Walking through a local commercial park, I have about 15 wireless access points that have been developed for my father-in-law, and several of them do not require authentication to access the company's network. If you use a wireless network interface to open your handwriting, and walk around the city, there is nothing too strange. To keep your wireless network from those who look for access points War-driver: War driver is a standard laptop, wireless NIC card driving around the city's business district. This allows you to accurately determine the location of all 802.11 networks in the location and whether they use WEP. ), the use of authentication and encryption and other basic methods to improve the security of wireless access points is very important.
Wireless access points can be configured to implement a broadcast of the access point SSID and domain name, which is usually not required. By shutting down the radio, you can largely stop exposing your network to the outside world. Yes, the SSID is transmitted when the wireless node is connected to the wireless network, but it is less common than before. The SSID should be set to not describe enterprise information, making it more difficult for hackers to understand the owner of the wireless network.
Wireless security encryption can be used to guard against the data being read while it is being propagated, and to use with Wired Equivalent Privacy (Wired equivalent PRIVACY,WEP), WPA, EAP-TLS, or virtual private networking software. WEP lacks true authentication, but uses a static encryption key. Static encryption keys only need to be available in a very short time with free software, and there is little protection for constantly bugging people. WPA requires authentication and uses a long dynamic encryption key, and it may be compromised. However, WPA does require compatible client hardware and software. EAP-TLS uses digital certificates to authenticate and encrypt wireless traffic using SSL, but requires a degree of complexity in the PKI architecture.
Wireless antennas typically have power settings that allow for adjustment of the signal's transmission strength. It's best to adjust the antennas so that they can cover the range of wireless access needed, rather than entering a place where hackers might be lurking.
Most wireless access points also allow access to restricted media access control (MAC) addresses. The MAC address is the hardware address that is used only to identify each network node. Beware, however, that it can also be attacked by passive wireless sniffer attacks that can capture the MAC address of the devices allowed on the network. Once acquired, the hacker can disguise his MAC address, and it will not be restricted to that level. Restricting MAC addresses can add layers that must be compromised, and is worth considering.
This is a brief introduction to wireless security fundamentals and risks, but it gives you a complete view of some of the real issues you will face when managing wireless networks and wireless access point security policies.
Back to the column page: http://www.bianceng.cnhttp://www.bianceng.cn/Network/Security/
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
