Enhance wireless router settings to prevent network intrusion

We are all concerned about the prevention of network theft by others. So what aspects should we start with to prevent illegal network user intrusion?

When using wireless routers for wireless surfing, our neighbors may accidentally break into the local wireless network. These neighbors enjoy the bandwidth we provide for free, you may try to log on to the background management interface of the local wireless router to launch illegal attacks on the local wireless network. As a result, the local wireless network cannot work normally. In order to guard against the destruction of these neighbors, it is necessary to take timely measures to set up the wireless router in order to reject illegal neighbors from launching attacks on the local wireless network.

Disable Ping in wireless route settings to prevent local target exposure

When looking for free wireless network nodes, you often use the Ping command to search for available wireless routers nearby, once an attack target is found, they can fully utilize their attack capabilities to launch malicious attacks on the local wireless network.

To this end, we must try to make the local wireless router reject others from testing the Ping command. Only in this way can the illegal neighbors find the target through the Ping command, in addition, the Ping command test function can also shield Network viruses such as shock waves from wireless networks.

When you disable the Ping command test function of a wireless router, log on to the vro backend Management page of the local wireless network as a system administrator and find the "tool" setting option, click "Other Projects" under this option, and select the "Activate" project next to "ignore Ping from WAN" on the corresponding page, click the "execute" button to make the settings take effect.

In this way, in the future, neighbors near the local wireless network will not be able to use the Ping command to check whether the local wireless router is online.

Manage the password for wireless route settings to avoid unauthorized neighbor settings

We know that the default passwords used by many models of wireless routers are almost the same, and even some devices do not set the background logon password when leaving the factory, which is obviously very dangerous, if the password is improperly set, once the illegal neighbor enters the wireless router background management interface, they may randomly set the local network parameters.

In this case, open the IE browser of the local workstation and enter the default IP address of the wireless router in the address box. For example, the default IP address is "http: // 192.168.0.1" in most cases ", or "http: // 192.168.1.1", click the Enter key to open the background logon interface of the wireless router, and enter the default Administrator account and password, in this way, you can successfully access the background management interface of the wireless router.

In this interface, first find the "System Tool" setting item, click the "Modify logon password" item under this option, and then on the settings page of the corresponding project, first fill in the original user name and password information in the "original user name" text box and "original password" text box, enter complex user names and passwords in the "New User Name" text box and "new password" text box, and then click the "execute" button on the corresponding settings page, save the preceding settings.

In addition, in some wireless router backend management interfaces, we also find that the wireless router login password is divided into administrator and common user levels. Using an administrator-level logon password, we can not only read the parameter settings of the local wireless network, but also modify and edit the parameters at will. Using a common user-level logon password, we can only read the parameter settings of the local wireless network, but cannot modify or edit the parameters at will.

Therefore, we must properly set and assign these two passwords based on actual conditions and different user access permissions. For example, for common online users, we only need to tell them common-level passwords so that they have the right to view the wireless router parameter settings. For System Administrator-level online users, we can tell them administrator-level passwords, so that they can adjust the parameters of the local wireless network at any time.

The network card bound to the wireless route settings, and the neighbors are not allowed to intrude into this network.

Anyone familiar with the network knows that each network card device has a unique physical address, which enables accurate data transmission. Therefore, almost all wireless router devices in the market have the physical address filtering function. We can enable this function to exclude all the physical addresses of unfamiliar NICs from the local wireless network, in this way, illegal neighbors cannot easily break into the local wireless network.

To bind the NIC device of the local workstation to a wireless router, We can first enter the wireless router background management interface with the super administrator permission, find the "Advanced Settings" tab settings page, click the "filter" option, and then adjust the "allow or deny users to access the Internet from the LAN" parameter to "MAC address filtering" in the pop-up window ".

Select "only allow users of the following MAC addresses to access the network" at "MAC address filtering", and then select the target Nic device that is directly connected to the wireless router in the corresponding list box, click the copy button to copy the physical address of the local workstation. Then, click the execute button on the settings page to save the preceding settings.

After completing the above settings, only the NIC device of the local workstation can establish a network connection with the local wireless router, and the strange NIC address in the neighboring workstation will be filtered out by the wireless router, in this way, even if the neighbor can find the local wireless network, it will not log on to the local network easily.