Network skills: Wireless Network Security

Source: Internet
Author: User

The network is surging and is full of the traditional online world. How can we face such a powerful challenge? Here we will introduce it in detail. Tip: when building a wireless network, ensuring enterprise network security is more important than anything else. The following five situations must be avoided to Ensure network security.

To protect wireless network security, we must first take the same security measures as to protect traditional networks, and then take other special measures. In non-wireless networks, you need to consider the following issues when dealing with wireless networks and devices: Encrypted with sufficient strength, properly storing certificates, and ensuring Operation Security.

Compared with wired networks, wireless network security is not another type of network security, but a more comprehensive and reliable network security.

The following describes the most common security negligence and how to avoid it:

Wireless Network Security 1. Do not destroy your firewall

It is almost certainly true that you have installed a firewall for both wired and wireless networks. However, if you do not place the wireless system access point outside the firewall, the firewall configuration will not help. Make sure that this is not the case. Otherwise, you should not create a necessary barrier for the network, but also open a convenient channel from the existing firewall.

Wireless Network Security 2. Do not underestimate Media Access Control

Media Access Control (MAC) is often ignored because it does not prevent spoofing. But it is undoubtedly an important brick for the entire protection system. Essentially, it is another address filter that can prevent potential hacker intrusion. What it does is to restrict network access to a specific device based on the address-Based Access Control List you have defined.

MAC also provides the ability to adjust the access control list for potential intruders. The principle is the same as that for intruders to be knocked out before being rejected.

If you already have a MAC, intruders will surely hit it before entering the system, and then they can only make a comeback and try to pass through it. Now your network can see what intruders look like. Therefore, your MAC list contains three types of visitors: first, friendly visitors exist in the visitor list; second, no visitors in the list and unintentional visitors; third, it is not in the list, but you can be sure that you have never invited yourself and tried to break in. If they will try to break in, they can now be confirmed immediately.

In short, if you detect wireless networks and find that visitors not on the MAC list attempt to initiate multiple accesses, you are already under the eyes of potential attackers, and he will not know that you have found him.

Wireless Network Security 3. Do not ignore WEP

Wired Equivalent encryption Wired Equivalent Privacy, WEP) is a wireless network security protocol compliant with 802.11b standards. It encrypts data when wireless data is sent, and the encryption scope covers any data you use. Be sure to use it. However, it must be emphasized that it is key-based, so do not always use the default key. For personal users who access the system for the first time, you should even create a separate WEP Key. Of course, we can't think that WEP is a perfect solution. Even multi-encryption does not ensure you are safe, so you should combine WEP with other wireless security measures.

Wireless Network Security 4. Unauthorized access points are prohibited

Currently, access points can be easily configured. For an IT department with heavy tasks, simple access rules may be adopted and the access policy as-needed basis is followed) to allow users to set access points. But do not be tempted by this convenience. Access Points are the number one target of intruders. The configuration policies and processes should be studied in detail and strictly followed by them.

What should these policies and processes contain? First, you must carefully develop the correct guidelines for placing access points, and ensure that anyone has such a policy at hand When configuring the AP. Next, you must have an installation instruction to indicate the AP that already exists in the wireless network configuration for future reference), as well as the specific process of correctly releasing the configuration and allowing you to review the configuration. In addition, no matter who has set the AP, you should immediately specify another person to review the installation. Is it very troublesome? Indeed. However, security incidents caused by AP spoofing or network leakage will cause you a headache.

Wireless Network Security 5. refuse access through the active-hoc Mode of the notebook

This strict measure should be taken in any enterprise. In Ad-hoc mode, Wi-Fi users are allowed to directly connect to another adjacent notebook, which constitutes an unimaginable network environment.

As part of the 802.11 standard, the Ad hoc mode allows your laptop network interface card to run in the Independent Basic Service Set, IBSS) mode. This means that it can connect to another laptop through RF. When you use the Ad-hoc mode, you naturally want to connect to other laptops over a wireless network. From the perspective of surface value, this will be an attractive trick, because no one can leave the connection out. But you must realize that it allows access to the entire hard disk of the notebook. If you set it to the allowed state and forget this, everything will be left in front of the whole world without reservation.

Moreover, the danger is not limited to your undefended machines. An intruder can use a laptop to intrude into the network. If you place your machine in Ad hoc mode and someone secretly invades it, you are not only exposed to your computer, but to the entire network.

This dangerous habit must be avoided, that is, never try to allow access in Ad hoc mode from the first time. The risk of accepting this model is far greater than the convenience it provides.
 

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.