Wireless Router Security Setting method

Source: Internet
Author: User

Wireless Router security settings: WEP encryption, or WPA encryption?

Wireless network encryption is to provide security for data encryption in radio waves, mainly for the confidentiality of link layer information data in WLAN. Now that most wireless devices have WEP encryption and WAP encryption, do we use WEP encryption or WAP encryption? Obviously WEP appears earlier than WAP, WAP is better than WEP security.

WEP uses the symmetric encryption mechanism, the data encryption and decryption using the same key and encryption algorithm? When encryption is enabled, two wireless network devices must be configured to use encryption with the same key and algorithm to communicate. WEP supports 64-bit and 128-bit encryption, and for 64-bit encryption, the key is 10 hexadecimal characters (0-9 and a-f) or 5 ASCII characters, and for 128-bit encryption, the key is 26 hexadecimal characters or 13 ASCII characters.

Wireless router security settings: How to make WEP more secure

(1) Using multiple sets of WEP keys, using a set of fixed WEP keys is very insecure, and using multiple sets of WEP keys increases security, but note that the WEP key is stored in flash, so some hackers can access your network by acquiring any device on your network;

(2) If you are using an older wireless router that supports WEP only, you can use 128-bit wepkey, which will make your wireless network more secure

(3) Regular replacement of your WEP key

(4) You can go to the manufacturer's website to download a firmware upgrade, upgrade will be able to add WPA support

Can WPA (Wi-Fi Protected Access) solve security problems that WEP cannot solve? Simply put, the problem with the low security of WEP comes from the use of one key for each device share on the network. The key is unsafe, and its scheduling algorithm's weakness makes it relatively easy for a malicious hacker to intercept and break the WEP password. And then access the internal resources of the local area network?、。

WPA is a new technology that inherits the fundamentals of WEP and addresses the drawbacks of WEP. Because of the enhanced algorithm for generating cryptographic keys, it is almost impossible to compute a common key even when grouping information is collected and parsed. Its rationale is based on the Universal key, Match the number of the computer MAC address and packet information sequence number to generate a different key for each packet information? This key is then used for RC4 encryption as with WEP.

With this processing, the data exchanged by all the packet information of all clients will be encrypted by different keys. No matter how much of this data is collected, it is almost impossible to break the original universal key. WPA also adds functionality and authentication that prevents data from being tampered with in the middle? With these features, WEP's previously criticized shortcomings have been fully resolved? Not only is WPA a more powerful encryption method than WEP, but is it richer in content? As a subset of the 802.11i standard, WPA contains authentication, three components of encryption and data integrity verification, and is a complete security solution.

Here to remind you that many wireless routers or AP at the factory, data transmission encryption function is closed, if you take to use without further settings, then your wireless network becomes a "undefended" furnishings. We recommend that WPA encryption be used.

Wireless Router security settings: MAC address-the DNA of the internet world

Since each wireless card has the world's only physical address Mac, you can manually set up a wireless AP (or wireless router) in a set of wireless Internet access to the host computer card MAC address list, to achieve physical address filtering? This requires that we update the MAC address list in the AP at any time.

Router setting MAC address filtering is too much work for large wireless networks, but not for small wireless networks, so should we be afraid of trouble? The MAC address can theoretically be forged, so it is a lower-level authentication method. Our advice is: for home and small office wireless network, users are not many, should set up the MAC address filtering function.

Wireless router security settings: ssid-Hide Yourself

Wireless routers generally provide the "Allow SSID Broadcast" feature? If you don't want your wireless network to be "easily" searched by someone else's wireless card, what's the best "no SSID broadcast"? The SSID is popularly referred to as the name given to a wireless network, and its role is to differentiate between different wireless networks.

SSID is the wireless network card to discover the first element of wireless networks, after the broadcast SSID, in the wireless network coverage, the wireless card will automatically find the network, and try to connect with it? If we don't want to expose our wireless network to a public place, we should think of hiding our own SSID without a wireless network, The "Broadcast SSID" feature should be turned off. After the broadcast SSID is turned off, the wireless network card does not automatically find the wireless networks, and it is necessary to manually add the SSID to the wireless network? We recommend that you hide the SSID.

Wireless router security settings: How to make wireless networks more secure

According to the information on the Internet, use the following software: Networkstumbler? Wildpacketsairopeeknx? such as OmniPeek4.1 and Winaircrack, these software can crack the wireless network security settings including WEP encryption, WPA encryption, MAC filtering, SSID hiding and so on, as long as it has enough time to crawl the communication signal. This may sound disappointing, so how do we make wireless networks safer?

Ensure that wireless access networks do not rely on technologies such as WEP to be as secure as possible, and that the current approach to achieving this goal is mainly VPN technology, such as using security protocols such as Point-to-Point Tunneling Protocol (PPTP) or second-tier Tunneling Protocol (L2TP), using IPSec, SSL and other VPN technology. This allows both access control and End-to-end (program to program) encryption capabilities.

VPN technology This End-to-end security solution may be overly complex and technical support for small networks and personal applications, which is a dilemma for our small users, but web-based Sslvpn technology is relatively easy to find.

Wireless router security settings: Automatically obtain IP, or fixed IP?

DHCP (dynamichostconfigurationprotocol) Dynamic Host Setting protocol is the ability to automatically assign IP addresses to each computer in a local area network, without requiring users to set IP addresses. The subnet mask and other required TCP/IP parameters. It is divided into two parts: one is the server side (which refers to a wireless AP or wireless router with DHCP service capability), and the other is a client (a wireless client device such as a user's personal computer)? All IP network settings are centrally managed by the DHCP server, and is responsible for processing the DHCP requirements of the client, while the client uses the IP environment data that is assigned from the DHCP server.

If the wireless router or wireless AP has DHCP enabled, providing dynamic IP for the host that is connected to the wireless network, it is easy for others to use your wireless network. Therefore, disabling DHCP is necessary for personal or corporate wireless networks, except in public wireless "hotspot" areas such as the airport bar, should you turn on DHCP? Typically, the DHCP server is set to not enabled under DHCP server settings for the wireless router. This allows you to find the wireless network signal and still not be able to use the network. We give the suggestion is: use is not very common private network segment static way, it is best not to use 192.168.0.0-192.168.0.255 this common private network segment, let a person guess on.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.