate guidance' instruction and training they will become in&aluable citi?ens who actuali?e the country6s aspirations. The School Aspiration %(- .embah -eramat will be a centre of holistic education whereby it pro&ides a balanced de&elopment to an indi&idual (physically' emotionally' spiritually and intellectually); thus enabling the indi&idual to face obstacles and challenges &aliantly in his bid to actuali?e the aspirations of the country and its citi?ens and gi&e glory to the Almighty The School Charter 2e will do our best to@ 5ro&ide Auality and effecti&e teaching Bpgrade oursel&es with the latest #nowledge 5roduce students who are acti&e and committed in co,curricular acti&ities Impart moral &alues 5roduce students of integrity and who are emotionally strong 5ro&ide a conduci&e and safe learning en&ironment ;nsure that students and their parents are gi&en the best ser&ice +arry out our duties with diligence' fairness and without any pre3udice Cecei&e ideas or feedbac# with an open mind

>

Wireless Network Authentication

Mohd Nawawi Abd Halim DCS 041 125

1.2.2. Or" ni, tion C% rt

Wireless Network Authentication

Mohd Nawawi Abd Halim DCS 041 125

2. WIRELESS LOCAL AREA NETWORK .WLAN/ 2.1. N&t0or# D&$inition 2.1.1. O12&cti*&+ 2.A) is a wireless local area networ#' which is the lin#ing of two or more computers without using cable. 2.A) main ob3ecti&e is to gi&es users the mobility to mo&e around within a broad co&erage area and still be connected to the networ#. 1he ad&antages of using 2.A) are@ Con enience 1he wireless nature of such networ#s allows users to access networ# resources from nearly any con&enient location within their primary networ#ing en&ironment (home or office). 2ith the increasing saturation of laptop,style computers' this is particularly rele&ant. Mobilit! 2ith the emergence of public wireless networ#s' users can access the internet e&en outside their normal wor# en&ironment. (ost chain coffee shops' for e$ample' offer their customers a wireless connection to the internet at little or no cost. "#$andabilit! 2ireless networ#s can ser&e a suddenly,increased number of clients with the e$isting eAuipment. In a wired networ#' additional clients would reAuire additional wiring. Cost 2ireless networ#ing hardware is at worst a modest increase from wired counterparts. 1his potentially increased cost is almost always more than outweighed by the sa&ings in cost and labor associated to running physical cables

Wireless Network Authentication

Mohd Nawawi Abd Halim DCS 041 125

2.1.2. Pro2&ct Sco(& "or this practical training pro3ect' the scope co&ers the implementation of de&eloping a wireless internet connection within the school compound. 1he concept is to allow access to the internet for authori?ed clients users. 1he target when the pro3ect complete are@ 1o pro&ide teachers with internet connection facilities to help them finding information for use in teaching procedure in the classroom 1o narrow down the I1 gap between teachers' as well as students 1o be the first school that owns the 2i"i technology

Wireless Network Authentication

Mohd Nawawi Abd Halim DCS 041 125

2.1.-. N&t0or# Di "r '

Wireless Network Authentication

Mohd Nawawi Abd Halim DCS 041 125

2.2. Lit&r tur& R&*i&0 2.2.1. An !)+i+ o$ Si'i! r N&t0or# Pro2&ct )o+at 2ireless )etwor# Authentication is system that is use by I1 /epartment of International Islamic +ollege to control their wireless internet connection. 1he system was originally started as a community, support 702.44b wireless networ# in %onoma +ounty' +A =elow is the networ# diagram of 2ireless )etwor# Authentication used by I1 /epartment of International Islamic +ollege@

<

Wireless Network Authentication

Mohd Nawawi Abd Halim DCS 041 125

2.2.2. An !)+i+ o$ To(o!o") U+&d 1he topology in&ol&ed in this pro3ect is ser&er control based networ#. 1o ma#e it secure it only allows the authori?ed client to ha&e the internet connection. It identifies the client by their I5 address and the (A+ address. 1o authenticate the user the ser&er will chec# the I5 address and the (A+ with the database in the authentication ser&er' if e&erything meets the rules then the ser&er will gi&e the permission. 2.2.-. An !)+i+ o$ C 1!& U+&d "or this pro3ect a lot of networ# cables from the D+ategory 8eE cable (also #nown as D+at 8eE cable) were use to connect ser&er' switches' access points and computers. (ost of these cables are Bnshielded 1wisted 5air (B15) cables' this is because to reduce the cost compare to the %hielded 1wisted 5air (%15) type of cable which is more e$pensi&e. 1his type of cables is often used in structured cabling for computer networ#s such as ;thernet.

Un+%i&!d&d T0i+t&d P ir .UTP/

40

Wireless Network Authentication

Mohd Nawawi Abd Halim DCS 041 125

2.-. M&t%odo!o") 2.-.1. P! nnin" %racticabilit! Anal!sis

6o0 do&+ 0ir&!&++ n&t0or# ut%&ntic tion 0or#+7 5ractically' this is how you protect your wireless networ# from the unauthori?ed user. It controls the access to the internet by allowing only the registered client and DfilterE out the intruders and the unregistered client. In this case' the usage of a pro$y ser&er is needed to DguardE the networ#. It acts li#e a traffic controller in the networ#. 1he networ# port &eth0' of the pro$y ser&er will directly connect to the modem' this means that e&erything that will going in or out from the networ# must pass the pro$y ser&er. 2hen a client want to connect to the networ#' first the pro$y ser&er will chec# the reAuest by referring to client6s I5 address and (A+ address. If the records match with the pro$y6s database' then the access is granted. Fr else the client will not be able to ha&e an internet connection. (e)uirement *atherin+ ,Hardware1here is se&eral networ#ing hardware that need to install in the pro$y ser&er. 1he 5+ which will act as a ser&er needs at least 4 networ# cable and a networ# interface card ()I+). In some cases the pro$y ser&er can ha&e > )I+ at a 4 time; that is the ma$imum limit that this pro$y ser&er can support. I only use : )I+s for this pro3ect; C;/' 9C;;) and =.B;. C;/ will be directly connected to Internet line; meanwhile the 9C;;) is for the internal networ# (.A)) and the =.B; for the wireless control port on the ser&er.

44

Wireless Network Authentication

Mohd Nawawi Abd Halim DCS 041 125

(e)uirement *atherin+ ,So.tware I5+op .inu$4 I5+op .inu$ is a distribution of .inu$ thatGs sole purpose is to protect pri&ate or %FHF (small office home office) system networ#. I5+op .inu$ is a code for# of %mooth2all' which was initially created by Cichard (orrell' .awrence (anning and others' since the summer of 2000. A ma3ority of the code used in the I5+op &0.4 release was written by them. Howe&er' since the for#' much of the code has been rewritten and more will be rewritten with each re&ision until no code will be shared with %mooth2all. I5+op .inu$ (hereafter referred to as I5+op) is our attempt at a secure .inu$,based operating system that con&erts a redundant obsolete 5+ wor#station fileser&er (basically anything with a +5B' some memory' a hard dri&e and 2 networ# cards) into a firewall and H5) gateway. Also' because I5+op is administered through a web based 9BI (9raphical Bser Interface) the machine that I5+op is installed on does not e&en need a monitor' #eyboard or mouse. I5+op supports Internal I%/) cards' most networ# cards' 3ust about any connection type (analog modem I%/) +able A/%. B%= A/%. ;thernet) and also includes a complete logging firewall and I/% (Intrusion /etection %ystem)' /H+5 ser&er' I5%ec H5) (Hirtual 5ri&ate )etwor#)' web pro$y and much more. I5+op is fast' easy to administer' reliable and often includes more features and better performance than many commercial pac#ages on the mar#et today.

www.ipcop.org inde$ Wireless Network Authentication

42

Mohd Nawawi Abd Halim DCS 041 125

2.-.2. An !)+i+ (e)uirement Anal!sis o. Hardware and So.tware I5+op runs on a dedicated bo$' and it com$letel! takes o er the hard dri e' so donGt use a dri&e with anything &aluable on it. It will run on old or IobsoleteI hardware' such as a :76 processor' :2(b of CA(' and :00(= hard dis#. =ut if you plan on using some of I5+opGs features' such as the caching web pro$y' or Intrusion /etection .ogging' you are going to need more CA(' more dis# space' and a faster processor. 2 1here is se&eral computers6 hardware that is not reAuired by I5+op such as@ "loppy /is# dri&e o =ut is useful for bac#ing up and during the upgrading the system +/CF( dri&e o It only use to install the I5+op application' after that not reAuired at all

1he special thing about I5+op is that after the installation process complete' you can run the I5+op ser&er without the monitor or and #eyboard attached to the I5+op ser&er. 1o access the administrating interface you 3ust simply run the web browser using 5+ that is connected on the 9C;;) networ# card.

www.ipcop.org inde$ Wireless Network Authentication

4:

Mohd Nawawi Abd Halim DCS 041 125

2.-.-. D&+i"n Star /o$olo+! A star topology is designed with each node (ser&er' wor#stations' and peripherals) connected directly to a central networ# hub or concentrator /ata on a star networ# passes through the hub or concentrator before continuing to its destination. 1he hub or concentrator manages and controls all functions of the networ#. It also acts as a repeater for the data flow.

4>

Wireless Network Authentication

Mohd Nawawi Abd Halim DCS 041 125

2.3. Conc!u+ion 2.3.1. B&n&$it+ o$ T%& Pro2&ct 1his pro3ect really contributes a lot of #nowledge and I ha&e learnt new things such a configuring a medium scale networ# and wireless networ# more deeply. 1he most important thing in this entire pro3ect is I learnt how to use free open source en&ironment software to complete this pro3ect. 2.3.2. Contri1ution o$ Pro2&ct 2ireless networ# is one side of technology that rapidly changes to fulfill human business needs today. 1his pro3ect is simple' less e$pensi&e compared to &endor solution that is on the mar#et and the important thing it is a free open source software solution; including the operating system. =udget is an important issue in go&ernment school; so it is indeed the best solution for school that needs a low budget pro3ect for setup a secure wireless networ# internet connection. 2.3.-. Pro1!&'+ nd I++u&+ 2.3.3. Su""&+tion 4 So!ution

48

Wireless Network Authentication

Mohd Nawawi Abd Halim DCS 041 125

2.5. Att c%'&nt+ 4 Pro2&ct Docu'&nt tion

46

Wireless Network Authentication

Mohd Nawawi Abd Halim DCS 041 125

4!

Wireless Network Authentication