Protection of wireless routers cannot be relaxed (1)

Wireless routers are an important pioneer in accessing the Internet. If a fault occurs in our pioneers, the entire army will inevitably fail. So how can we protect our wireless routers? Among most network attacks, routers are the primary targets. Let's learn how to protect the vro.

The rapid development of the Internet has quietly led to the rise of Small wireless local area networks. Users can work and shop online to enjoy the convenience and pleasure brought by the Internet. However, when we enjoy these advantages brought by the network, malicious users, including hackers, will use various means to steal various sensitive information, such as bank accounts and passwords. Researchers from the Computer Science Department at the University of India recently published a survey report describing hacker access and tampering with home network wireless router configurations, describes how hackers use JavaScript embedded in the Web page to log on to the wireless router superuser account and modify its DNS configurations.

Once a wireless router connects to a hacker-controlled DNS server, the wireless router can be used as a stepping stone for various malicious needs, from malware infection to user identity theft through "phishing. The University of India reports that this attack does not take advantage of any browser vulnerability, and, more importantly, it seems to work on almost any wireless router, regardless of the brand or model.

More interestingly, this type of hacker behavior only occurs when the default administrator password of the target wireless router is still configured by the manufacturer. In other words, as long as the user simply changes the default password, the user will be protected because the attack relies on the default password provided by the well-known device manufacturer.

In fact, many wireless routers still use this default password. In fact, many automatically configured wireless router wizard does not prompt users to modify the default administrator password. Most wireless router manufacturers place the setting method in a menu that is not noticed. This makes it easy for you to manage and change the default password.

This specific attack situation shows that even a seemingly secondary local setting will have a profound impact on security. Therefore, it is necessary to check some specific measures so that we can be confident that the wired or wireless router-or even further-our network can be as secure as possible.

Modify the administrator password of a wireless router

As mentioned above, if Your Wireless Router password is "password", "admin", "1234", or any other default password, you are simply looking for your own troubles, modify it now!

Modify the default SSID

Just as many users ignore changing the password of a wireless router, many users may still maintain the default wireless network SSID. SSID/ESSIDService Set Identifier) is the "Service Group Identifier", used to distinguish different networks, a maximum of 32 characters are allowed. The wireless network adapter can access different networks with different SSID settings. The SSID is usually broadcast by the Access Point. However, the SSID almost always specifies or indicates the name of the device manufacturer, so that other information can be inferred. Do not use the default SSID to create your own SSID, but avoid using it, such as your home address, birthday, or name.

Disable SSID Broadcast

The Broadcast SSID can easily connect new wireless devices to your network. However, it is definitely not a good idea to broadcast your network to any "passers-by" in the wireless communication area. Disabling this feature will not absolutely hide your presence, especially for those who use special software and are determined to break in. However, the less people know your information, the more favorable the situation is. In fact, as long as you know your SSID, you will not have any trouble when setting up a new device.

Do not use WEP When Using WPA

In recent years, although WEP's vulnerability has been widely documented in many documents, many companies are still using it, and it is still the default encryption method on some devices. In fact, there are still some wireless products that are mostly non-PC devices, such as streaming media devices) that do not yet support WPA but only WEP.

Remember: the most basic requirement is to use WPA to encrypt your wireless network, and avoid buying or using devices that force you to use WEP to adapt to it. Using WPA not only greatly improves security, but also has excellent adaptability. Because it does not need to be selected between ASCII or HEX as WEP does, And the encryption key does not need to comply with specific length rules, WEP Data Encryption can be configured with 64-bit or 128-bit, the WEP with 128 bits must contain 13 or 26 characters.