Common security techniques for LAN Settings

Network settings and security issues are a common problem. How can we improve network security performance while ensuring effective network settings? The following is a detailed introduction.

Wired networks have always been a frequent network type for home and enterprise users. However, with the popularity of wireless networks, wired networks gradually expose their inevitable drawbacks: a large number of cabling and line change projects; lines are prone to damage; nodes in the network cannot be moved. In particular, when connecting distant nodes, it is difficult, expensive, and time-consuming to build dedicated communication lines, serious bottlenecks have been formed for rapidly expanding connection demands. At this time, wireless networks show their advantages: mobility, simple installation, high flexibility and scalability. As an extension of traditional wired networks, wireless networks have been widely used in many special environments. In the past, movies often appeared in the smart building as mobile office, where documents were downloaded and printed anytime and anywhere.

Therefore, when we first applied wireless networks, we should fully consider their security and understand enough preventive measures to protect our own networks. Next, we will introduce the risks faced by wireless LAN and know how the risks exist, so it is easier for us to solve them again:

Wireless LAN Security Settings: Advanced Intrusion

Once an attacker enters the wireless network, it will be the starting point for further intrusion into other systems. Many networks have a set of well-configured security devices as the network shell to prevent illegal attacks. However, the network protected by the shell is very fragile and vulnerable to attacks. A wireless network can quickly access the network trunk through simple configuration, but this will expose the network to attackers. Even a network with a certain number of border security devices can expose the network to be attacked.

Are you worried about using a wireless LAN when you see these dangerous signals? In fact, you don't have to worry too much. There are solutions to all problems. As long as we perform the correct configuration according to the correct method, our network is still safe.

Security of Wireless LAN Settings: Service Set Identifier

(SSID) You can set different SSID for multiple wireless access points AP (AccessPoint), and require the wireless workstation to show the correct SSID to access the AP, so that users in different groups can access the AP, and restrict resource access permissions. Therefore, it can be considered that the SSID is a simple password to provide certain security. However, if an AP is configured to broadcast its SSID outward, the security level will decrease.
Generally, the user configures the client system on his/her own, so many people know the SSID and it is easy to share it with illegal users. Currently, some manufacturers support the "ANY" SSID mode. As long as the wireless workstation is within the range of any ap, the client will automatically connect to the AP, which will skip the SSID security function.

Security of Wireless LAN Settings: physical address filtering (MAC)

Because each Nic of a wireless workstation has a unique physical address, you can manually maintain a list of MAC addresses that are allowed to access the AP to filter physical addresses. This scheme requires the MAC address list in the AP to be updated at any time, with poor scalability. In theory, MAC addresses can be forged, so this is also a low level of authorization authentication.

Physical address filtering is a hardware authentication rather than user authentication. This method requires that the MAC address list in the AP be updated at any time. Currently, it is performed manually. If the number of users increases, the scalability is poor. Therefore, it is only suitable for small networks.

Security of Wireless LAN Settings: Connection peer-to-peer confidentiality (WEP)

RC4 symmetric encryption technology is used at the link layer. The user's encryption key must be the same as the AP's key to allow access to network resources, thus preventing unauthorized user listening and unauthorized user access. WEP provides a 40-bit (sometimes called 64-bit) and 128-bit key mechanism, but it still has many defects.

Security of Wireless LAN Settings: Wi-Fi access (WPA)

WPA (Wi-FiProtectedAccess) is a new technology that inherits the basic principles of WEP and solves the disadvantages of WEP. Because the algorithm for generating encryption keys is enhanced, even if the group information is collected and parsed, it is almost impossible to calculate a general key. The principle is to generate different keys for each group based on the general key and the serial number indicating the computer MAC address and group information.

This key is then used for RC4 encryption like WEP. Through this processing, the data exchanged for all group information of all clients is encrypted by different keys. No matter how much data is collected, it is almost impossible to crack the original universal key. WPA also adds functions and authentication functions to prevent data tampering in the middle.

With these features, all the shortcomings that were previously criticized by WEP have been solved. WPA is not only a more powerful encryption method than WEP, but also has a richer connotation. As a subset of the 802.11i standard, WPA consists of authentication, encryption, and data integrity verification. It is a complete security solution.

Summary: The above are just some of our solutions to the potential dangers of the wireless LAN, not all of them. It is a reference for everyone. If there is something incomplete, we also hope that the majority of readers can provide additional information. The security and stability of the network do not rely solely on the performance and personal technology of the device. It is worth noting in some detail. We often say that "Details determine success or failure", so our network will be much more sustainable and safer only when the details are well enough.