11-06-0430-00-0000-general-802-11-opening-presentation

http错误码摘要本⽂部分内容来源于⽹络，个⼈收集整理，请勿传播所有 HTTP 状态代码及其定义。

本⽂内容取⾃⽹络。

2xx 成功1 2 3 4 5 62xx 成功200 正常；请求已完成。

201 正常；紧接 POST 命令。

202 正常；已接受⽤于处理，但处理尚未完成。

203 正常；部分信息 — 返回的信息只是⼀部分。

204 正常；⽆响应 — 已接收请求，但不存在要回送的信息。

3xx 重定向301 && 302301 永久重定向Moved Permanently 被请求的资源已永久移动到新位置，并且将来任何对此资源的引⽤都应该使⽤本响应返回的若⼲个URI之⼀。

如果可能，拥有链接编辑功能的客户端应当⾃动把请求的地址修改为从服务器反馈回来的地址。

除⾮额外指定，否则这个响应也是可缓存的。

302 临时重定向Found 请求的资源现在临时从不同的URI响应请求。

由于这样的重定向是临时的，客户端应当继续向原有地址发送以后的请求。

只有在Cache-Control或Expires中进⾏了指定的情况下，这个响应才是可缓存的。

共同点：⽤户都可以看到url替换为了⼀个新的，然后发出请求301适合永久重定向⽐较常⽤的场景是使⽤域名跳转。

我们访问会跳转到注意： 301请求是可以缓存的，即通过看status code，可以发现后⾯写着from cache。

302⽤来做临时跳转⽐如未登陆的⽤户访问⽤户中⼼重定向到登录页⾯。

访问404页⾯会重新定向到⾸页。

1 2 3 4 5 6 7 8 9 10 11 12 13 14##niginx 301/302配置rewrite后⾯接上permenent就代表301跳if ($host != 'isme.pub') {rewrite ^/(.*)$ https://c.isme.pub/$1 permanent; }# 接上redirect就代表302跳if ($host != 'isme.pub') {rewrite ^/(.*)$ https://c.isme.pub/$1 redirect; }304客户端发送了⼀个带条件的GET请求且该请求已被允许，但是请求的⽂档没有发⽣改变，则状态码是304如ngx配置了静态资源的缓存1 2 3303 请参阅其它 — 可在另⼀ URI 下找到对请求的响应，且应使⽤ GET ⽅法检索此响应。

IEEE802.11协议基础知识1. 802.11管理功能–用户接入过程STA (工作站）启动初始化、开始正式使用、AP 传送数据幀之前，要经过三个阶段才能接入:(1) 扫描(SCAN)(2) 认证(Authentication)(3) 关联(Association)1.1 802.11管理–扫描(SCAN)1) 若无线站点STA 设成Ad-hoc (无AP)模式：STA先寻找是否已有IBSS（与STA所属相同的SSID）存在，如有，则参加（join）；若无, 则会自己创建一个IBSS，等其他站来join。

2) 若无线站点STA 设成Infrastructure (有AP)模式：--主动扫描方式 (特点：能迅速找到)•依次在每个信道上发送Probe request报文，从Probe Response中获取BSS的基本信息，Probe Response包含的信息和Beacon帧类似-- 被动扫描方式 (特点：找到时间较长，但STA节电)• 通过侦听AP定期发送的Beacon帧来发现网络，Beacon帧中包含该AP所属的BSS的基本信息以及AP的基本能力级，包括：BSSID（AP的MAC地址）、SSID、支持的速率、支持的认证方式，加密算法、Beacons帧发送间隔，使用的信道等• 当未发现包含期望的SSID的BSS时，STA可以工作于IBSS状态1.2 802.11管理功能–认证(Authentication)802.11支持两种基本的认证方式:• Open-system Authentication1) 等同于不需要认证，没有任何安全防护能力2) 通过其他方式来保证用户接入网络的安全性，例如Address filter、用户报文中的SSID• Shared－Key Authentication1) 采用WEP加密算法2) Attacker可以通过监听AP发送的明文Challenge text和STA回复的密文Challenge text计算出WEP KEY另外，STA可以通过Deauthentication来终结认证关系。

802、11抓包分析1、实验目的分析802、11协议,了解802、11的帧格式2、实验环境及工具操作系统:ubuntu实验工具:WireShark3、实验原理(1)802、11MAC层数据帧格式:Bytes 2 2 6 6 6 2 0-2312 4Version:表明版本类型,现在所有帧里面这个字段都就是0Type:指明数据帧类型,就是管理帧,数据帧还就是控制帧,00表示管理帧,01表示控制帧,10表示数据帧Subtype:指明帧的子类型 ,Data=0000,Data+CF-ACK=0001,Data+CF-Poll=0010, Data+CF-ACK+CF-Poll=0011,Nulldata=0100,CF-ACK=0101,CF-Poll=0110,Data+CF-ACK+CF-Poll=0111,QoS Data=1000,Qos Data+CF-ACK=1001,QoS Data+CF-Poll=1010,QoS Data+CF-ACK+CF-Poll=1011,QoS Null =1100,QoS CF-ACK=1101,QoS CF-Poll=1110,QoS Data+CF-ACK+CF-Poll=1111To DS/From DS:这两个数据帧表明数据包的发送方向,分四种情况:若数据包To DS为0,From DS为0,表明该数据包在网络主机间传输若数据包To DS为0,From DS为1,表明该数据帧来自AP若数据包To DS为1,From DS为0,表明该数据帧发送往AP若数据包To DS为1,From DS为1,表明该数据帧就是从AP发送往APMore flag、:置1表明后面还有更多段Retry:置1表明这个以前发送一帧的重传Pwr mgt、:置1表明发送发进入节能模式More data:置1表明发送发还有更多的帧需要发送给接收方,当AP缓存了处于省电模式下的网络主机的数据包时,AP给该省电模式下的网络主机的数据帧中该位为1,否则为0Protected:置1表明该帧的帧体已经被加密Order:置1告诉接收方高层希望严格按照顺序来处理帧序列Duration:通告本帧与其确认帧将会占用信道多长时间Address 1:发送方地址 Address 2:接收地址 Address 3:远程端点Sequence:帧的编号Data:有效载荷,长度可达2312字节Check Sequence:CRC校验码(2)802、11控制帧,每种控制帧的帧格式不一样,以RTS帧为例说明Bits 2 2 4 1 1 1 1 1 1 1 1 Version:表明版本类型,现在所有帧里面这个字段都就是0Type:指明数据帧类型,就是管理帧,数据帧还就是控制帧,00表示管理帧,01表示控制帧,10表示数据帧Subtype:指明数据帧的子类型,Power Save(PS)-Poll(省电轮询)=1010,RTS=1011,CTS=1100,ACK=1101,CF-End(无竞争周期结束)=1110,CF-End(无竞争周期结束)+CF-ACK(无竞争周期确认)=1111,BlockACK=1001,控制帧的To DS 至Order除Pwr、mgt、外必然为0Receiver Address:接收方地址Transmitter Address:发送发地址,CTS与ACK没有该字段Check sequence:校验码(3)管理帧,Version:表明版本类型,现在所有帧里面这个字段都就是0Type:指明数据帧类型,就是管理帧,数据帧还就是控制帧,00表示管理帧,01表示控制帧,10表示数据帧Subtype:指明数据帧的子类型,Association Request(关联请求)=0000,Association Response (关联响应)=0001,Reassociation Request(重关联请求)=0010,Reassociation Response(重关联响应)=0011,Probe Request(探测请求)=0100,Probe Response(探测响应)=0101,Beacon(信标帧)=1000,ATIM(通知传输指示信息)=1001,Disassociation(解除关联)=1010,Authentication(身份验证)=1011,Deauthentication(解除身份验证)=1100管理帧的To DS 与From DS均为0,其余Frame Control字段意义与数据帧一致Destination Address:目的地址Source Address:源地址BSSID:基本服务集ID, 用于过滤收到的MAC帧(在基础型网络里为工作站所关联的AP的MAC 地址)Sequence:帧序列号Address Check sequence:校验码4、实验步骤1、配置wireshark,启动monitor mode,抓取wifi的数据包,如下图2、分析抓取到的wifi数据包5、实验结果及分析1、数据帧(1)数据帧Version ,Type 与Subtype的08H,即00001000,后两位00,表明协议版本为0,倒数3、4位10 表明这就是一个数据帧,前四位0000就是subtype。

竭诚为您提供优质文档/双击可除802.11标准协议代码篇一：802.11协议802.11b/g/n协议一、符合ieee的移动通信技术二、802.11四种主要物理组件1.工作站(station)构建网络的主要目的是为了在工作站间传送数据。

所谓工作站，是指配备无线网络接口的计算设备，即支持802.11的终端设备。

如安装了无线网卡的pc，支持wlan的手机等。

2.接入点(accesspoint)802.11网络所使用的帧必须经过转换，方能被传递至其他不同类型的网络。

具备无线至有线的桥接功能的设备称为接入点，接入点的功能不仅于此，但桥接最为重要。

为sta 提供基于802.11的接入服务，同时将802.11mac帧格式转换为以太网帧，相当于有限设备和无线设备的桥接器。

3.无线媒介(wirelessmedium)802.11标准以无线媒介在工作站之间传递帧。

其定义的物理层不只一种，802.11最初标准化了两种射频物理层(2.4ghz和5ghz)以及一种红外线物理层。

4.分布式系统(distributionsystem)当几个接入点串联以覆盖较大区域时，彼此之间必须相互通信以掌握移动式工作站的行踪。

分布式系统属于802.11的逻辑组件，负责将帧传送至目的地，将各个ap连接起来的骨干网络。

三、无线局域网的网络类型infrastructure网络架构可以实现多终端共用一个ap。

需要ap提供接入服务，ap负责基础结构型网络的所有通信。

这种网路可以提供丰富的应用，较多的sta接入数量。

ad-hoc网络没有有线基础设施，网络节点由移动主机构成，无线网卡之间的通讯，不需要通过ap。

一般是少数几个sta为了特定目的而组成的一种暂时性网络，又称特设网络。

注意：bss(basicserviceset)基本服务集由能互相通信的sta 组成，是802.11网络提供服务的基本单元；ess扩展网络由多个bss构成，是采用相同ssid的多个bss形成的更大规模的虚拟bsss，是为了解决单个bss覆盖范围小的问题而定义的；ssid（服务集标识），标识一个ess 网络，相当于网络的名称；bssid是ap的mac地址，用来标识ap管理的bss。

linux 80211 认证过程802.11是无线局域网的标准之一，定义了无线网络中设备之间的通信协议和认证过程。

在Linux系统中，认证过程分为四个阶段，即关联（Association），认证（Authentication），授权（Authorization）和密钥交换（Key Exchange）。

下面将详细介绍Linux上的802.11认证过程。

1.关联（Association）：关联是客户设备与接入点（Access Point）建立连接的过程。

客户设备扫描附近的无线网络，并查找信号强度最好的接入点。

然后，客户设备向接入点发送关联请求，并提供自己的身份信息，如MAC地址、支持的安全机制等。

接入点验证这些信息，并决定是否与客户设备建立连接。

2.认证（Authentication）：认证是指客户设备通过验证自己的身份合法性来获得接入网络的权限。

认证过程有两种方式：开放系统认证和共享密钥认证。

-开放系统认证：客户设备向接入点发送认证请求，接入点无条件通过认证请求。

这种方式不提供任何安全性，任何设备都可以连接到网络。

在Linux系统中，可以通过设置认证方式为“open”的参数来实现开放系统认证。

-共享密钥认证：客户设备向接入点发送认证请求，并提供预共享密钥（Pre-Shared Key，PSK）。

接入点使用相同的PSK对请求进行验证。

如果PSK匹配，认证成功；否则，认证失败。

在Linux系统中，可以通过设置认证方式为“wpa-psk”和提供正确的PSK来实现共享密钥认证。

3.授权（Authorization）：授权是指接入点验证客户设备的身份合法性，并为其分配访问网络的权限。

在认证过程中，接入点会根据客户设备的身份信息来决定是否授权。

如果认证和授权都成功，客户设备可以继续后续操作，例如IP地址获取、DNS解析等。

4.密钥交换（Key Exchange）：密钥交换是为了保证在接下来的通信过程中数据的加密和解密。

802.11名词解析MAC：媒介访问控制层CSMA/CD:载波监听多路访问两类对称加密算法TKIP：核心仍然是RC4算法 CCMP：核心为AES算法LLC:802标准所描述的局域网参考模型只对应OSI参考模型的数据链路层与物理层，它将数据链路层划分为逻辑链路控制层LLC子层和介质访问控制MAC子层。

RTS/CTS:请求发送/允许发送协议 Mesh: Mesh网络即”无线网格网络”,它是“多跳（multi-hop）”网络，是由ad hoc网络发展而来，是解决“最后一公里”问题的关键技术之一。

在像下一代网络演进的过程中，无线是一个不可或缺的技术。

无线mesh可以与其它网络协同通信。

是一个动态的可以不断扩展的网络架构，任意的两个设备均可以保持无线互联。

Ad-Hoc（点对点）模式：ad-hoc模式就和以前的直连双绞线概念一样，是P2P的连接，所以也就无法与其它网络沟通了。

一般无线终端设备像PMP、PSP、DMA等用的就是ad-hoc模式。

在家庭无线局域网的组建，我想大家都知道最简单的莫过于两台安装有无线网卡的计算机实施无线互联，其中一台计算机连接Internet就可以共享带宽。

如下图所示，一个基于Ad-Hoc结构的无线局域网便完成了组建。

ISM(Industrial Scientific Medical) Band，是由ITU-R （ITU Radiocommunication Sector，国际通信联盟无线电通信局）定义的。

此频段主要是开放给工业、科学、医学三个主要机构使用，属于Free License，无需授权许可，只需要遵守一定的发射功率(一般低于1W)，并且不要对其它频段造成干扰即可。

OFDM:正交频分多路复用DCF:分布式协调功能 PCF：点协调功能 HCF：混合协调功能 QoS：服务质量802.11具备两种载波监听功能：物理载波监听与虚拟载波监听。

只要其中有一个监听功能显示媒介处于忙碌状态，MAC就会将此状况汇报给较高层的协议。

http200、301、304等状态码详解当浏览者访问⼀个⽹页时，浏览者的浏览器会向⽹页所在服务器发出请求。

当浏览器接收并显⽰⽹页前，此⽹页所在的服务器会返回⼀个包含HTTP状态码的信息头（server header）⽤以响应浏览器的请求HTTP状态码的英⽂为HTTP Status Code。

下⾯是常见的HTTP状态码：•200 - 请求成功•301 - 资源（⽹页等）被永久转移到其它URL•404 - 请求的资源（⽹页等）不存在•500 - 内部服务器错误200表⽰正常0k，这个是地球⼈都知道的了。

301 Moved Permanently 表⽰客户请求的⽂档在其他地⽅，新的URL在Location头中给出，浏览器应该⾃动地访问新的URL。

304 Not Modified：客户端有缓冲的⽂件并发出了⼀个条件性的请求（⼀般是提供If-Modified-Since头表⽰客户只想⽐指定⽇期更新的⽂档）。

服务器告诉客户，原来缓冲的⽂档还可以继续使⽤。

如果客户端在请求⼀个⽂件的时候，发现⾃⼰缓存的⽂件有 Last Modified ，那么在请求中会包含 If Modified Since ，这个时间就是缓存⽂件的 Last Modified 。

因此，如果请求中包含 If Modified Since，就说明已经有缓存在客户端。

只要判断这个时间和当前请求的⽂件的修改时间就可以确定是返回 304 还是 200 。

对于静态⽂件，例如：CSS、图⽚，服务器会⾃动完成Last Modified 和 If Modified Since 的⽐较，完成缓存或者更新。

但是对于动态页⾯，就是动态产⽣的页⾯，往往没有包含Last Modified 信息，这样浏览器、⽹关等都不会做缓存，也就是在每次请求的时候都完成⼀个 200 的请求。

⼀般的⼤的站点的图⽚服务器都有实现HTTP 304 缓存功能。

这个 304 状态⼀般主要在⽤户刷新页⾯(F5键)的时候触发，当⽤户在刷新页⾯的时候，因为原来的页⾯⾥的很多图⽚已经缓存过，客户端的浏览器已经记录了图⽚的最后更新时间(Last Mod)，所以在⽤户刷新页⾯的时候，会向服务器提交⼀个字段：If-Modified-Since: Wed, 08 Sep 2010 21:35:06 GMT这个时候，服务器端的程序先取得这个字段的值，然后与服务器上的图⽚最后修改时间对⽐，如果相同，就直接返回 304 Not Modified ，然后停⽌。

1. Wireless users on a network complain about poor performance within a small area of a room. Moving away from this area in any direction improves performance dramatically. What is the first step in designing a solution to this problem?This might be RF channel overlap, so the technician should verify the channels in use on each wireless access point and change tonon-overlapping channels.The RF power settings might be set too low on the wireless access points servicing the room. Increase the RF output power on all wireless access points.Install a new wireless access point in this center area to provide coverage.Verify that the wireless access points have sufficient in-line power and connectivity to the wired network.2. Which network design process identifies where to place access points?site surveyrisk assessmentscalability designnetwork protocol analysis3. What will a wireless client transmit to discover the available WLAN networks?beaconpasswordprobe requestassociation request4. What procedure can prevent man-in-the-middle attacks?Force all devices on a WLAN to authenticate and monitor for any unknown devices.Enable access points to send an SSID to each device wanting to use the network.Configure MAC filtering on all authorized access points.Disable SSID broadcasts.5. What does a wireless access point use to allow WLAN clients to learn which networks are available in a given area?association responsebeaconkeyprobe request6. What wireless security feature allows a network administrator to configure an access point with wireless NIC unique identifiers so that only these NICs can connect to the wireless network?authenticationSSID broadcastingMAC address filteringEAP (Extensible Authentication Protocol)Radius (Remote Authentication Dial-In User Service)7. Which two conditions have favored adoption of 802.11g over 802.11a? (Choose two.)802.11a suffers from a shorter range than 802.11g.The 2.4 GHz frequency band is not as crowded as the 5 GHz band.802.11a is more susceptible to RF interference from common commercial items.802.11a uses a more expensive modulation technique than 802.11g.802.11g is backward compatible with 802.11b, but 802.11a is not.8. What occurs when a rogue access point is added to a WLAN?Authorized access points can transmit excess traffic to rogue access points to help alleviate congestion.Unauthorized users can gain access to internal servers, thus causing a security hole.All traffic that uses the same channel as the rogue access point will be encrypted.All traffic that uses the same channel as the rogue access point will be required to authenticate.9. Which two statements concerning network security are accurate? (Choose two.)802.11i uses 3DES for encryption.Open authentication uses no client or AP verification.The 802.11i protocol is functionally identical to WPA.802.11i incorporates a RADIUS server for enterprise authentication.A wireless client first associates with an AP and then authenticates for network access.10. Which two statements characterize wireless network security? (Choose two.)A rogue access point represents a security risk for the local network. Wireless networks offer the same security features as wired networks.Using encryption prevents unauthorized clients from associating with an access point.An attacker needs physical access to at least one network device to launch an attack.With SSID broadcast disabled, an attacker must sniff the SSID before being able to connect.11. Which two conditions have favored adoption of 802.11g over 802.11a? (Choose two.)802.11a suffers from a shorter range than 802.11g.The 2.4 GHz frequency band is not as crowded as the 5 GHz band.802.11a is more susceptible to RF interference from common commercial items.802.11a uses a more expensive modulation technique than 802.11g.802.11g is backward compatible with 802.11b, but 802.11a is not.12. Which major problem does CSMA/CA overcome in wireless networks?bandwidth saturationprivacy concernsmedia contentiondevice interoperability13. Which installation method will allow connectivity for a new wireless network?set up WEP on the access point onlyset up open access on both the access point and each device connected to itset up full encryption on the access point while leaving each device connected to the network openset up full encryption on each device of the WLAN while leaving the access point settings open14. Which function is provided by a wireless access point?dynamically assigns an IP address to the hostprovides local DHCP servicesconverts data from 802.11 to 802.3 frame encapsulationprovides a gateway for connecting to other networks15. Which three devices do many wireless routers incorporate? (Choose three.)gateway for connecting to other network infrastructuresbuilt-in Ethernet switchnetwork management stationVTP serverwireless access pointVPN concentrator16. Which access method does a wireless access point use to allow for multiple user connectivity and distributed access?CSMA/CDtoken passingCSMA/CApolling17. Refer to the exhibit. When configuring the wireless access point, which setting does the network administrator use to configure the unique identifier that client devices use to distinguish this wireless network from others?Network ModeNetwork Name (SSID)Radio BandWide ChannelStandard Channel18. In a WLAN network, why should wireless access points be implemented with each access point using a different channel?to keep users segregated on separate subnetsto control the amount of bandwidth that is utilizedto keep signals from interfering with each otherto keep traffic secure19. Why is security so important in wireless networks?Wireless networks are typically slower than wired networks.Televisions and other devices can interfere with wireless signals.Wireless networks broadcast data over a medium that allows easy access.Environmental factors such as thunderstorms can affect wireless networks.20. Which wireless technology standard provides the most compatibility with older wireless standards, but has greater performance?802.11a802.11b802.11g802.11n21. What purpose does authentication serve in a WLAN?converts clear text data before transmissionindicates which channel the data should flow ondetermines that the correct host is utilizing the networkallows the host to choose which channel to use。

A Formal Analysis of IEEE802.11w DeadlockVulnerabilitiesMartin EianDepartment of TelematicsNorwegian University of Science and Technology(NTNU)Trondheim,NorwayEmail:martin.eian@item.ntnu.noStig F.MjølsnesDepartment of TelematicsNorwegian University of Science and Technology(NTNU)Trondheim,NorwayEmail:stig.mjolsnes@item.ntnu.noAbstract—Formal methods can be used to discover obscure de-nial of service(DoS)vulnerabilities in wireless network protocols. The application of formal methods to the analysis of DoS vul-nerabilities in communication protocols is not a mature research area.Although several formal models have been proposed,they lack a clear and convincing demonstration of their usefulness and practicality.This paper bridges the gap between theory and practice,and shows how a simple protocol model can be used to discover protocol deadlock vulnerabilities.A deadlock vulnerability is the most severe form of DoS vulnerabilities, thus checking for deadlock vulnerabilities is an essential part of robust protocol design.We demonstrate the usefulness of the proposed method through the discovery and experimental validation of deadlock vulnerabilities in the published IEEE 802.11w amendment to the802.11standard.We present the complete procedure of our approach,from model construction to verification and validation.An Appendix includes the complete model source code,which facilitates the replication and extension of our results.The source code can also be used as a template for modeling other protocols.I.I NTRODUCTIONWireless network access protocols are used in numer-ous safety critical applications,such as life critical medical devices,supervisory control and data acquisition(SCADA) systems,smart grid applications,intelligent transport systems (ITS),emergency communications and alarm -work availability is important for safety critical applications, since loss of availability can cause physical damage.An adversary can disrupt the availability of a wireless network using denial of service(DoS)attacks.The most widely deployed wireless protocols are vulner-able to DoS attacks.Throughout the last decade researchers have published DoS attacks against IEEE802.11local area networks(LANs)[1],[2],[3],[4],IEEE802.16wide area networks(WANs)[5]and GSM and UMTS mobile networks [6].One of the most common forms of wireless DoS attacks is semantic attacks,i.e.to send valid protocol messages that cause one or more protocol participants to lose state synchronization.Semantic attacks can be highly efficient,since the participants may have to spend a significant amount of time to detect and correct the lost synchronization.The most severe semantic DoS attacks can cause a protocol deadlock.A deadlock state is a global state where the protocol participants are not able to recover to a functional state.In this paper,we apply formal methods for the analysis of deadlock vulnerabilities in the IEEE802.11medium access control(MAC)layer[7]with the802.11i[8]and802.11w [9]amendments.The motivation for using802.11w as our target protocol is that it has been subject to extensive manual analysis.The802.11w designers found a deadlock vulnerabil-ity in an early draft of802.11w.The protocol specification was modified because deadlock vulnerabilities were consid-ered unacceptable.The802.11w amendment has also been subject to manual analysis by independent researchers[2], [10].Thus,we consider802.11w as an appropriate subject for our investigation.The main contribution of our work is a demonstration of how formal methods can be used tofind deadlock vulnerabili-ties.In particular,we investigate how to automatically discover vulnerabilities through the construction and verification of a formal protocol model.Our work bridges the gap between theory and practice by giving a detailed description of how to construct and verify a simple and useful protocol model, including the complete model source code.The proposed approach to modeling and verification could help protocol designers discover deadlock vulnerabilities at an early stage of the design process.Several formal models for the analysis of protocol DoS vulnerabilities have been proposed[11],[12],[13].To the best of our knowledge,none of the proposed models have been demonstrated to be both easy to implement and able to discover deadlock vulnerabilities in protocols.The rest of this paper is structured as follows:Section II introduces relevant parts of the802.11standard and related work.Section III constructs the model.Section IV presents the verification results from the model checker.Section V is an experimental validation of the verification results.Section VI discusses the results.Section VII concludes the paper.The Appendix includes the complete source code of our model.II.B ACKGROUND AND R ELATED W ORKThe IEEE802.11standard for wireless LANs(WLANs) was ratified in1997and accepted as an ISO standard in1999. The most recent version of the standard is802.11-2007[7], which includes the802.11i-2004amendment[8].802.11i-2004 specifies security enhancements for the802.11MAC layer.2012 Proceedings IEEE INFOCOM 978-1-4673-0775-8/12/$31.00 ©2012 IEEE918Fig.1.802.11with802.11i and802.11w connection establishment.A station (STA)connects to an access point(AP).The Open System Authentication exchange is a null authentication,present due to legacy reasons.A successful 802.11association triggers an Extensible Authentication Protocol over local area networks(EAPOL)4-way handshake that provides authenticated key agreement.The4-way handshake creates a shared pairwise transient key (PTK)which is used to protect unicast traffic between the STA and AP.The group temporal key(GTK)and integrity GTK(IGTK)are used to protect broadcast data frames and management frames from the AP to the STA.A message integrity code(MIC)is used to protect EAPOL messages2,3and 4.Message1is not protected.The802.11w-2009amendment specifies protection of man-agement frames of subtype Deauthentication,Disassociation and Action using the802.11i security mechanisms[9].Figure 1shows the connection establishment protocol in an802.11 network with the802.11i and802.11w amendments.The802.11standard specifies three protocol states for 802.11authentication and association.The802.11association is established prior to the security association(SA).Figure2 shows the802.11states and transitions.The access point(AP) stores a separate state for every corresponding station(STA). Every STA stores a state for the AP it communicates with. The state is represented by two Boolean state variables,an authentication variable and an association variable.In State 1both the variables are false.In State2the authentication variable is true and the association variable is false.In State 3both variables are true.Every frame type is categorized as Class1,2or3.Data frames are Class3frames.If an AP or STA is in State1and receives a Class2or Class3frame,then the recipient will discard the frame and respond with a Deauthentication notifi-cation with Reason Code6or7.If a Class3frame is received while in State2,then the recipient will discard the frame and respond with a Disassociation notification with Reason Code7. The purpose of these responses is to resynchronize the protocol participants in the case of a state mismatch.The802.11 standard does not clearly specify how to handle the situation where the AP is in State3and then receives an Authentication Request.The textual description states that the AP should enter State2,while the state transition diagram does not allowsuch Fig.2.The802.11states and transitions.Note that the Deauthentication and Disassociation notifications are protected in802.11w.If a recipient has an active security association and receives an unprotected Deauthentication or Disassociation frame,then it will silently discard thatframe.Fig.3.The802.11w association attack discovered by TGw.The AP deletes its security association after a successful802.11association.The AP starts the EAPOL4-way handshake,but gets no response from the STA.After a timeout,the AP enters State1,where it discards all Class2and3frames. The AP has deleted its security association and PTK,and is thus not able to send a protected Deauthentication notification to the STA.Every unprotected Deauthentication notification from the AP is discarded by the STA.a transition.Some implementations by Cisco follow the textual description and let the AP transition to State2[2].Conversely, the open source hostapd[14]implementation leaves the AP in State3.We model both of these behaviors since the802.11 standard is open to interpretation on this point.The IEEE802.11Task Group w(TGw)started developing the802.11w amendment in2005.In2007,a TGw member discovered a deadlock vulnerability in the802.11w draft[15]. Figure3illustrates an attack exploiting this vulnerability. The presence of a deadlock vulnerability in802.11w was considered unacceptable by TGw.An SA Query procedure was919thus added to the802.11w draft as a countermeasure.When an AP receives an Association Request from a STA,the AP does not immediately accept the Association Request if the STA is associated to the AP and there is a valid SA between them.The AP starts a timer and responds with an Association Response.The Association Response informs the STA that it must wait until the timer expires before it tries to associate again.The AP then sends a protected SA Query Request to the STA.If a protected SA Query Response is received,then the previous Association Request is ignored and the timer is canceled.If no response is received before the timer expires, then the AP will accept the next Association Request from that STA.The STA sends a new Association Request,and the AP sends an Association Response.Finally,the AP sends a protected Disassociation notification to the STA before it deletes its SA and proceeds to the EAPOL4-way handshake. In previous work,we described and analyzed this deadlock vulnerability and the SA Query procedure[2].Part of the conclusions in[2]is that if an adversary is able to delete frames,then he can cause a deadlock even if the SA Query procedure is used.Ahmad and Tadakamadla later improved the association attack[10].They proposed to use a virtual jamming attack[1]to prevent the STA from responding to the SA Query Requests.They also provided experimental validation of their attack using the hostapd software[14]as the AP and wpa supplicant[16]as the STA.One issue with their analysis is that they ignored that the AP will send a protected Disassociation notification before it deletes the SA,which is a mandatory requirement in802.11w[9,p.74].The STA will delete its SA and enter State2when it receives the protected Disassociation notification,thus avoiding a deadlock.The reason why their attack worked in practice is that this feature is not yet implemented in hostapd.A comment in the hostapd source code states that the feature will be implemented. Thus,the attack proposed by Ahmad and Tadakamadla will not cause a deadlock against a standards compliant802.11w implementation.802.11w also specifies an optional deadlock recovery mech-anism[9,p.75].If a STA has a valid SA and receives an unprotected Deauthentication or Disassociation frame with Reason Code6or7from the AP,then the STA may initiate an SA Query procedure.If the SA Query procedure fails,then the STA may delete its SA and enter State1.We model802.11w both with and without this mechanism,since it is an optional part of the specification.III.M ODEL C ONSTRUCTIONWe construct a model of802.11with the802.11i and 802.11w amendments using the formal method proposed in [17].Promela is used as the modeling language and the Spin model checker is used to verify the model properties[18].We use an iterative method to develop our model.The method starts with a simple model,uses the model checker to verify the model properties,and then refines the model.We use a high level of abstraction in order to keep the model state space as small as possible.As specified in[17],our model consists of three entities:the AP,the STA and the adversary.Each entity is defined as afinite state transducer.We use the802.11frames as the transducer input and output messages.The AP and STA entities are modeled according to the protocol specification.The AP and STA transducers are deterministic except for a few cases where protocol timeouts are modeled nondeterministically.The ad-versary transducer is completely nondeterministic.It selects a frame type randomly and transmits this frame to either the AP or STA.The adversary may transmit its frames at any time during model execution.The adversary is only allowed to transmit frames that are not protected by the security mechanisms.The total number of frames it can transmit is limited by an upper bound.Since a model checker enumerates every possible model state,it discovers every possible attack from the adversary.We model the AP,STA and adversary entities as Promela proctype declarations.We construct the model so that it stops execution if the protocol is in a state where it is unable to recover.The model thus stops execution in the cases where the actual protocol executes an infinite loop.Since we can use Spin to verify the safety property“invalid endstates”,this construction facilitates the discovery of deadlock vulnerabili-ties.By carefully balancing the transmission of Data frames, we achieve the desired model property:that the model stops execution if the protocol is unable to recover.The AP and STA do not transmit a Data frame unless theyfirst receive a valid Data frame.There are two exceptions to this rule.First,the AP sends a Data frame once it receives a valid EAPOL message4 at the end of the EAPOL4-way handshake.Second,the STA sends a Data frame if it uses the wrong802.11channel and then receives a Beacon frame instructing it to switch back to the correct channel.The entity state machines for the AP and STA consist of the802.11State,the802.11channel,the SA state,the SA Query state,the last frame sent and the last frame received. We use the last frame sent and the last frame received as part of the entity states because the802.11standard does not specify state transitions for every single frame.For example,consider the transition“Successful Authentication”in Figure2.This transition consists of two frames:an Authentication Request from the STA to the AP,and an Authentication Response from the AP to the STA.If the STA does not change its state after sending the Authentication Request,then it immediately sends another Authentication Request.The AP and STA thus need to store these frames in order to behave correctly.Conversely,the adversary state is determined only by the number of frames that it has transmitted.The total number of frames that the adversary can transmit is limited by a configurable upper bound.The adversary process terminates once the upper bound is reached.Our next challenge is to model protocol timeouts.If possi-ble,we model protocol timeouts using internal signaling mes-sages.Consider the case that the AP sends EAPOL message 1,but the STA does not expect this message.In our model, the STA knows that the message will be discarded,thus it can920send an internal signaling message to the AP to trigger the AP timeout procedure.We use the same approach to handle SA Query timeouts.However,we cannot use this approach when we process frames that could have been sent by the adversary. We use the Promela timeout statement to handle these cases. The Promela timeout statement is a global Boolean variable that is true,i.e.executable,if and only if no other model statement is executable.In other words,the execution of a timeout statement implies that either a protocol deadlock or a protocol timeout has occurred.We place the timeout statement inside the STA proctype declaration,since all of the AP timeouts are handled using internal signaling messages.When the timeout statement is executed,we check if the protocol is in a state where the STA would experience a protocol timeout. If the STA experiences a protocol timeout,then it follows the timeout procedure.Otherwise,the model execution is halted. Finally,we allow our adversary to halt its execution at any time,and to resume execution once the timeout statement is executed.The rationale for this construction is that the adversary process is always executable until it terminates. If the adversary is not allowed to halt its execution,then we would not be able to discover deadlock vulnerabilities where a protocol timeout occurs and the adversary then sends additional frames after the timeout.We include the complete model source code in the Ap-pendix.The Promela code in the Appendix can be used together with the model checker Spin to replicate our results or to investigate the effects of protocol modifications.IV.M ODEL V ERIFICATIONWe use Spin version6.0.1with the iSpin version1.0.4 interface to verify our model using the safety property“invalid endstates”.The model checkerfinds no deadlocks when the optional deadlock recovery mechanism described in Section II is enabled.We disable this mechanism and repeat the model verification.The model checker thenfinds several attacks that cause a deadlock in802.11w.We analyze the attacks and discover three underlying protocol vulnerabilities.Thefirst vulnerability is that the AP can be disconnected after sending EAPOL message3.This results in a state where the STA has a valid SA and the AP does not have a valid SA.Figure4illustrates an attack against this vulnerability. The attack targets the EAPOL4-way handshake used in the initial connection establishment.The adversary has to send its Deauthentication notification1before the STA sends EAPOL message4.Furthermore,the attack only works if the STA activates its security association before it receives the Deauthentication notification from the AP.The attack cannot be mounted against an established connection.However,if a different attack is able to cause a state reset and a new connection establishment,then a combination of attacks can cause a deadlock against an established connection.The second vulnerability is that if the AP is in802.11State 2,then an SA Query procedure will not be triggered when it 1A Disassociation notification could also be used,the end result would be thesame.Fig.4.Thefirst deadlock vulnerability in802.11w.The adversary listens for an EAPOL4-way handshake.Once the AP transmits EAPOL message3,the adversary sends an unprotected Deauthentication notification to the AP.The AP thus deletes its derived PTK and transitions to State1.The STA sends EAPOL message4to the AP,and the STA then installs the PTK and enables the security association.Since EAPOL message4is a Class3frame,the AP responds with an unprotected Deauthentication notification.This frame is discarded by theSTA.Fig.5.The second deadlock vulnerability in802.11w.The adversary sends an Authentication Request to the AP,which transitions to State2.The adversary then sends an Association Request to the AP,which then deletes its SA and initiates an EAPOL4-way handshake.Once the4-way handshake timeout occurs,the AP sends an unprotected Deauthentication notification to the STA.This frame is discarded by the STA.receives an Association Request.The AP transitions to State2 after a successful802.11authentication if the implementation follows the textual description in the802.11standard.Figure 5illustrates an attack against the second vulnerability.The attack can be mounted against an established connection.The third vulnerability is that frame deletion is possible through the use of Beacon frames with the Channel Switch Announcement element specified in802.11h[19].This type of Beacon frame can make the STA switch to a different channel.The STA does not receive any frames from the AP when it is on the wrong channel.Beacon frames are not protected by 921Fig.6.The third deadlock vulnerability in802.11w.The AP,STA and adversary are on802.11channel A.The adversary broadcasts a Beacon frame with a Channel Switch Announcement element on channel A.The Beacon frame instructs the STA to switch to channel B.The adversary then transmits an Association Request to the AP,waits for the SA Query timeout,and then transmits another Association Request to the AP.Finally,the adversary broadcasts a Beacon frame with a Channel Switch Announcement element on channel B.The Beacon frame instructs the STA to switch to channel A.The STA does not receive any of the frames between thefirst and last Beacon frames,since it is on a different channel.802.11w,thus they can be forged by the adversary.Figure 6illustrates an attack against this vulnerability.In theory, this attack only works against a STA with802.11h spectrum management support operating in the5GHz band.However, the results in[4]show that the attack may also work against drivers that support802.11h even when they operate in the2.4 GHz band.The attack can be mounted against an established connection.V.E XPERIMENTAL V ALIDATIONWe implement the attacks described in Section IV.We then test the attacks against an802.11w implementation in order to validate the model verification results and to determine if the attacks are practical.We use the C programming language with the libraries from the aircrack-ng[20]tool suite as our implementation framework.Linksys WRT160NL wireless routers are used as the AP and STA,with the OpenWrt development version r27551firmware[21].Hostapd v0.8.x is installed on the AP and wpa supplicant v0.8.x is installed on the STA.Both the AP and STA use the ath9k wireless driver in802.11g mode (2.4GHz band).The ath9k driver is currently the only driver that supports802.11w with hostapd and wpa supplicant.We use hostapd and wpa supplicant because they provide an open source implementation of802.11w.Therefore,we can modify their behavior in order to test different configurations and interpretations of the standard.We use a laptop with the Fedora Linux14operating system as the adversary.An Asus WL-167g wireless network card is used with the rt73usb driver in monitor mode to capture and inject802.11frames.Thefirst attack works as expected.The adversary waits until it receives EAPOL message3,and then immediately transmits a Deauthentication frame to the AP.The Deauthentication frame consistently arrives earlier than EAPOL message4 from the STA.Furthermore,the STA installs the PTK and activates the security association before it processes the Deau-thentication frame from the AP.However,wpa supplicant does implement the optional deadlock recovery mechanism in802.11w.The result of the attack is that the STA initiates an SA Query procedure,reaches a timeout,and then resets its state and reconnects.We disable the recovery mechanism and repeat the experiment.The attack causes a protocol deadlock, which validates the formal protocol analysis results.In the following experiments the recovery mechanism is disabled. The second attack should not work against hostapd,since its interpretation of the802.11standard is to leave the AP in State3after a successful authentication.We modify hostapd so that it transitions to State2after a successful authentication and mount our attack.The result is that the AP still performs the SA Query procedure,so the attack does not work as expected.We examine the hostapd source code and discover that the criteria for starting an SA Query procedure do not follow the802.11w specification.In particular,hostapd does not check that the STA is associated before it starts the SA Query procedure.We modify hostapd to make it conform to the802.11w specification.With our modification,hostapd only starts an SA Query procedure if the STA is already associated. We then repeat the experiment,and the attack causes a protocol deadlock.The third attack does not work as expected.The AP and STA are initially on802.11channel11.Thefirst Beacon frame from the adversary instructs the STA to switch to channel 1.The STA performs the channel switch,but it resets and reconnects after a short while.The cause of this behavior is that the STA does not receive any Beacon frames on channel 1,thus it assumes that the connection is lost.We modify our adversary to switch to channel1and send a Beacon frame every100ms while it waits for the SA Query timeout.We then repeat the experiment,and the attack causes a protocol deadlock.Finally,due to the fact that the STA resets and reconnects after a channel switch,we investigate a combination of the first and third attacks.We use the Beacon frame from the third attack to reset the STA state,and then mount thefirst attack against the following connection establishment.The attack causes a protocol deadlock.The use of a Beacon frame with the Channel Switch Announcement element enables the first attack to work against an established connection.We conclude that the deadlock attacks found during the formal protocol analysis described in Section IV are practical, and that the model verification results are valid.922VI.D ISCUSSION802.11w is still vulnerable to deadlock attacks,even though the SA Query procedure is designed to prevent such attacks. We are able tofind three deadlock vulnerabilities in802.11w using formal methods.We thenfind attacks that exploit these vulnerabilities and demonstrate that the attacks are practical. One consequence of our results is that the optional dead-lock recovery mechanism specified in802.11w should be a mandatory requirement.If the recovery mechanism is not implemented,then the protocol implementation is vulnerable to deadlock attacks.However,our main contribution is not the discovery of deadlock vulnerabilities in802.11w.Our main contribution is a demonstration of how formal protocol analysis can be used tofind such vulnerabilities,and that a useful formal protocol model can be constructed with a modest amount of resources. If the802.11w amendment had been formally analyzed during development,then the deadlock vulnerabilities could have been detected and corrected before publication.Correcting protocol vulnerabilities during the design stage requires far less time and resources than correcting them after the standard has been approved and implemented.A common objection to the use of formal methods is that it requires too much time and resources.We give a counterexample to this objection by showing that a simple model can provide useful and significant results.Another advantage of constructing a formal protocol model during the design process is that the model is an unambiguous and precise protocol specification.As discussed in Section II,the802.11standard is open to interpretation on several points due to vagueness and ambiguities.This can cause interoperability problems and vulnerabilities.Furthermore,our experience is that the construction of a formal protocol model gives the protocol designers a better understanding of the protocol details.Our model is not complete,since it only covers a subset of all frame types defined in the802.11standard.Thus,the model cannot be used to verify the absence of deadlock vulnerabilities in its current form.The model source code[22],included in the Appendix,can be used to replicate and extend our results.It can also be used as the basis for a more comprehensive model of802.11w or as a template for the construction of other protocol models.The protocol model can be extended with the cost model proposed in[17].This extension would enable the discovery of less severe semantic DoS attacks that do not cause a protocol deadlock.VII.C ONCLUSIONSWe have discovered and validated three new deadlock vulnerabilities in802.11w with the help of formal methods. The results show that a simple protocol model can give useful and significant results,thus bridging the gap between theory and design.We hope that this work can contribute to a more widespread use of formal analysis during protocol design,and thus improve the robustness of wireless network protocols.R EFERENCES[1]J.Bellardo and S.Savage,“802.11denial-of-service attacks:Real vul-nerabilities and practical solutions,”in Proceedings of the12th USENIX Security Symposium.Berkeley,CA,USA:USENIX Association,2003.[2]M.Eian,“Fragility of the robust security network:802.11denial ofservice,”in Proceedings of the7th International Conference on Applied Cryptography and Network Security,ser.Lecture Notes in Computer Science,vol.5536.Springer-Verlag,2009,pp.400–416. [3]——,“A practical cryptographic denial of service attack against802.11iTKIP and CCMP,”in Proceedings of the Ninth International Conference on Cryptology And Network Security,ser.Lecture Notes in Computer Science,vol.6467.Springer-Verlag,2010,pp.62–75.[4] B.K¨o nings,F.Schaub,F.Kargl,and S.Dietzel,“Channel switch andquiet attack:New DoS attacks exploiting the802.11standard,”in LCN 2009:Proceedings of the IEEE34th Conference on Local Computer Networks,2009,pp.14–21.[5]T.Han,N.Zhang,K.Liu,B.Tang,and Y.Liu,“Analysis of mobileWiMAX security:Vulnerabilities and solutions,”in Mobile Ad Hoc and Sensor Systems,2008.MASS2008.5th IEEE International Conference on,2008,pp.828–833.[6]G.Kambourakis,C.Kolias,S.Gritzalis,and J.Hyuk-Park,“Signaling-oriented DoS attacks in UMTS networks,”in Advances in Information Security and Assurance,ser.Lecture Notes in Computer Science.Springer-Verlag,2009,vol.5576,pp.280–289.[7]IEEE,IEEE Std802.11-2007,IEEE Standard for Information technology–Telecommunications and information exchange between systems–Local and metropolitan area networks–Specific requirements Part11: Wireless LAN Medium Access Control(MAC)and Physical Layer(PHY) Specifications,New York,NY,USA,2007.[8]——,IEEE Std802.11i-2004,IEEE802.11-1999Amendment6:Medium Access Control(MAC)Security Enhancements,New York,NY, USA,2004.[9]——,IEEE Std802.11w-2009,IEEE802.11-2007Amendment4:Pro-tected Management Frames,New York,NY,USA,2009.[10]M.S.Ahmad and S.Tadakamadla,“Short paper:security evaluationof IEEE802.11w specification,”in Proceedings of the fourth ACM conference on Wireless network security,ser.WiSec’11.New York, NY,USA:ACM,2011,pp.53–58.[11] C.Meadows,“A formal framework and evaluation method for networkdenial of service,”IEEE Computer Security Foundations Workshop, vol.00,p.4,1999.[12]J.Mitchell, A.Roy,P.Rowe,and A.Scedrov,“Analysis of EAP-GPSK authentication protocol,”in Proceedings of the6th International Conference on Applied Cryptography and Network Security,ser.Lecture Notes in Computer Science,vol.5037.Springer-Verlag,2008,pp.309–327.[13]P.Narayana,R.Chen,Y.Zhao,Y.Chen,Z.Fu,and H.Zhou,“Automaticvulnerability checking of IEEE802.16WiMAX protocols through TLA+,”in Secure Network Protocols,2006.2nd IEEE Workshop on, 2006,pp.44–49.[14]J.Malinen,“hostapd:IEEE802.11AP,IEEE802.1X/WPA/WPA2/EAP/RADIUS Authenticator,”2011,http://hostap.epitest.fi/hostapd.[15]J.Epstein,SA Teardown Protection for802.11w,IEEE TGw DCN2441,Rev3,2007,https:///802.11/file/07/11-07-2441-03-000w-sa-teardown-protection.ppt.[16]J.Malinen,“Linux WPA/WPA2/IEEE802.1X Supplicant,”2011,http://hostap.epitest.fi/wpa supplicant.[17]M.Eian and S.F.Mjølsnes,“The modeling and comparison of wirelessnetwork denial of service attacks,”in Proceedings of the3rd ACM SOSP Workshop on Networking,Systems,and Applications on Mobile Handhelds,ser.MobiHeld’11.New York,NY,USA:ACM,2011,pp.7:1–7:6.[18]G.J.Holzmann,“The model checker SPIN,”IEEE Trans.Softw.Eng.,vol.23,pp.279–295,May1997.[19]IEEE,IEEE Std802.11h-2003,IEEE802.11-1999Amendment5:Spec-trum and Transmit Power Management Extensions in the5GHz band in Europe,New York,NY,USA,2003.[20] C.Devine,T.d’Otreppe,and M.Beck,“Aircrack-ng,”2011,.[21]The OpenWrt Project,“OpenWrt,”2011,.[22]M.Eian and S. F.Mjølsnes,“802.11w promela model,”2011,http://www.item.ntnu.no/∼eian/80211w.pml.923。

网络错误代码大全网络连接错误代码大全802 不识别提供的卡。

请检查是否正确插入卡，并且是否插紧。

801 该链接已配置为验证访问服务器的身份，Windows 无法验证服务器发送的数字证书。

800 无法建立 VPN 连接。

无法连接 VPN 服务器，或者该连接的安全参数配置不正确。

799 由于网络上存在 IP 地址冲突，因此无法启用 Internet 连接共享798 找不到可与可扩展身份验证协议一起使用的证书。

797 无法建立到远程计算机的连接，因为找不到调制解调器或者调制解调器忙。

796 该用户的服务类型 RADIUS 属性既不是帧也不是回拨帧。

795 该用户的隧道类型 RADIUS 属性不正确。

794 该用户的帧协议 RADIUS 属性不是 PPP。

792 L2TP 连接尝试失败，因为安全协商超时。

791 L2TP 连接尝试失败，因为没有找到该连接的安全策略。

790 L2TP 连接尝试失败，因为远程计算机上的证书验证失败。

789 L2TP 连接尝试失败，因为安全层在与远程计算机进行初始协商时遇到处理错误。

788 L2TP 连接尝试失败，因为安全层无法与远程计算机协商兼容参数。

787 L2TP 连接尝试失败，因为安全层无法验证远程计算机。

786 L2TP 连接尝试失败，因为进行安全验证时计算机上没有有效的计算机证书。

785 登录时不能用此连接拨号，因为它没有配置为使用智能卡..784 登录时不能用此连接拨号，因为它被配置为使用一个与智能卡上的名称;;783 不能启用Internet 连接共享（ICS）。

选择为专用网络的LAN..782 网络地址转换 (NAT) 当前安装为路由协议..781 由于找不到有效的证书，从而导致加密尝试失败。

780 所尝试使用的功能对此连接无效。

779 如果用这个连接拨出，您必须使用智能卡。

778 不能验证服务器的身份。

777 由于远程计算机上的调制解调器（或其他连接设备）出现故障，连接尝试失败。

802.11 缩略术语For the purposes of this standard, the following terms and definitions apply. The Authoritative Dictionary ofIEEE Standards Terms [B11] should be referenced for terms not defined in this clause.access category (AC): A label for the common set of enhanced distributed channel access (EDCA) parameters that are used by a quality of service (QoS) station (STA) to contend for the channel in order totransmit medium access control (MAC) service data units (MSDUs) with certain priorities.access control: The prevention of unauthorized usage of resources.access point (AP): Any entity that has station (STA) functionality and provides access to the distributionservices, via the wireless medium (WM) for associated STAs.additional authentication data (AAD): Data that are not encrypted, but are cryptographically protected. ad hoc network: Often used as a venacular term for an independent basic service set (IBSS). admission control: An algorithm to ensure that admittance of a new flow into a resource constrained network does not violate parameterized service commitments made by the network to admitted flows. aggregated schedule: The aggregation of delivery and/or poll schedules by the quality of service (QoS) access point (AP) for a particular non-access point (non-AP) QoS station (STA) into a single service period(SP).association: The service used to establish access point/station (AP/STA) mapping and enable STA invocation of the distribution system services (DSSs).authentication: The service used to establish the identity of one station (STA) as a member of the set of STAs authorized to associate with another STA.authentication and key management (AKM) suite: A set of one or more algorithms designed to provide authentication and key management, either individually or in combination with higher layer authenticationand key management algorithms outside the scope of this standard.Authentication Server (AS): An entity that provides an authentication service to an Authenticator. This service determines, from the credentials provided by the Supplicant, whether the Supplicant is authorized toaccess the services provided by the Authenticator. (IEEE Std 802.1X-2004[1]1)Authenticator: An entity at one end of a point-to-point LAN segment that facilitates authentication of theentity attached to the other end of that link. (IEEE Std 802.1X-2004)Authenticator address (AA): The medium access control (MAC) address of the IEEE 802.1X Authenticator.authorized: To be explicitly allowedbasic service area (BSA): The area containing the members of a basic service set (BSS). It may contain members of other BSSs.basic service set (BSS): A set of stations (STAs) that have successfully synchronized using the JOIN service primitives[2]1 and one STA that has used the START primitive. Membership in a BSS does not imply that wireless communication with all other members of the BSS is possible.big endian: The concept that, for a given multi-octet numeric representation, the most significant octet hasthe lowest address.broadcast address: A unique multicast address that specifies all stations (STAs).channel: An instance of communications medium use for the purpose of passing protocol data units (PDUs) between two or more stations (STAs).channel spacing: The difference between the center frequencies of two nonoverlapping and adjacent channels of the radio transmitter.cipher suite: A set of one or more algorithms, designed to provide data confidentiality, data authenticity orintegrity, and/or replay protection.clear channel assessment (CCA) function: That logical function in the physical layer (PHY) that determines the current state of use of the wireless medium (WM).contention-free period (CFP): The time period during operation of a point coordination function (PCF) when the right to transmit is assigned to stations (STAs) solely by a point coordinator (PC), allowing frameexchanges to occur between members of the basic service set (BSS) without contention for the wireless medium (WM).contention period (CP): The time period outside of the contention-free period (CFP) in a pointcoordinated basic service set (BSS). In a BSS where there is no point coordinator (PC), this corresponds tothe entire time of operation of the BSS.controlled access phase (CAP): A time period when the hybrid coordinator (HC) maintains control of themedium, after gaining medium access by sensing the channel to be idle for a point coordination function(PCF) interframe space (PIFS) duration. It may span multiple consecutive transmission opportunities (TXOPs) and can contain polled TXOPs.coordination function: The logical function that determines when a station (STA) operating within a basicservice set (BSS) is permitted to transmit protocol data units (PDUs) via the wireless medium (WM). Thecoordination function within a BSS may have one hybrid coordination function (HCF), or it may have oneHCF and one point coordination function (PCF) and will have one distributed coordination function (DCF).A quality of service (QoS) BSS will have one DCF and one HCF.contention-free (CF) pollable: A station (STA) that is able to respond to a CF poll with a data frame if such a frame is queued and able to be generated.Counter mode with Cipher-block chaining Message authentication code (CCM): A symmetric key block cipher mode providing confidentiality using counter mode (CTR) and data origin authenticity usingcipher-block chaining message authentication code (CBC-MAC).cryptographic encapsulation: The process of generating the cryptographic payload from the plaintextdata. This comprises the cipher text as well as any associated cryptographic state required by the receiver ofthe data, e.g., initialization vectors (IVs), sequence numbers, message integrity codes (MICs), key identifiers.data confidentiality: A property of information that prevents disclosure to unauthorized individuals, entities, or processes.deauthentication service: The service that voids an existing authentication relationship. decapsulate: To recover an unprotected frame from a protected one.decapsulation: The process of generating plaintext data by decapsulating an encapsulated frame. delivery-enabled access category (AC): A quality of service (QoS) access point (AP) AC where the AP isallowed to use enhanced distributed channel access (EDCA) to deliver traffic from the AC to a non-accesspoint (non-AP) QoS station (STA) in an unscheduled service period (SP) triggered by the STA. directed frame: See: unicast frame.direct link: A bidirectional link from one non-access point (non-AP) quality of service (QoS) station (STA) to another non-AP QoS STA operating in the same infrastructure QoS basic service set (BSS) thatdoes not pass through a QoS access point (AP). Once a direct link has been set up, all frames between thetwo non-AP QoS STAs are exchanged directly.disassociation service: The service that removes an existing association.distributed coordination function (DCF): A class of coordination function where the same coordination function logic is active in every station (STA) in the basic service set (BSS) whenever the network is in operation.distribution service: The service that, by using association information, delivers medium access control (MAC) service data units (MSDUs) within the distribution system (DS).distribution system (DS): A system used to interconnect a set of basic service sets (BSSs) and integratedlocal area networks (LANs) to create an extended service set (ESS).distribution system medium (DSM): The medium or set of media used by a distribution system (DS) forcommunications between access points (APs) and portals of an extended service set (ESS). distribution system service (DSS): The set of services provided by the distribution system (DS) that enable the medium access control (MAC) to transport MAC service data units (MSDUs) between stations(STAs) that are not in direct communication with each other over a single instance of the wireless medium(WM). These services include transport of MSDUs between the access points (APs) of basic service sets(BSSs) within an extended service set (ESS), transport of MSDUs between portals and BSSs within an ESS, and transport of MSDUs between STAs in the same BSS in cases where the MSDU has a multicast orbroadcast destination address or where the destination is an individual address and the STA isassociatedwith an AP. DSSs are provided between pairs of IEEE 802.11 MACs.downlink: A unidirectional link from an access point (AP) to one or more non-AP stations (STAs). dynamic frequency selection (DFS): Facilities mandated to satisfy requirements in some regulatory domains for radar detection and uniform channel spreading in the 5 GHz band. These facilities may also beused for other purposes, such as automatic frequency planning.dynamic frequency selection (DFS) owner: A station (STA) in an independent basic service set (IBSS) that takes responsibility for selecting the next channel after radar is detected operating in a channel. Due tothe nature of IBSSs, it cannot be guaranteed that there will be a single DFS owner at any particular timeand the protocol is robust to this situation.EAPOL-Key confirmation key (KCK): A key used to integrity-check an EAPOL-Key frame.EAPOL-Key encryption key (KEK): A key used to encrypt the Key Data field in an EAPOL-Key frame. effective isotropic radiated power (EIRP): The equivalent power of a transmitted signal in terms of an isotropic (omnidirectional) radiator. The EIRP equals the product of the transmitter power and the antennagain (reduced by any coupling losses between the transmitter and antenna).encapsulate: To construct a protected frame from an unprotected frame.encapsulation: The process of generating an protected frame by encapsulating plaintext data. enhanced distributed channel access (EDCA): The prioritized carrier sense multiple access with collisionavoidance (CSMA/CA) access mechanism used by quality of service (QoS) stations (STAs) in a QoS basicservice set (BSS). This access mechanism is also used by the QoS access point (AP) and operates concurrently with hybrid coordination function (HCF) controlled channel access (HCCA).enhanced distributed channel access function (EDCAF): A logical function in a quality of service (QoS) station (STA) that determines, using enhanced distributed channel access (EDCA), when a frame in the transmit queue with the associated access category (AC) is permitted to be transmitted via the wireless medium (WM). There is one EDCAF per AC.extended service area (ESA): The area within which members of an extended service set (ESS) may communicate. An ESA is larger than or equal to a basic service area (BSA) and may involve several basicservice sets (BSSs) in overlapping, disjointed, or both configurations.extended service set (ESS): A set of one or more interconnected basic service sets (BSSs) that appears as asingle BSS to the logical link control (LLC) layer at any station (STA) associated with one of those BSSs.4-Way Handshake: A pairwise key management protocol defined by this standard. This handshake confirms mutual possession of a pairwise master key (PMK) by two parties and distributes a group temporal key (GTK).4-Way station-to-station link (STSL) transient key (STK) Handshake: A key management protocol between two parties that confirms mutual possession of an STSL master key (SMK) and distributes anSTK.fragmentation: The process of segmenting a medium access control (MAC) service data unit (MSDU) orMAC management protocol data unit (MMPDU) into a sequence of smaller MAC protocol data units (MPDUs) prior to transmission. The process of recombining a set of fragment MPDUs into an MSDU orMMPDU is known as defragmentation. These processes are described in 5.8.1.9 of ISO/IEC 7498-1:1994.Gaussian frequency shift keying (GFSK): A modulation scheme in which the data are first filtered by a Gaussian filter in the baseband and then modulated with a simple frequency modulation.group: The entities in a wireless network, e.g., an access point (AP) and its associated stations (STAs), orall the STAs in an independent basic service set (IBSS) network.Group Key Handshake: A group key management protocol defined by this standard. It is used only to issue a new group temporal key (GTK) to peers with whom the local station (STA) has already formed security associations.group master key (GMK): An auxiliary key that may be used to derive a group temporal key (GTK). group temporal key (GTK): A random value, assigned by the broadcast/multicast source, which is used toprotect broadcast/multicast medium access control (MAC) protocol data units (MPDUs) from that source.The GTK may be derived from a group master key (GMK).group temporal key security association (GTKSA): The context resulting from a successful group temporal key (GTK) distribution exchange via either a Group Key Handshake or a 4-Way Handshake. hidden station (STA): A STA whose transmissions cannot be detected using carrier sense (CS) by a second STA, but whose transmissions interfere with transmissions from the second STA to a third STA hybrid coordination function (HCF): A coordination function that combines and enhances aspects of the contention-based and contention-free access methods to provide quality of service (QoS) stations (STAs)with prioritized and parameterized QoS access to the wireless medium (WM), while continuing to supportnon-QoS STAs for best-effort transfer. The HCF includes the functionality provided by both enhanced distributed channel access (EDCA) and HCF controlled channel access (HCCA). The HCF is compatiblewith the distributed coordination function (DCF) and the point coordination function (PCF). It supports auniform set of frame formats and exchange sequences that STAs may use during both the contention period(CP) and the contention-free period (CFP).hybrid coordinator (HC): A type of coordinator, defined as part of the quality of service (QoS) facility, that implements the frame exchange sequences and medium access control (MAC) service data unit (MSDU) handling rules defined by the hybrid coordination function (HCF). The HC operates during boththe contention period (CP) and contention-free period (CFP). The HC performs bandwidthmanagementincluding the allocation of transmission opportunities (TXOPs) to QoS stations (STAs). The HC is collocated with a QoS access point (AP).hybrid coordination function (HCF) controlled channel access (HCCA): The channel access mechanism utilized by the hybrid coordinator (HC) to coordinate contention-free media use by quality ofservice (QoS) stations (STAs) for downlink unicast, uplink, and direct-link transmissions.IEEE 802.1X authentication: Extensible Authentication Protocol (EAP) authentication transported by theIEEE 802.1X protocol.independent basic service set (IBSS): A basis service set (BSS) that forms a self-contained network, andin which no access to a distribution system (DS) is available.individual address: See: unicast address.infrastructure: The infrastructure includes the distribution system medium (DSM), access point (AP), andportal entities. It is also the logical location of distribution and integration service functions of an extendedservice set (ESS). An infrastructure contains one or more APs and zero or more portals in addition to thedistribution system (DS).integration service: The service that enables delivery of medium access control (MAC) service data units(MSDUs) between the distribution system (DS) and a non-IEEE-802.11 local area network (LAN) (via aportal).key counter: A 256-bit (32-octet) counter that is used in the pseudo-random function (PRF) to generate initialization vectors (IVs). There is a single key counter per station (STA) that is global to that STA. key data encapsulation (KDE): Format for data other than information elements in the EAPOL-Key Datafield.key management service: A service to distribute and manage cryptographic keys within a robust securitynetwork (RSN).link: In the context of an IEEE 802.11 medium access control (MAC) entity, a physical path consisting ofexactly one traversal of the wireless medium (WM) that is used to transfer an MAC service data unit (MSDU) between two stations (STAs).link margin: Ratio of the received signal power to the minimum desired by the station (STA). The STA may incorporate rate information and channel conditions, including interference, into its computation oflink margin. The specific algorithm for computing the link margin is implementation dependent.little endian: The concept that, for a given multi-octet numeric representation, the least significant octet has the lowest address.liveness: A demonstration that the peer is actually participating in this instance of communication. master session key (MSK): Keying material that is derived between the Extensible Authentication Protocol (EAP) peer and exported by the EAP method to the Authentication Server (AS). This key is at least 64 octets in length.medium access control (MAC) management protocol data unit (MMPDU): The unit of data exchanged between two peer MAC entities, using services of the physical layer (PHY), to implement the MAC management protocol.medium access control (MAC) protocol data unit (MPDU): The unit of data exchanged between two peer MAC entities using the services of the physical layer (PHY).medium access control (MAC) service data unit (MSDU): Information that is delivered as a unit between MAC service access points (SAPs).message integrity code (MIC): A value generated by a cryptographic function. If the input data are changed, a new value cannot be correctly computed without knowledge of the cryptographic key(s) used bythe cryptographic function. This is traditionally called a message authentication code (MAC), but the acronym MAC is already reserved for another meaning in this standard.Michael: The message integrity code (MIC) for the Temporal Key Integrity Protocol (TKIP).mobile station (STA): A type of STA that uses network communications while in motion.multicast: When applied to a medium access control (MAC) service data unit (MSDU), it is an MSDU with a multicast address as the destination address (DA). When applied to a MAC protocol data unit (MPDU) or control frame, it is an MPDU or control frame with a multicast address as the receiver address(RA).multicast address: A medium access control (MAC) address that has the group bit set.multicast-group address: A medium access control (MAC) address associated by higher level conventionwith a group of logically related stations (STAs).network allocation vector (NA V): An indicator, maintained by each station (STA), of time periods when transmission onto the wireless medium (WM) will not be initiated by the STA whether or not the STA's clear channel assessment (CCA) function senses that the WM is busy.non-access point (non-AP) quality of service (QoS) station (STA): A STA that supports the QoS facility, but is not an access point (AP). A non-AP STA does not have an hybrid coordinator (HC) and uses the QoSAP for the distribution system services (DSSs).nonce: A numerical value, used in cryptographic operations associated with a given cryptographic key, thatis not to be reused with that key, including over allreinitializations of the system through all time.non-quality of service (non-QoS) access point (AP): An AP that does not support the quality of service (QoS) facility.non-quality of service (non-QoS) basic service set (BSS): A BSS that does not support the quality of service (QoS) facility.non-quality of service (non-QoS) station (STA): A STA that does not support the quality of service (QoS) facility.pairwise: Referring to, or an attribute of, two entities that are associated with each other, e.g., an accesspoint (AP) and an associated station (STA), or two STAs in an independent basic service set (IBSS) network. This term is used to refer to a type of encryption key hierarchy pertaining to keys shared by onlytwo entities.pairwise master key (PMK): The highest order key used within this standard. The PMK may be derived from a key generated by an Extensible Authentication Protocol (EAP) method or may be obtained directlyfrom a preshared key (PSK).pairwise master key security association (PMKSA): The context resulting from a successful IEEE 802.1X authentication exchange between the peer and Authentication Server (AS) or from a preshared key(PSK).pairwise transient key (PTK): A value that is derived from the pairwise master key (PMK), Authenticatoraddress (AA), Supplicant address (SPA), Authenticator nonce (ANonce), and Supplicant nonce (SNonce)using the pseudo-random function (PRF) and that is split up into as many as five keys, i.e., temporal encryption key, two temporal message integrity code (MIC) keys, EAPOL-Key encryption key (KEK), EAPOL-Key confirmation key (KCK).pairwise transient key security association (PTKSA): The context resulting from a successful 4-Way Handshake exchange between the peer and Authenticator.parameterized quality of service (QoS): The treatment of the medium access control (MAC) protocol data units (MPDUs) depends on the parameters associated with the MPDU. Parameterized QoS is primarilyprovided through the hybrid coordination function (HCF) controlled channel access (HCCA) mechanism,but may also be provided by the enhanced distributed channel access (EDCA) mechanism when used witha traffic specification (TSPEC) for admission control.pass-phrase: A secret text string employed to corroborate the user's identity.PeerKey Handshake: A key management protocol composed of the station-to-station link (STSL) masterkey (SMK) Handshake and the 4-Way STSL transient key (STK) Handshake. This is used to create newSMK security associations (SMKSAs) and STK security associations (STKSAs) to secure the STSLs. per-frame encryption key: A unique encryption key constructed for each medium access control (MAC) protocol data unit (MPDU), employed by some IEEE 802.11 security protocols.per-frame sequence counter: For Temporal Key Integrity Protocol (TKIP), the counter that is used as thenonce in the derivation of the per-frame encryption key. For Counter mode with Cipher-block chaining Message authentication code Protocol (CCMP), the per-frame initialization vector (IV). piggyback: The overloading of a data frame with an acknowledgment of a previously received medium access control (MAC) protocol data unit (MPDU) and/or a poll to the station (STA) to which the frame isdirected.point coordinator (PC): The entity within the STA in an AP that performs the point coordination function.point coordination function (PCF): A class of possible coordination functions in which the coordination function logic is active in only one station (STA) in a basic service set (BSS) at any given time that the network is in operation.portable station (STA): A type of station (STA) that may be moved from location to location, but that only uses network communications while at a fixed location.portal: The logical point at which the integration service is provided.pre-robust security network association (pre-RSNA): The type of association used by a pair of stations (STAs) if the procedure for establishing authentication or association between them did not include the 4-Way Handshake.pre-robust security network association (pre-RSNA) equipment: A device that is not able to create robust security network associations (RSNAs).preshared key (PSK): A static key that is distributed to the units in the system by a method outside the scope of this standard, always by some out-of-band means.prioritized quality of service (QoS): The provisioning of service in which the medium access control (MAC) protocol data units (MPDUs) with higher priority are given a preferential treatment over MPDUswith a lower priority. Prioritized QoS is provided through the enhanced distributed channel access (EDCA)mechanism.protection mechanism: Any procedure that attempts to update the network allocation vector (NA V) of allreceiving stations (STAs) prior to the transmission of a frame that may or may not be detected as valid network activity by the PHY entities at those receiving STAs.protection mechanism frame: Any frame that is sent as part of a protection mechanism procedure. pseudo-random function (PRF): A function that hashes various inputs to derive a pseudo-random value. In order to ensure liveness of a communication in which a pseudorandom value is used, a nonce is used asone of the inputs to the function.quality of service (QoS) access point (AP): An AP that supports the QoS facility. The functions of a QoSAP are a superset of the functions of a non-QoS AP, and thus a QoS AP is able to function as a non-QoSAP to non-QoS stations (STAs).quality of service (QoS) basic service set (BSS): A BSS that provides the QoS facility. An infrastructure QoS BSS contains a QoS access point (AP).quality of service (QoS) facility: The set of enhanced functions, channel access rules, frame formats, frame exchange sequences and managed objects used to provide parameterized and prioritized QoS. quality of service (QoS) independent basic service set (IBSS): An IBSS in which one or more of its stations (STAs) support the QoS facility.quality of service (QoS) station (STA): A STA that implements the QoS facility. A QoS STA acts as a non-QoS STA when associated in a non-QoS basic service set (BSS).reassociation service: The service that enables an established association [between access point (AP) andstation (STA)] to be transferred from one AP to another (or the same) AP.receive power: Mean power measured at the antenna connector.received power indicator (RPI): A quantized measure of the received power level as seen at the antenna connector.robust security network (RSN): A security network that allows only the creation of robust security network associations (RSNAs). An RSN can be identified by the indication in the RSN information element (IE) of Beacon frames that the group cipher suite specified is not wired equivalent privacy (WEP).robust security network association (RSNA): The type of association used by a pair of stations (STAs) ifthe procedure to establish authentication or association between them includes the 4-Way Handshake. Notethat the existence of an RSNA by a pair of devices does not of itself provide robust security. Robust security is provided when all devices in the network use RSNAs.robust-security-network-association- (RSNA-) capable equipment: A station (STA) that is able to create RSNAs. Such a device can use pre-RSNAs because of configuration. Notice that RSNA-capable does not imply full compliance with the RSNA Protocol Implementation Conformance Statement (PICS).A legacy device that has been upgraded to support Temporal Key Integrity Protocol (TKIP) can be RSNAcapable, but will not be compliant with the PICS if it does not also support Counter mode with Cipherblock chaining Message authentication code Protocol (CCMP).robust-security-network-association- (RSNA-) enabled equipment: A station (STA) when it is RSNAcapable and dot11RSNAEnabled is set to TRUE.robust security network association (RSNA) key management: Key management that includes the4-Way Handshake, the Group Key Handshake, and the PeerKey Handshake.scheduled service period (SP): The SP that is scheduled by the quality of service (QoS) access point (AP).Scheduled SPs start at fixed intervals of time.security network: A basic service set (BSS) where the station (STA) starting the BSS provides information about the security capabilities and configuration of the BSS by including the robust securitynetwork (RSN) information element in Beacon frames.selector: An item specifying a list constituent in an IEEE 802.11 Management Message information element.service interval (SI): The interval between the start of two successive scheduled service periods (SPs). service period (SP): A contiguous time during which one or more downlink unicast frames are transmittedto a quality of service (QoS) station (STA) and/or one or more transmission opportunities (TXOPs) are granted to the same STA. SPs can be scheduled or unscheduled. For a non-access point (non-AP) STA, there can be at most one SP active at any time.station (STA): Any device that contains an IEEE 802.11-conformant medium access control (MAC) and。

1 IEEE802.11中的逻辑服务接口1.1概述802.11标准明确不指定实现的详细信息。

相反，802.11标准指定服务以帮助理解体系结构组件的逻辑组织方式。

这些服务与体系结构的不同组件相关联。

IEEE 802.11服务有三个类别—站服务（SS）、PCP服务（PCPS）和分发系统服务（DSS）。

这些服务类别由IEEE 802.11 MAC子层使用。

完整的IEEE 802.11体系结构服务集如下所示：a）认证b）连接c）取消身份验证d）断开连接e）分发f）整合g）数据保密h）重新关联i）MSDU交付j）DFSk）TPCl）更高层定时器同步（仅限QoS工具）m）QoS流量调度（仅限QoS设施）n）无线电测量o）DSE这组服务分为三组：SS、PCPS和DSS。

SS是每个STA的一部分。

PCPS由PBSS的PCP提供。

DSS由DS提供。

1.2SSSTA提供的服务称为SS。

SS存在于每个IEEE 802.11 STA中（包括AP，因为AP包括STA功能）。

SS指定供MAC子图层实体使用。

所有STA都提供SS。

SS如下：a）身份验证（当dot11OCB激活为真时不使用）b）取消身份验证（当dot11OCB激活为true时不使用）c）数据保密性（当dot11OCB激活为真时不使用）d）MSDU交付e）DFSf）TPCg）更高层定时器同步（仅限QoS工具）h）QoS流量调度（仅限QoS设施）i）无线电测量j）DSE1.3PBSS控制点服务PBSS的PCP提供的服务称为PCPS。

由于PBSS中的每个STA都可以作为PCP运行，因此如果PBSS中的每个STA成为PBSS的PCP，则能够提供PCPS。

非PCP STA不提供PCPS。

构成PCPS的服务如下：a）连接b）断开连接c）重新关联d）QoS流量调度PCPS指定供MAC子图层实体使用。

1.4DSSDS提供的服务称为DSS。

802.11标准明确未指定DS实现结构的详细信息。

宽带拨号错误代码表错误602 The port is already open问题：拨号网络网络由于设备安装错误或正在使用，不能进行连接原因：RasPPPoE没有完全和正确的安装解决：卸载干净任何PPPoE软件，重新安装。

错误605 Cannot set port information问题：拨号网络网络由于设备安装错误不能设定使用端口原因：RasPPPoE没有完全和正确的安装解决：卸载干净任何PPPoE软件，重新安装。

错误606 The port is not connected问题：拨号网络网络不能连接所需的设备端口原因：RasPPPoE没有完全和正确的安装，连接线故障，ADSL MODEM故障解决：卸载干净任何PPPoE软件，重新安装，检查网线和ADSL MODEM。

错误608 The device does not exist问题：拨号网络网络连接的设备不存在原因：RasPPPoE没有完全和正确的安装解决：卸载干净任何PPPoE软件，重新安装。

错误609 The device type does not exist问题：拨号网络网络连接的设备其种类不能确定原因：RasPPPoE没有完全和正确的安装解决：卸载干净任何PPPoE软件，重新安装。

错误611 The route is not available/612 The route is not allocated问题：拨号网络网络连接路由不正确原因：RasPPPoE没有完全和正确的安装，ISP服务器故障解决：卸载干净任何PPPoE软件，重新安装。

错误617 The port or device is already disconnecting问题：拨号网络网络连接的设备已经断开原因：RasPPPoE没有完全和正确的安装，ISP服务器故障，连接线，ADSL MODEM 故障解决：卸载干净任何PPPoE软件，重新安装,检查网线和ADSL MODEM。