Building a home wireless network teaches you how to ensure security

Source: Internet
Author: User

How should we set up wireless networks in the home environment? How can we protect our security more effectively with the increasingly mature wireless network technology?

Nowadays, most households access the Internet by setting up wireless networks. However, many people know that many network security problems are hidden behind this trend. In principle, wireless networks are more vulnerable to intrusion than wired networks, because the computers at the attacked end do not need to be connected to the computers at the attacked end, he can access your internal network and access resources as long as he is within the valid range of your wireless router or repeater. If the data transmitted over the internal network is not encrypted, it is more likely to be snooped into your data privacy. In addition, wireless networks are far inferior to wired networks in terms of their development history, and their security theories and solutions are far from perfect. All of this leads to poor wired network security. In this article, let me tell you how to use some security measures to make your wireless network more secure and reliable.

1. Modify the user name and password (do not use the default user name and password)

Generally, a home wireless network accesses an external network through a wireless router or repeater. Generally, these routers or repeater equipment manufacturers provide a management page tool to help users set up wireless networks for these devices. This page tool can be used to set the network address and account of the device. To ensure that only the device owner can use this management page tool, the device usually has a login interface. Only users with the correct username and password can enter the management page. However, when the device is sold, the default user name and password provided by the manufacturer for each model of the device are the same. Unfortunately, after many home users buy these devices, the default user name and password of the device are not modified. This allows hackers to take advantage of this vulnerability. They can easily find the addresses of these devices through simple scanning tools and try to log on to the Management page with the default user name and password, if the router or vswitch is successful, the control of the vro or vswitch is obtained immediately.

2. Use encryption

All wireless networks provide some form of encryption. As I mentioned before, as long as the attacking computer is within the valid range of the wireless router/repeater, it will have a great opportunity to access the wireless network, once it can access the internal network, all the data transmitted in the network is transparent to him. If the data is not encrypted, hackers can use some packet sniffing tools to capture packets, analyze and snoop into the data privacy. Enable your wireless network encryption so that even if the data you transmit on the wireless network is intercepted, it cannot be interpreted (or said it is not so easy. Currently, there are several encryption technologies in wireless networks. We usually choose the most powerful encryption technology. In addition, if multiple wireless network devices exist in your network, the encryption technology of these devices should be the same.

3. Modify the default service area identifier (SSID)

Generally, each wireless network has a Service Identifier (SSID). When a wireless client needs to join the network, it must have the same SSID. Otherwise, it will be "REJECTED ". Generally, the router/repeater device manufacturer has the same default SSID in their products. For example, the SSID of a linksys device is usually "linksys ". If a network does not specify a SSID for it or only uses the default SSID, any wireless client can access the network. Undoubtedly, this opens the door for hackers to intrude into the network.

4. Disable SSID Broadcast

In a wireless network, each routing device has a very important function, that is, the service area identifier broadcast, that is, the SSID broadcast. Initially, this feature was designed primarily for commercial wireless networks with extremely high traffic on wireless network clients. In a wireless network with SSID broadcast enabled, the routing device automatically broadcasts its own SSID number to the wireless network client in the valid range. After the wireless network client receives this SSID number, you can use this network only by using this SSID number. However, this function has a great security risk, as if it automatically opens a portal for hackers who want to enter the network. In commercial networks, security must be sacrificed to enable this function to meet the changing wireless network access end. However, as a home wireless network, network members are relatively fixed, therefore, you do not need to enable this function.

5. Set MAC address filtering

As we all know, basically every network connection device has a unique identifier called a physical address or a MAC address. Of course, wireless network devices are no exception. All router/repeater and other routing devices track all the MAC addresses that pass through their data packet source. Generally, many such devices provide MAC address operations, so that we can establish our own MAC address list to prevent unauthorized devices (hosts, etc.) from accessing the network. However, it is worth mentioning that this method is not absolutely effective because it is easy for us to modify the MAC address of our computer Nic, I have an article dedicated to how to modify the MAC address.

6. assign a static IP address to your network device

As DHCP services become more and more easy to establish, many domestic wireless networks use DHCP services to dynamically allocate IP addresses to clients in the network. This leads to another security risk, that is, the attacker accessing the network can easily obtain a valid IP address through the DHCP service. However, in a very fixed home network, we can assign a fixed IP address to the network member devices, and then set the list of IP addresses allowed to access the devices on the vro, this effectively prevents illegal intrusion and protects your network.

7. determine the location to hide your router or Repeater

As we all know, wireless network routers, reconnections, and other devices all transmit data through radio waves, and data transmission has an effective range. If your device is far beyond your home, you need to consider your network security, hackers may easily log on to your home wireless network outside your home. In addition, if your neighbor uses a wireless network, you also need to consider whether the coverage of your router or repeater will overlap with that of your neighbor, if they overlap, it will cause a conflict and affect your network transmission. Once this happens, you need to set a different frequency band (also called Channel) for your router or repeater than the neighboring network ). Select a suitable vro or repeater based on your own family, and select the place where it is placed. Generally, it is the most suitable place to be placed in the center of the family.
 

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.