The configuration of a wireless router is generally divided into software and hardware parts. The following article will explain in detail. Based on the reasons why everyone is a beginner, the article provides specific steps and some application examples.
Hardware and software: wireless router configuration method Ultimate Edition
Intrusion detection and defense systems (IDS/IPS) are composed of hardware and software. If you want to build a high-performance intrusion detection and defense system, the hardware and software required to form IDS/IPS must be prepared by ourselves! Without any of the two, it is impossible to complete the task of creating an intrusion detection and defense system.
1. wireless router configuration and software preparation
Snort is an open-source and free intrusion detection system based on command lines. Although it is a software used to detect network attacks for small and medium-sized enterprises, because it is mainly used in the form of command lines, you must not only learn how to install, deploy, and set it, but also remember a large number of detection commands, this is a big problem for users who are not used to command line operations.
Therefore, a lot of software has emerged on the market that uses Snort to provide intrusion detection functions. However, these software only misappropriates simple functions and even does not have basic intrusion detection settings, let alone the intrusion defense function. In this article, I will introduce you to an intrusion detection and defense software named "Strata guard" produced by StillSecure, it is a real IDS/IPS software with intrusion detection and active defense functions.
Strata guard is a commercial software based on Linux, but its free version has no limits on all other functions except for its maximum network bandwidth limit of 5 Mbps. 5 mbps bandwidth is sufficient for small and medium-sized enterprises that are still using 2 Mbps or 4 Mbps. In addition, Strata guard only pays $2500 for Small and Medium-sized Enterprise Business versions, which is much more cost-effective than purchasing a traditional hardware-based IDS/IPS device separately.
The Strata guard software has also evolved from Snort. It not only has all the features of Snort, but also has the following unique features:
◆ Graphical installation interface and wizard-based initialization settings make it easy for users to get started.
◆ Priority alert can be generated based on the attack severity program.
◆ Real intrusion defense capabilities, able to intercept and process attack data packets accordingly.
◆ WEB-based remote configuration and management.
Strata guard's unique features above make it easy to install and use without having to know more about the Linux system. As Strata guard evolved from Snort, it still uses the Detection Technology Based on the attack feature library to identify malicious attacks in network traffic.
However, Strata guard can also detect malicious attacks in network traffic by using Feature Analysis, protocol exception analysis, status packet analysis, and TCP packet restructuring. It is precisely because Strata guard also has these unique detection methods that it can make a correct judgment on new malicious attacks and take appropriate active interception responses to play a real active defense role.
When Strata guard is installed as a gateway to a critical position of the enterprise network, in addition to proactively intercepting detected malicious network traffic, it can also securely replay TCP traffic, it can also intercept network attacks by source IP addresses or ports, prevent DoS attacks, and execute custom response scripts.
Strata guard also allows us to set a wireless router to respond to all detected attacks in the global default mode, or create an independent response mode for each independent attack mode, this allows us to flexibly and freely create various methods to respond to network attacks based on different network application environments.
Strata guard is now the latest version of v5.0beta, to download it, you must first register a free account in the http://sgfree.stillsecure.com, the free version of the license guard authorization code, this authorization code will be used during configuration initialization, make sure to copy it and save it to a text file.
The free version of Strata guard has two release methods: one is a CD image created for the gateway mode and the other is a virtual machine file created for the standard mode. We can decide which file to download based on the purpose of using Strata guard. In this article, I need to use the free version of Strata guard as the gateway, so I will download its CD image file, it is about MB in size.
Ii. wireless router configuration methods and hardware requirements
Strata guard has high performance requirements on the dependent hardware, mainly to ensure sufficient network forwarding performance while detecting all network traffic. For the free version of strata guard, we can use the following hardware to customize a hardware platform for the intrusion detection and defense system:
◆ Processor: AMD 4400 +
◆ Memory: DDR2 667 2 GB
◆ Hard Disk: SATA 80 GB
◆ NIC: Two NICs are required for strata guard to work in standard mode, and three NICs are required for working in Gateway mode.
◆ Preferably 3Com or Intel Gigabit Ethernet NICs. We recommend that you use Intel
◆ Pro/1000MT desktop Gigabit Nic.
◆ Motherboard: choose with multiple PCI-E interface, integrated sound card, graphics card,
◆ Even the motherboard of the Gigabit Ethernet NIC can save us a lot of money and unnecessary trouble.
◆ Optical drive: general IDE interface CD Optical Drive.
◆ Other hardware: In order to provide continuous power for the operation of these hardware, it is best to choose a reliable PC power supply with a quality of W or above.
The above hardware can fully meet the requirements of most small and medium-sized enterprises for intrusion detection and defense systems. Of course, we can fully meet the actual needs of our networks, enterprises are allowed to invest money in this area to choose a variety of PC hardware with faster speed, larger capacity, and better performance. Moreover, the current PC hardware price is close to the cabbage price. Even if you choose a hardware with higher performance, you will invest in the hardware of the customized intrusion detection and defense system, it is still much lower than the market's hardware-based intrusion detection and defense system, which is 100,000 higher.
Because I am familiar with network equipment, I often need to buy some equipment or inquiry for my friends. In fact, there is nothing to do with it, but sometimes I encounter "100,000 why ?" If you don't know anything, it's terrible. Now, all the calls are billed in one way, and the technical hotline fee is not counted. The on-site service is so painful! On Sunday, I made a free volunteer.
Last week, I helped my friend buy A D-link DI-624 + A wireless router, he "shared" A broadband from the landlord to access the Internet, this year "sharing" is not an obligation, the market price is 50 RMB a month. After the cable was pulled, I got two desktops and a notebook on the wireless router. I used it well on Saturday, but I suddenly couldn't access the Internet on Sunday. The technical hotline does not work either. It can only be used as a running leg.
◆ In the installation wizard, is dynamic IP address selected or fixed IP address set? Because it is used to pull the landlord line, you need to set it as a fixed IP address here.
◆ If you select a dynamic IP address, will the MAC address be a local MAC address or a wireless MAC address? Select a dynamic IP address. This option is selected only when cable broadband is used.
◆ If you select a fixed IP address, wan ip address, WAN Sub-network mask, WAN gateway, primary DNS address, and secondary DNS address, how do you set them?
◆ Do I have to change the IP address and DNS address of my computer? Or is DHCP assigned by default? You can set the IP addresses of each computer in the vro, or set the IP addresses in the computer, depending on the vro settings.
Generally, we can use two ways to access the Internet, but the wireless router setting method is as follows:
◆ Wired mode:
Connect the landlord's line to any LAN port rather than the WAN port), and then connect other computers to another LAN port using a network cable. In fact, such a sharing method can be implemented directly using a vswitch. As long as the landlord dials a number, the Internet can be accessed as usual.
The computer settings are based on the router settings of the landlord's house. For example, the router of the landlord's house is set to 192.168.1.1. The IP addresses of your two computers are set to 192.168.1.X, gateways: 192.168.1.1, and DNS: 192.168.1.1 ). Then you can proceed. This approach is equivalent to using a Broadband Router as a switch. The principle is simple and easy to implement.
◆ Wireless mode:
In this case, the WAN port is used because the data is forwarded. First, you must confirm the method for setting the wireless router of the landlord's house. You need to know the IP address, subnet mask, and DNS. DNS is the DNS in the WAN settings. For example, the IP address of the router in the landlord's house is 192.168.1.1, subnet: 255.255.255.0, and DNS: 1.1.1.1. connect the connection to the router of the landlord to the WAN port of the wireless router. Set the WAN to IP: 192.168.1.X, subnet 255.255.255.0, Gateway: 192.168.1.1, and DNS: 1.1.1.1.
Then, set the LAN to: IP: 192.168.0.1 subnet: 255.255.255.0 DNS: 1.1.1.1 WAN port and LAN port IP address are not in the same network segment ). The computer connects to the LAN port and is set to 192.168.0.X subnet: 255.255.255.0 Gateway: 192.168.0.1 DNS: 192.168.0.1 and 1.1.1.1. The IP address after the transfer of 192.168.0.1 is 1.1.1.1, so both DNS servers can.