Hacker News

AirSnitch: Asitsalawo ƒe ameɖokuiɖeɖe ɖe aga le Wi-Fi networkwo me ƒe nya ɣaɣlawo ɖeɖeɖa kple wo gbagbã [pdf].

Nyaŋuɖoɖowo

22 min read Via www.ndss-symposium.org

Mewayz Team

Editorial Team

Hacker News

Afɔku Ɣaɣla si le Wò Dɔwɔƒe ƒe Wi-Fi Me Si IT Ƒuƒoƒo akpa gãtɔ ŋea aɖaba ƒua edzi

Ŋdi sia ŋdi la, kɔfidzraƒe akpe geɖe, amedzrodzeƒewo ƒe xɔdɔmewo, dɔwɔƒewo ƒe ɔfiswo, kple asitsaƒewo trɔa woƒe Wi-Fi routerwo eye wotsɔe be "client isolation" ƒe dzesiɖaka si woŋlɔ le ɖoɖowɔɣi la le eƒe dɔ wɔm. Wodzraa asisiwo ƒe vovototodedeameme — si nye nusi le nukpɔsusu nu xea mɔ na mɔ̃ siwo le kaƒomɔ̃ ɖeka dzi be woagaƒo nu na wo nɔewo o — ɣeyiɣi didi aɖee nye sia be enye klosalotu na kadodo si woama ƒe dedienɔnɔ. Gake numekuku le aɖaŋuwo abe esiwo ŋu woke ɖo le AirSnitch ƒe ɖoɖoa me ene ŋu ɖe nyateƒenya aɖe si meɖea dzi ɖi o fia: asisiwo ƒe vovototodedeameme gbɔdzɔ kura wu alesi asitsaha akpa gãtɔ xɔe se, eye nyatakaka siwo sina toa wò amedzrowo ƒe kadodoa dzi ate ŋu anye esiwo ŋu woate ŋu akpɔ wo le wu alesi wò IT ɖoɖoa susui.

Le asitsala siwo le asisiwo ƒe nyatakakawo, dɔwɔlawo ƒe ɖaseɖigbalẽwo, kple dɔwɔnu siwo wozãna tsɔ wɔa dɔe dzi kpɔm le teƒe geɖe gome la, seɖoƒe ŋutɔŋutɔ siwo le Wi-Fi ƒe vovototodedeameme ŋu gɔmesese menye sukudede dzro aɖe ko o. Enye agbetsitsi ƒe aɖaŋu le ɣeyiɣi si me network ƒe ɖoɖo gbegblẽ ɖeka ate ŋu aɖe nusianu afia tso wò CRM kadodowo dzi va ɖo wò fetu ƒe ƒoƒo ɖekae dzi. Nyati sia ma alesi asisiwo ƒe vovototodedeameme wɔa dɔe, alesi wòate ŋu ado kpo nu, kple nusi wòle be egbegbe dɔwɔƒewo nawɔ atsɔ akpɔ woƒe dɔwɔnawo ta vavã le xexe si me kaƒomɔ̃wo le gbã me.

Nusi Asitsalawo Ƒe Ðeɖe Ðe Ðokuiwò Wɔna Nu Ŋutɔŋutɔ — kple Nusi Mewɔna O

Asitsalawo ƒe vovototodedeameme, si woyɔna ɣeaɖewoɣi be AP ɖeɖe ɖe aga alo kaƒomɔ̃ ƒe vovototodedeameme, nye nɔnɔme si wotu ɖe nuƒlela kple dɔwɔƒe ɖesiaɖe kloe ƒe mɔnu. Ne wowɔe la, efia mɔ router la be wòaxe mɔ na Layer 2 (data link layer) kadodo tẽ le wireless clients dome le network ƒe akpa ɖeka ma ke dzi. Le susu me la, ne Mɔ̃ A kple Mɔ̃ B siaa do ƒome kple wò amedzro Wi-Fi la, wo dometɔ aɖeke mate ŋu aɖo agbalẽviwo ɖe nɔvia tẽ o. Esia nye be woatsɔ axe mɔ na mɔ̃ ɖeka si gblẽ nu le eŋu be wòagawɔ scan alo adze bubu dzi o.

Kuxia enye be "ɖeɖeɖeaga" ɖɔa amedzidzedze ƒe vektor kpui ɖeka ko. Ʋuwo gakpɔtɔ le sisim yi dzi to afisi woate ŋu age ɖo, to router la dzi, eye wòdona ɖe internet dzi. Broadcast kple multicast traffic wɔa nu le mɔ vovovowo nu le router ƒe firmware, ʋukulawo ƒe dɔwɔwɔ, kple network ƒe nɔnɔme nu. Numekulawo ɖee fia be probe ƒe ŋuɖoɖo aɖewo, beacon frames, kple multicast DNS (mDNS) packets ate ŋu atso le asisiwo dome le mɔ siwo nu womewɔ isolation feature la be wòaxe mɔ na gbeɖe o nu. Le nuwɔna me la, ameɖokuiɖeɖe ɖe aga xea mɔ na brute-force tẽ ƒe kadodo — gake mewɔa mɔ̃wo be womate ŋu akpɔe na ŋkuléla si ɖoe kplikpaa si si dɔwɔnu nyuiwo kple packet-capture position nyuitɔ le o.

| Ema menye nukpɔsusu ƒe afɔku o — ema nye akɔntabubu ƒe nyateƒe si le fefem le amedzrodzeƒewo ƒe xɔdɔmewo kple dɔwɔƒe siwo wowɔa dɔ aduadu le gbesiagbe.

Alesi Isolation Bypass Mɔnuwo Wɔa Dɔ Le Dɔwɔwɔ Me

Aɖaŋu siwo ŋu woke ɖo le ɖoɖowo abe AirSnitch ene me ɖe alesi amedzidzelawo ʋuna tso ŋkuléle ɖe nu ŋu le mɔ si mewɔa dɔ o dzi yia ʋuwo ƒe mɔxexeɖenu si le dɔ wɔm dzi ne wowɔe be woaɖe wo ɖokui ɖe aga gɔ̃ hã. Gɔmesese vevitɔa le bɔbɔe bebletɔe: asisiwo ƒe wo ɖokui ɖeɖe ɖe aga nye nusi dzi woate ŋu age ɖo, gake menye mɔɖeɖeƒea ŋutɔ koe nye nusi le network la dzi si ate ŋu aɖo ʋuwo ƒe zɔzɔ ɖe amewo gbɔ o. To asitɔtrɔ le ARP (Address Resolution Protocol) kplɔ̃wo ŋu, dodo ɖe nyadzɔdzɔgblɔmɔ̃ siwo wowɔ kple asi me, alo mɔnuɖoɖo ƒe susu si le agbo si woɖo ɖi la ŋudɔwɔwɔ me la, asisi vɔ̃ɖi ateŋu aflu AP ɣeaɖewoɣi be wòaɖo agbalẽviwo ɖe ɖa si wòle be wòatsɔ aƒu gbe.

Mɔnu ɖeka si bɔ enye ARP ƒe aɖi le agbo ƒe ɖoɖo nu. Esi wònye be zi geɖe la, asitsalawo ƒe wo ɖokui ɖeɖe ɖe aga xea mɔ na hatiwo dome kadodo le Layer 2 me ko ta la, wogaɖea mɔ ɖe ʋuɖoɖo si woɖo ɖe agbo la (mɔfianu) ŋu kokoko. Amedzidzela si ate ŋu akpɔ ŋusẽ ɖe alesi agbo la tsɔa IP adrɛswo ɖoa MAC adrɛswo dzii la ate ŋu aɖo eɖokui nyuie abe ame si le titina ene, axɔ ʋuɖoɖo si woɖo na asisi bubu hafi aɖoe ɖee. Asisi siwo ɖe wo ɖokui ɖe aga la gakpɔtɔ menya o — edze abe woƒe packetwo le mɔ zɔm le mɔ nyuitɔ nu yi internet dzi ene, gake wole to yim to relay si me futɔ le me gbã.

Vector bubu wɔa mDNS kple SSDP ɖoɖowɔɖiwo ƒe nuwɔna ŋudɔ, siwo mɔ̃wo zãna hena subɔsubɔdɔ didi. Smart TV, agbalẽtamɔ̃, IoT sensor, kple asitsanyawo ƒe tablɛt gɔ̃ hã ɖea gbeƒã gbeƒãɖeɖe siawo edziedzi. Ne asisiwo ƒe vovototodedeameme xe mɔ na kadodo tẽwo gɔ̃ hã la, asisi siwo te ɖe wo nɔewo ŋu ate ŋu axɔ nyadzɔdzɔ siawo kokoko, si ana woawɔ mɔ̃ ɖesiaɖe si le network la dzi ƒe xexlẽdzesi tsitotsito — woƒe ŋkɔwo, wo wɔlawo, kɔmpiutadziɖoɖowo ƒe tɔtrɔwo, kple dɔwɔƒe siwo wodo bobloe. Le amedzidzela si woɖo taɖodzinu na le asitsaƒe si woama me la, ŋkuléleɖenuŋu ŋuti nyatakaka sia xɔ asi ŋutɔ.

ƒe nyawo

"Asitsalawo ƒe vovototodedeameme nye gaƒoɖokui si le ŋgɔgbe ʋɔtrua nu, gake numekulawo ɖee fia enuenu be fesrea le ʋuʋu. Asitsaha siwo bua eŋu abe dedienɔnɔ ƒe kuxia gbɔkpɔnu blibo ene la le dɔ wɔm le alakpanya si me afɔku le te — network dedienɔnɔ ŋutɔŋutɔ bia ametakpɔnu siwo le ƒuƒoƒo me, ke menye aɖaka ƒe nɔnɔmewo o."

ƒe nyawo

Asitsatsa ƒe Afɔku Ŋutɔŋutɔ: Nuka tututue le afɔku me

Ne mɔ̃ɖaŋu ŋuti numekulawo ƒo nu tso Wi-Fi ƒe vovototodedeameme ƒe afɔkuwo ŋu la, zi geɖe la, dzeɖoɖoa nɔa packet captures kple frame injections ƒe afisi. Gake le asitsala gome la, emetsonuwo me kɔ wu kura. Bu amedzrodzeƒe gã aɖe si me amedzrowo kple dɔwɔlawo zãa mɔnu ŋutɔŋutɔ ɖeka ma ke le, ne wole SSID vovovowo dzi gɔ̃ hã ŋu kpɔ. Ne womeɖo VLAN ƒe mama nyuie o — si dzɔna zi geɖe wu alesi nudzralawo lɔ̃ ɖe edzi — ʋuɖoɖo tso dɔwɔlawo ƒe kadodoa me ateŋu adze na amedzro si si dɔwɔnu nyuitɔwo le.

Le nɔnɔme ma me la, nukae le afɔku me? Nusi ate ŋu adzɔ: agbalẽŋɔŋlɔ ƒe ɖoɖoa ƒe ɖaseɖigbalẽwo, teƒe si wodzraa nu le ƒe kadodowo, HR ʋɔtrua ƒe ɣeyiɣi ƒe dzesiwo, nudzralawo ƒe adzɔxegbalẽviwo ƒe nyatakakadzraɖoƒewo. Asitsaha si le eƒe dɔwo wɔm le alilikpo me mɔ̃wo dzi — CRM ɖoɖowo, fetuxɔlawo ƒe dɔwɔnuwo, ʋuwo dzikpɔkpɔ ƒe dashboardwo — la dzena vevietɔ, elabena dɔwɔƒe mawo dometɔ ɖesiaɖe ɖoa kpe edzi to HTTP/S ɣeyiɣi siwo woateŋu alé ne amedzidzela la tsɔ eɖokui ɖo network ƒe akpa ɖeka ma ke dzi.

Xexlẽmeawo na wobua tame. IBM ƒe Gazazã ɖe Nyatakakawo Dzi Dada ƒe Nyatakaka gblɔna ɣesiaɣi be ga si wozãna ɖe sedzidada ŋu le mama dedie nu wu $4.45 miliɔn le xexeame katã, eye asitsaha suewo kple gãwo dze ŋgɔ ŋusẽkpɔɖeamedzi si mesɔ o elabena dɔwɔƒewo ƒe habɔbɔwo ƒe nuwo gbugbɔgaɖoanyi ƒe xɔtuɖoɖowo mele wo si o. Netwɔƒe-dzidzenu siwo dzɔ tso tete ɖe wo nɔewo ŋu ŋutɔŋutɔ me — amedzidzela le wò dɔwɔƒe si nèwɔa dɔ kplii, wò nuɖuɖudzraƒe, wò asitsaƒe — nyea mɔɖeɖedɔa ƒe mɔnu gbãtɔwo ƒe alafa memamã si ŋu gɔmesese le si emegbe va doa gã ɖe edzi va ɖoa nugblẽfexexe blibo me.

Alesi Netwɔƒe ƒe Mamã Nyuitɔ Le Le nyateƒe me

Network ƒe dedienɔnɔ vavãtɔ na asitsanyawo yi ŋgɔ sasasã wu asisiwo ƒe vovototodedeameme tɔtrɔ. Ebia be woawɔ mɔnu si wotsɔ ƒo ƒui si awɔ nu ɖe ​​network zone ɖesiaɖe ŋu be ate ŋu anye futɔ. Alesi ema le le nuwɔna me enye si:

💡 DID YOU KNOW?

Mewayz replaces 8+ business tools in one platform

CRM · Invoicing · HR · Projects · Booking · eCommerce · POS · Analytics. Free forever plan available.

Start Free →
    ƒe nyawo
  • VLAN mama kple VLAN dome mɔzɔzɔ ƒe se sesẽwo: Ele be amedzrowo ƒe ʋuɖoɖo, dɔwɔlawo ƒe ʋuɖoɖo, IoT dɔwɔnuwo, kple teƒe si wodzraa nu le ƒe ɖoɖowo dometɔ ɖesiaɖe nanɔ VLAN vovovowo dzi kple dzodoƒe ƒe se siwo xea mɔ na kadodo si ŋu womeɖe mɔ ɖo o le nuto vovovowo dome tẽ — menye be woaɖo ŋu ɖe AP-level isolation ŋu ko o.
  • Dɔwɔɖoɖo ƒe ɣeyiɣi siwo wotsɔ nya ɣaɣlawo ŋlɔ abe gɔmedzedze si wòle be woawɔ ene: Ele be asitsadɔwɔɖoɖo ɖesiaɖe nawɔ HTTPS dzi kple HSTS tanyawo kple ɖaseɖigbalẽwo ƒe pinning le afisi wòanya wɔ le. Ne wò dɔwɔnuwo le ɖaseɖigbalẽwo alo ɣeyiɣi ƒe dzesiwo ɖom ɖa to kadodo siwo womeɣla o dzi la, network ƒe mama agbɔsɔsɔme aɖeke mekpɔa tawò bliboe o.
  • Wireless intrusion detection systems (WIDS): Enterprise-grade access points tso nudzralawo abe Cisco Meraki, Aruba, alo Ubiquiti gbɔ naa WIDS siwo wotu ɖe eme siwo dea dzesi APs alakpatɔwo, deauth attacks, kple ARP spoofing attempts le ɣeyiɣi ŋutɔŋutɔ me.
  • Ðaseɖigbalẽwo ƒe tɔtrɔ edziedzi kple MFA ƒe sedziwɔwɔ: Ne wolé ʋuwo hã la, ɣeyiɣi kpui aɖe ƒe ɣeyiɣi ƒe dzesiwo kple nu geɖe ƒe kpeɖodzinana ɖea ɖaseɖigbalẽ siwo woxe ƒe asixɔxɔ dzi kpɔtɔna ŋutɔ.
  • Network access control (NAC) ƒe ɖoɖowo: Dɔwɔɖoɖo siwo ɖoa kpe mɔ̃wo dzi hafi naa mɔ network ƒe mɔɖeɖe xea mɔ na xɔtunu siwo womenya o be woagage ɖe wò dɔwɔwɔ ƒe network me le gɔmedzedzea me o.
  • Kaƒomɔ̃ ƒe dedienɔnɔ ŋuti numekukuwo ɣeaɖewoɣi: Dodokpɔla si zãa dɔwɔnu siwo le se nu tsɔ wɔa amedzidzedze siawo tututu ɖe wò network dzi la ahe ɖoɖo gbegblẽ siwo automated scanners to la ɖe go.
ƒe nyawo

Gɔmeɖose vevitɔe nye ametakpɔkpɔ le gogloƒe. Woate ŋu ato layer ɖeka ɖesiaɖe ŋu — emae nye nusi numekuku abe AirSnitch ene ɖee fia. Nusi amedzidzelawo mateŋu ato bɔbɔe o enye ƒuƒoƒo atɔ̃, ɖesiaɖe hiã aɖaŋu vovovo hafi aɖu dzi.

Wò Dɔwɔƒe ƒe Dɔwɔnuwo Ƒoƒu Ðe Wò Amedzidzedze ƒe Anyigba dzi

Network dedienɔnɔ ƒe akpa ɖeka si ŋu womekpɔ ŋudzedze ɖo o enye dɔwɔwɔ ƒe mama. Zi alesi wò ƒuƒoƒoa zãa SaaS dɔwɔnu siwo to vovo — kple kpeɖodzimɔnu vovovowo, ɣeyiɣi dzikpɔkpɔ ƒe dɔwɔwɔ vovovowo, kple dedienɔnɔ ƒe nɔnɔme vovovowo — zi nenemae wò nukpɔkpɔ ƒe anyigba lolona le network ɖesiaɖe si wona dzi. Ƒuƒoƒo me tɔ si le ŋku lém ɖe dashboard ene vovovowo ŋu to Wi-Fi kadodo si me gblẽ dzi la ƒe ɖaseɖigbalẽ ƒe ɖeɖefia le ƒuƒoƒo me tɔ si le dɔ wɔm le mɔ̃ ɖeka si wɔ ɖeka me ƒe teƒe ene.

Afi siae mɔ̃wo abe Mewayz ene naa dedienɔnɔ ƒe viɖe ŋutɔŋutɔ si gbɔ woƒe dɔwɔwɔ ƒe viɖe siwo dze ƒã ŋu. Mewayz ƒoa asitsatsa ƒe modules siwo wu 207 nu ƒu — CRM, invoicing, payroll, HR management, fleet tracking, analytics, booking systems, kple bubuwo — ɖe ɣeyiɣi ɖeka si ŋu woɖo kpee me. Le esi teƒe be wò dɔwɔlawo nado gasɔ to gege ɖe eme vovovo wuieve me le domenyinyi vovovo wuieve me le wò asitsahabɔbɔ si nèma la dzi la, woɖoa kpe edzi zi ɖeka ɖe mɔ̃ ɖeka dzi kple dɔwɔƒe ƒe ɣeyiɣi ƒe dedienɔnɔ. Le asitsaha siwo le zãla 138,000 dzi kpɔm le xexeame katã le teƒe siwo woma la, menye ɖeko ƒoƒo ɖekae sia sɔ o — eɖea ɖaseɖigbalẽwo ƒe asitɔtrɔ siwo yia edzi le kaƒomɔ̃ siwo ate ŋu adze afɔku dzi la dzi kpɔtɔna ŋutɔŋutɔ.

| Dɔwɔnu siwo ma ɖe akpa vovovowo me fia akɔntabubu si me mama — eye le xexe si me amedzidzela si ɖoe kplikpaa si si numekukudɔwɔnu siwo li faa ate ŋu ato Wi-Fi ƒe ameɖekɛgaxɔ me la, akɔntabubu le vevie ŋutɔ.

Dedienɔnɔ Ŋuti Dekɔnu Tutu ƒo xlã Netwɔƒe Zazã

Ne amegbetɔ siwo le wo zãm la se nusita dziɖuɖu mawo li gɔme ko hafi mɔ̃ɖaŋununya ƒe dziɖuɖuwo wɔa dɔ. Netwɔƒe ƒe amedzidzedze geɖe siwo gblẽa nu wu la kpɔa dzidzedze menye le esi ametakpɔnuwo do kpo nu le mɔ̃ɖaŋununya gome ta o, ke boŋ le esi dɔwɔla aɖe tsɔ asitsamɔ̃ vevi aɖe do ka kple amedzrowo ƒe network si womekpɔ kpɔ o ta, alo le esi dɔdzikpɔla aɖe da asi ɖe network ƒe ɖoɖowɔɖi ƒe tɔtrɔ dzi evɔ mese eƒe dedienɔnɔ ƒe gɔmesese gɔme o ta.

Dedienɔnɔ ŋuti sidzedze vavãtɔ tutuɖo fia be woayi ŋgɔ wu ƒe sia ƒe ƒe sedziwɔwɔ ŋuti hehenana. Efia be woawɔ mɔfiame ŋutɔŋutɔ siwo wotu ɖe nɔnɔmewo dzi: mègawɔ dɔ tso fetu ŋuti nyatakakawo ŋu to amedzrodzeƒe ƒe Wi-Fi si me VPN mele o dzi gbeɖe o; kpɔe ɖa ɣesiaɣi be asitsadɔwɔɖoɖowo le HTTPS zãm hafi nàge ɖe eme tso network si woama me; ka nya ta tso network ƒe nuwɔna ɖesiaɖe si mèle mɔ kpɔm na o ŋu — kadodo siwo le blewu, ɖaseɖigbalẽ ƒe nuxlɔ̃amewo, gege ɖe eme ƒe nyabiase siwo mebɔ o — na IT enumake.

Efia hã be nàtu nya siwo meɖea dzi ɖi o biabia tso wò ŋutɔ wò xɔtuɖaŋuwo ŋu ɖo. Ɣekaɣie nèdzro wò access point firmware me zi mamlɛtɔ? Ðe wò amedzrowo kple dɔwɔlawo ƒe kadodowo ɖe wo ɖokui ɖe aga ŋutɔŋutɔ le VLAN ƒe ɖoɖo nu, alo le SSID ƒe ɖoɖo nu ko? Ðe wò IT-ha la nya alesi ARP aɖi le wò router ƒe nuŋlɔɖiwo mea? Nyabiase siawo sena le wo ɖokui me be wotea ɖeɖi ame ŋu vaseɖe esime wova hiã kpata — eye le dedienɔnɔ me la, kpata tsi megbe akpa ɣesiaɣi.

Kaƒomɔ̃ ƒe Dedienɔnɔ ƒe Etsɔme: Kakaɖedzi Zero ɖe Hop Ðesiaɖe Ŋu

Numekulawo ƒe habɔbɔa ƒe dɔ si le edzi yim le Wi-Fi ƒe vovototodedeameme ƒe kpododonuwo me ɖeɖe me fia mɔ si me kɔ si anɔ anyi ɣeyiɣi didi: asitsalawo mate ŋu aka ɖe woƒe network layer dzi o. Dedienɔnɔ ƒe kpɔɖeŋu si me kakaɖedzi mele o — si tsɔe be kakaɖedzi le network ƒe akpa aɖeke, mɔ̃ aɖeke, kple ezãla aɖeke ŋu le dzɔdzɔme nu o, eɖanye afikae wole ŋutɔŋutɔ alo network la o — meganye xexemenunya dzro aɖe ko na Fortune 500 dedienɔnɔ ƒe ƒuƒoƒowo o. Enye nusi hiã ŋutɔŋutɔ na asitsaha ɖesiaɖe si kpɔa nyatakaka veviwo gbɔ to kaƒomɔ̃wo dzi.

Le nyateƒe me la, esia fia be woawɔ VPN mɔ̃ siwo le dɔ wɔm ɣesiaɣi na asitsamɔ̃wo ale be ne amedzidzela aɖe gblẽ nu le teƒea ƒe network ƒe akpa ŋu hã la, woado go ʋuɖoɖo si wotsɔ nya ɣaɣlawo ŋlɔ ko. Efia be woatsɔ dɔwɔnu siwo wotsɔ dea dzesi nuwuƒe kple ŋuɖoɖo (EDR) siwo ate ŋu ade dzesi network ƒe nuwɔna si ŋu ɖikeke le le mɔ̃a ƒe ɖoɖo nu. Eye efia be woatia dɔwɔwɔ ƒe mɔnu siwo bua dedienɔnɔ abe adzɔnu ƒe nɔnɔme ene, ke menye nusi woawɔ le emegbe o — mɔnu siwo zia MFA dzi, ŋlɔa mɔɖeɖe ƒe nudzɔdzɔwo ɖi, eye wònaa dɔdzikpɔlawo kpɔa amesi le nyatakaka kawo me ge ɖem, tso afi, kple ɣekaɣi.

Kaƒomɔ̃ si le wò dɔwɔƒea te menye mɔ si medea akpa aɖeke dzi o. Enye amedzidzedze ƒe anyigba si le dɔ dzi, eye aɖaŋuwo abe esiwo woŋlɔ ɖe AirSnitch ƒe numekuku me ene wɔa taɖodzinu vevi aɖe: wozia dzeɖoɖo si ku ɖe ameɖekɛgaxɔ ƒe dedienɔnɔ ŋu tso nukpɔsusu dzi va ɖo dɔwɔwɔ dzi, tso nudzrala ƒe asitsatsa ƒe agbalẽ gbadza dzi va ɖo nusi amedzidzela si ʋãe ate ŋu awɔ ŋutɔŋutɔ le wò ɔfis, wò nuɖuɖudzraƒe, alo wò dɔwɔƒe si nèwɔa dɔ kplii ƒe nyateƒenyenye dzi. Asitsaha siwo tsɔa nusɔsrɔ̃ siawo nu vevii — gadede mama nyuie, dɔwɔnu siwo woƒo ƒu, kple kakaɖedzi zero-kakaɖedzi ƒe gɔmeɖosewo me — ye nye esiwo maxlẽ nu tso woawo ŋutɔ ƒe sedzidada ŋu le ƒe si gbɔna ƒe dɔwɔƒewo ƒe nyatakakawo me o.

Nyabiase Siwo Wobiana Enuenu

Nukae nye asitsalawo ƒe vovototodedeameme le Wi-Fi networkwo me, eye nukatae wobunɛ be enye dedienɔnɔ ƒe nɔnɔme?

Asitsalawo ƒe vovototodedeameme nye Wi-Fi ɖoɖo si xea mɔ na mɔ̃ siwo le kaƒomɔ̃ ɖeka dzi be woagaɖo dze kple wo nɔewo tẽ o. Zi geɖe la, wowɔa eŋudɔ le amedzrowo alo dutoƒo nyatakakadzraɖoƒewo be wòaxe mɔ na mɔ̃ ɖeka si do ƒome kplii be wòagage ɖe bubu me o. Togbɔ be ame geɖe bua eŋu be enye dedienɔnɔ ƒe gɔmedzedze hã la, numekukuwo abe AirSnitch ene ɖee fia be woate ŋu aƒo asa na ametakpɔkpɔ sia to amedzidzedze ƒe mɔnu siwo nye layer-2 kple layer-3 dzi, si ana mɔ̃wo nadze ƒã wu alesi dɔdzikpɔlawo susuna zi geɖe.

Aleke AirSnitch wɔa gbɔdzɔgbɔdzɔwo ŋudɔ le asitsalawo ƒe vovototodedeameme ƒe dɔwɔwɔwo me?

AirSnitch wɔa dometsotsowo ŋudɔ le alesi mɔɖeɖeƒewo zia asisiwo ƒe wo ɖokui ɖeɖe ɖe aga dzi, vevietɔ to nyadzɔdzɔwo kaka ƒe ʋuɖoɖo, ARP ƒe alakpanuwɔwɔ, kple mɔ si metso tẽ o to agbo la dzi zazã ɖe mɔ gbegblẽ nu me. Le esi teƒe be woaɖo dze kple hatiwo tẽ la, woɖoa ʋuwo toa mɔa ŋutɔ dzi, eye wotoa se siwo ku ɖe ameɖokuiɖeɖe ɖe aga ŋu. Mɔnu siawo wɔa dɔ ɖe nuƒlelawo kple dɔwɔƒewo ƒe xɔtunu siwo keke ta nukutɔe ŋu, eye woɖea nyatakaka veviwo ɖe go le network dɔwɔlawo si woxɔ se be woma wo ɖe akpa vovovowo me nyuie eye wole dedie ŋu.

Asitsatsa ƒomevi kawoe le afɔku me wu tso asisiwo ƒe vovototodedeameme ƒe mɔɖeɖe ɖe ame ŋu ƒe amedzidzedzewo me?

Asitsaha ɖesiaɖe si wɔa Wi-Fi ƒe nɔnɔme siwo wozãna ɖekae — asitsaƒewo, amedzrodzeƒewo, dɔwɔƒe siwo wowɔa dɔ aduadu le, atikewɔƒewo, alo dɔwɔƒe ƒe ɔfis siwo me amedzrowo ƒe kadodowo le — dzea ŋgɔ nusiwo ŋu gɔmesese le. Habɔbɔ siwo zãa asitsadɔwɔnu geɖe to kɔmpiutadziɖoɖo ɖeka dzi la koŋue nye esiwo ŋu woate ŋu adze afɔku le. Mɔ̃wo abe Mewayz (si nye 207-module business OS si ƒe home nye $19/mo to app.mewayz.com dzi) ɖo aɖaŋu be woawɔ ɖe network ƒe mama sesẽ kple VLAN ƒe vovototodedeameme dzi be woakpɔ asitsatsa ƒe dɔwɔna veviwo ta tso axadziʋuʋu ƒe amedzidzedzewo me le network siwo woama dzi.

Afɔɖeɖe ŋutɔŋutɔ kawoe IT ƒuƒoƒowo ate ŋu aɖe atsɔ aʋli wo ɖokui ta tso asisiwo ɖeɖe ɖe aga ƒe mɔɖeɖe ƒe mɔnuwo me?

Ametakpɔnu nyuiwo dometɔ aɖewoe nye VLAN ƒe mama nyuie ɖoɖo, ARP ƒe ŋkuléle ɖe nu ŋu si le tɔtrɔm ƒe dɔwɔwɔ, dɔwɔƒe ƒe mɔɖeɖe ƒe teƒe siwo zia ameɖeɖeɖeaga le xɔtunu ƒe ɖoɖo nu zazã, kple ŋkuléle ɖe ARP alo gbeƒãɖeɖe ƒe ʋuɖoɖo si mesɔ o ŋu. Ele be habɔbɔwo nakpɔ egbɔ hã be dɔwɔnu siwo le vevie na asitsatsa la nawɔ se ɖe ɣeyiɣi siwo wotsɔ nya ɣaɣlawo ŋlɔ, siwo ŋu woɖo kpee dzi metsɔ le kakaɖedzi ƒe seƒe si le network dzi o. Netwɔƒe ƒe ɖoɖowo me dzodzro edziedzi kple numekukuwo abe AirSnitch ene me nɔnɔ kpena ɖe IT ƒuƒoƒowo ŋu be woade dzesi dometsotsowo hafi amedzidzelawo nawɔe.