1. Modify the user name and password (do not use the default user name and password)
Generally, a home wireless network accesses an external network through a wireless router or repeater. Generally, these routers or repeater equipment manufacturers provide a management page tool to help users set up wireless networks for these devices. This page tool can be used to set the network address and account of the device. To ensure that only the device owner can use this management page tool, the device usually has a login interface. Only users with the correct username and password can enter the management page. However, when the device is sold, the default user name and password provided by the manufacturer for each model of the device are the same. Unfortunately, after many home users buy these devices, the default user name and password of the device are not modified. This allows hackers to take advantage of this vulnerability. By using a simple scanning tool, they can easily find the addresses of these devices and try to use the default user name and password to go to the Management page. If it succeeds, they will immediately gain control of the vro switch.
2. Use encryption
All wireless networks provide some form of encryption. As I mentioned before, as long as the attacking computer is within the valid range of the wireless router/repeater, it will have a great opportunity to access the wireless network, once it can access the internal network, all the data transmitted in the network is transparent to him. If the data is not encrypted, hackers can use some packet sniffing tools to capture packets, analyze and snoop into the data privacy. Enable your wireless network encryption so that even if the data you transmit on the wireless network is intercepted, it cannot be interpreted (or said it is not so easy. Currently, there are several encryption technologies in wireless networks. We usually choose the most powerful encryption technology. In addition, if multiple wireless network devices exist in your network, the encryption technology of these devices should be the same.
3. Modify the default service area identifier (SSID)
Generally, each wireless network has a Service Identifier (SSID). When a wireless client needs to join the network, it must have the same SSID. Otherwise, it will be "REJECTED ". Generally, the router/repeater device manufacturer has the same default SSID in their products. For example, the SSID of a linksys device is usually "linksys ". If a network does not specify a SSID for it or only uses the default SSID, any wireless client can access the network. Undoubtedly, this opens the door for hackers to intrude into the network.
4. Disable SSID Broadcast
In a wireless network, each routing device has a very important function, that is, the service area identifier broadcast, that is, the SSID broadcast. Initially, this feature was designed primarily for commercial wireless networks with extremely high traffic on wireless network clients. In a wireless network with SSID broadcast enabled, the routing device automatically broadcasts its own SSID number to the wireless network client in the valid range. After the wireless network client receives this SSID number, you can use this network only by using this SSID number. However, this function has a great security risk, as if it automatically opens a portal for hackers who want to enter the network. In commercial networks, security must be sacrificed to enable this function to meet the changing wireless network access end. However, as a home wireless network, network members are relatively fixed, therefore, you do not need to enable this function.
5. Set MAC address filtering
As we all know, basically every network connection device has a unique identifier called a physical address or a MAC address. Of course, wireless network devices are no exception. All router/repeater and other routing devices track all the MAC addresses that pass through their data packet source. Generally, many such devices provide MAC address operations, so that we can establish our own MAC address list to prevent unauthorized devices (hosts, etc.) from accessing the network. However, it is worth mentioning that this method is not absolutely effective because it is easy for us to modify the MAC address of our computer Nic, I have an article dedicated to how to modify the MAC address.
6. assign a static IP address to your network device
As DHCP services become more and more easy to establish, many domestic wireless networks use DHCP services to dynamically allocate IP addresses to clients in the network. This leads to another security risk, that is, the attacker accessing the network can easily obtain a valid IP address through the DHCP service. However, in a very fixed home network, we can assign a fixed IP address to the network member devices, and then set the list of IP addresses allowed to access the devices on the vro, this effectively prevents illegal intrusion and protects your network.
7. determine the location to hide your router or Repeater
As we all know, wireless network routers, reconnections, and other devices all transmit data through radio waves, and data transmission has an effective range. If your device is far beyond your home, you need to consider your network security, hackers may easily log on to your home wireless network outside your home. In addition, if your neighbor uses a wireless network, you also need to consider whether the coverage of your router or repeater will overlap with that of your neighbor, if they overlap, it will cause a conflict and affect your network transmission. Once this happens, you need to set a different frequency band (also called Channel) for your router or repeater than the neighboring network ). Select a suitable vro or repeater based on your own family, and select the place where it is placed. Generally, it is the most appropriate place to place it in the center of the family.
- Home wireless: how to protect your network security
- Use Windows Connetc to build a secure wireless home network
- Proficient in home wireless network settings