Tips for Wireless Network Security

The use of wireless networks is widely known, but security failures often cause us a headache. How can we improve its own security? The following article will give you a detailed introduction.

Compared with traditional wired networks, wireless networks bring terrible consequences from a security perspective-completely different attack methods. Of course, this does not mean that wireless networks are not secure. The purpose of this article is to help you understand the methods and ways to improve wireless network security.

Many tips in this article may not be suitable for most users. For example, if your wireless network has a large number of terminals that are constantly changing, it is impossible to use media access to control MAC addresses. As in general, you must determine which measures are suitable for your network to avoid network crashes due to incorrect settings.

Tip 1: Use a strong password.

As I pointed out in the article, a strong enough password can make brute force cracking impossible. On the contrary, if the password strength is insufficient, it will almost certainly damage your system.

Tip 2: The SSID of the broadcast service set identifier is prohibited ).

If you cannot protect the Service Set Identifier, that is, the name of the wireless network, it will bring serious security risks. Configuring a wireless router prohibits the broadcast of Service Set Identifiers. Although it cannot bring real security, it can at least mitigate the threats, because many initial malicious attacks Scan Systems to find vulnerable systems. The Service Set Identifier is hidden, which greatly reduces the possibility. Most commercial routers/firewalls provide related functional settings.

Tip 3: Use an effective wireless encryption method.

Dynamic Wired Equivalent Security WEP) is not a good encryption method. As long as you use a free tool like aircrack, you can find vulnerabilities in the encrypted wireless network in the dynamic Wired Equivalent security mode in just a few minutes. Wireless Network Protection (WPA) is a common encryption standard, which you may already use. Of course, if possible, you should choose some more powerful and effective methods. After all, the struggle between encryption and decryption is always ongoing.

Tip 4: use different types of encryption if possible.

Do not rely solely on wireless encryption to ensure the overall security of the wireless network. Different types of encryption can improve security reliability at the system level. For example, OpenSSH is a good choice. It can provide secure communication for systems in the same network, even if they need to go through the Internet. It is very important to adopt encryption technology to protect all communication data in wireless networks from being stolen, just like e-commerce websites using SSL encryption technology. In fact, if it is not necessary, try not to change the encryption method.

Tip 5: control the media access control MAC address.

Many people will tell you that the MAC address restriction of media access control does not provide real protection. However, network access by addresses like hiding Service Set Identifiers in wireless networks and limiting media access control MAC addresses can prevent the network from being harassed by malicious attackers. For the entire system, it is very important to fully defend against various attacks from experts to new users to ensure the security of the system.

Tip 6: Disable it when the network is not used.

The adoption of this suggestion depends on the specific situation of the network. If you do not need to use the network 24 hours a day or 7 days a week, you can use this method. After all, when the network is closed, the security is the highest, and no one can connect to a nonexistent network.

Tip 7: Disable the wireless network interface.

If you are using a mobile terminal such as a laptop, you should disable the wireless network interface by default. You only need to connect to a wireless network to enable relevant functions. For the rest of the time, the closed wireless network interface prevents you from becoming the target of malicious attacks.

Tip 8: monitor network intruders.

Always pay attention to the network security situation. You need to track the development trend of attacks to learn how malicious tools are connected to the network and how they can provide better security protection. You also need to analyze the information such as the scanning and access attempts in the log to find out the useful parts, and ensure that you can give timely notifications when real exceptions occur. After all, it is well known that the most dangerous time is half the time.

Tip 9: Ensure core security. At the time you left,

Make sure that a valid firewall is running on a wireless router or a laptop connected to the wireless network. Note that you must disable unnecessary services, especially those that are not required in Microsoft Windows, because the consequences of their activities may be unexpected by default. In fact, you have to do everything possible to ensure the security of the entire system.

Tip 10: Do not waste time on ineffective security measures.

I often encounter questions about security measures from users who do not know much about the technology. They are troubled by free consultation on security. In general, this consultation is not only useless, but often completely harmful. The most common and harmful advice we see is that you should only choose to use wireless encrypted connections for the connection time in a public wireless network environment similar to a cafe. Sometimes, people tend to understand half of the suggestions, and the result is that you should only connect to the wireless network with the wireless network protection access mode WPA) Protection. In fact, public access points using encryption do not bring extra security to you, because the network will send a key to any terminal that sends an application. This is like locking the house door, but it says "The key is under the welcome mat ". If you want to provide wireless networks to everyone, anyone can access them at will. encryption is not required. Encryption is actually a deterrent for wireless networks. Only when a specific wireless network is used can the security be improved when convenience is reduced.

For wireless network security, most tips can be said to be "common knowledge ". But the terrible thing is that there is so much "common sense" that it cannot be comprehensively considered at the same time. Therefore, you should check wireless networks and mobile computers frequently to ensure that some important parts are not missed, and ensure that the focus is effective, not unnecessary or even completely ineffective security measures.