Lock secondary connections to ensure Wireless Network Security

If college students do this, the customers of coffee shops do this, and your neighbors living in 3C apartments may also do the same.

Many computer users search for accessible wireless networks in shopping malls, schools, homes, and other places, regardless of whether they are allowed to use these networks. Either intentionally or unintentionally, these wireless "parasites" do not simply steal signals. Once they connect to a wireless network, it is possible to expose all computers in the network to a series of security breaches.

These problems become more complex when staff who are allowed to use the company's wireless network add unauthorized wireless signals to increase the signal strength of the main network. These unauthorized wireless access points are vulnerable to attacks and are often not protected by any security measures, which may exist on the primary network.

In home networks, passwords are often used to protect their wireless networks from unauthorized access. However. A new study by Michael Cukier of James Clark Institute of Engineering showed that relying solely on passwords may not be enough to provide adequate protection for home wireless networks. For large-scale companies' wireless networks, this is especially true.

In many companies and locations throughout the country, thousands of users can access these widely distributed access points at any time using legal means. However, some users sometimes establish their own wireless networks and link them to the office network, to enhance the signal strength of office or home networks-computer experts call it an unmanageable wireless access point.

If these secondary connections are insecure, they will cause a lot of trouble for the entire network. Insecure wireless access points pose many problems for companies, cities, and other organizations that provide wireless access to customers, employees, and residents. Insecure network connections enable hackers to attack computers.

Cukier recommends that wireless network owners and administrators take the following preventive measures to better protect wireless networks from the corrosion of "parasites" and secure connections established by legal users:

Limited signal coverage

Limits the signal strength of your wireless network, so that people outside your home and office cannot detect your wireless network signal.

Disable SSID Broadcast

The service setting identifier (SSID) is a piece of code appended to a wireless network group (information bit), used to identify each group as part of the network. Once the service settings identifier (SSID) broadcast in the wireless network is enabled, the wireless network can be identified by all wireless clients within its range. Conversely, once the service settings identifier (SSID) broadcast is disabled, the wireless network is invisible (for temporary users ), the wireless network is visible only when the service settings identifier code is added to the network settings of the client in advance.

Use WPA/WEP for encryption

Encrypted communication prevents confidential information from being exposed. If the communication traffic in the wireless network is encrypted, the attacker must first crack the password to obtain the information transmitted in the network. Two common encryption mechanisms are available: Wired Equivalent privacy protocol (WEP) and Wi-Fi access protection protocol (WPA ). In fact, only one of the protocols can be used at a time. Regular changes to keys may also help protect the network. With any license, you should first choose to use WPA, because WEP may be decrypted by hackers using special software.

Strengthen key management

Even if the encryption algorithm is used, if the encryption key (generated through the network) does not change frequently, hackers can still crack the key and decrypt the communication. Therefore, the key must change frequently.

Identifies valid MAC addresses

If the wireless network access point only accepts connections from a known MAC address (essentially a serial number, each Nic has a unique MAC address, then, a potential attacker can access a wireless network only after stealing the MAC address of a valid user.

1. How to Ensure wireless network connection security
2. Eight tips to ensure Wireless Network Security
3. Talking about four aspects to ensure Wireless Network Security