Five tips to improve the security of wireless routers

Source: Internet
Author: User

With the release of the IEEE 802.11n draft, the transmission speed of wireless routes has also been greatly improved. However, many users only pay attention to the transmission speed, but ignore the security of wireless networks. Taking the author as an example, seven or eight wireless connections can be found on the Chinese TV station at home, and no password is set. The author can easily "share" his network bandwidth. According to the survey, 90% of network intrusions are caused by the absence of corresponding security settings on the wireless router. The following describes several basic security settings to help you stay away from most threats.

1. disable DHCP.

DHCP is the abbreviation of Dynamic Host Configuration Protocol (Dynamic Host Allocation Protocol). Its main function is to help users randomly allocate IP addresses, this saves the trouble of manually setting IP addresses, subnet masks, and other required TCP/IP parameters. This is a user-friendly feature, but it is used by many people with ulterior motives. Generally, the DHCP function is enabled by default, so that all wireless devices in the signal range can be automatically allocated to the IP address, which leaves a great security risk. Attackers can easily obtain a lot of information about your vro through the assigned IP address, so it is necessary to disable the DHCP function.

2. wireless encryption

Nowadays, many wireless routers have the wireless encryption function, which is an important protection measure for wireless routers. Data Encryption in radio waves ensures the security of transmitted data information. Generally, wireless routers and APs have the WEP encryption and WPA encryption functions. WEP generally includes 64-bit and 128-bit encryption types, you only need to enter 10 or 26 hexadecimal strings as the encryption password to protect the wireless network. The WEP protocol encrypts data transmitted wirelessly between two devices to prevent illegal user eavesdropping or intrusion into the wireless network. However, the WEP Key is generally stored in Flash, therefore, some hackers can use vulnerabilities in your network to easily access your network.

WEP encryption appeared earlier and has now been upgraded to WPA encryption. WPA is a standard-based and interoperable WLAN Security Enhancement solution, the data protection and access control level of existing wireless LAN systems can be greatly enhanced; WPA enhances the algorithm for generating encryption keys, even if hackers collect and parse group information, it is almost impossible to calculate a general key. The emergence of WPA makes network transmission more secure and reliable.

It should be noted that the wireless encryption function is usually disabled when a wireless router leaves the factory, but if you give up this function, your network is an extremely insecure network, therefore, we recommend that you enable this function after setting it.

3. Disable SSID Broadcast

In short, the SSID is the name you give your wireless network. When searching for a wireless network, your network name is displayed in the search results. Once attackers use a common initialization string to connect to the wireless network, it is very easy to intrude into your wireless network. Therefore, I strongly recommend that you Disable SSID broadcast.

Note that the access point of a specific model or the default SSID of the router can be easily searched on the Internet, such as "netgear, linksys, etc.", so you must replace it as soon as possible. For general families, select a name that is quite different.

If you disable the SSID and then search for the wireless network, you will find that the wireless network is ignored by the wireless network adapter because no SSID broadcast is performed, especially when you use Windows XP to manage the wireless network, the goal is to keep wireless networks invisible. However, disabling the SSID will slightly reduce the network efficiency, but greatly improve the security. Therefore, disabling the SSID broadcast is very worthwhile.

4. Set IP filtering and MAC address list

Because the MAC address of each Nic is unique, you can set the MAC address list to improve security. After the IP address filtering function is enabled, only users of the IP address in the MAC list can access the wireless network normally. Other users that are not in the list cannot connect to the network. In addition, You must select the "allow only valid MAC addresses in the configured MAC address list to access the wireless network" option in the "filter rule, otherwise, the wireless router will prevent all users from connecting to the network. This method is very practical for home users. Just add several computers in the home to the list, which can avoid the "network" of neighbors and the intrusion of attackers.

5. Proactive updates

Search for and install the latest firmware or driver updates for the used wireless router or wireless network card to eliminate previous vulnerabilities. In addition, you can download and install the wireless function updates of the operating system, such as Windows XP SP3 or Vista SP1, to better support the use and security of wireless networks, enable your device to have the latest functions.

If you forget your password, you can restore the device to the factory status, that is, press and hold the reset key, but remember to reset it.

Wireless Networks are getting faster and faster, and wireless networks should be more and more secure. In fact, you only need to perform the preceding simple settings to increase your security level a lot. The wireless network environment is not as simple as connecting, so that security work can be done at home to make use more comfortable. The methods described above are simple but practical. If your wireless router has not applied the above methods, I strongly recommend that you perform these settings now.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.