Because the prices of wireless Internet access devices are gradually becoming more popular, the technology of wireless Internet access devices is gradually becoming "mature". More and more enterprises and even families use wireless technology for networking. While enjoying the convenience brought by wireless networks, more and more users are attaching importance to the security of wireless Internet access. How can we reject illegal attacks on our wireless network? In this article, we will start from the wireless network's encryption protocol to recommend a very feasible method for all of you, to help your local wireless network to reject illegal attacks!
Approaching the wireless encryption protocol
Before using the wireless encryption protocol to protect the local wireless network from illegal attacks, we may wish to approach the wireless encryption protocol to reveal its secrets. As you know, data files are transmitted using wireless network channels, which is a bit the same as normal mailing. If we do not encrypt the data files, we can directly transfer them in the wireless network, the wireless workstation around the local wireless network may intercept data files that do not adopt encryption protection measures, and the data files sent locally will leak the privacy information; if we do not want these data files to leak external privacy information, we should encrypt them or take other security measures before transmitting the target data files, ensure that workstation users who do not know the decryption method cannot access the specific data content.
Currently, in wireless networks that use IEEE802.11b/g communication standards, in order to improve network security resistance, wireless network encryption protocols widely used by common users mainly include WEP encryption protocol and WPA encryption protocol. Among them, WEP protocol is also called Wired Equivalent encryption protocol, this wireless communication protocol is often a standard for informal wireless encrypted communication that manufacturers eager to produce and sell wireless devices put together in a short time, currently, this wireless network encryption protocol has many security vulnerabilities, and the wireless data using this encryption protocol is vulnerable to attacks; WPA is also known as Wi-Fi access protection protocol. This encryption protocol is generally used to improve or replace the WEP encryption protocol with obvious security vulnerabilities, this encryption protocol can use two technologies to encrypt the transmission of data information. One is the temporary Key Integrity technology. With the support of this technology, the WPA encryption protocol uses a 128-bit key, at the same time, you can click a mouse on each data packet to change the key. This encryption technology is compatible with the current Wireless hardware devices and the WEP encryption protocol; another technology is the Scalable authentication technology. With this technical support, the password protocol can provide wireless users with more secure and flexible network access functions. At the same time, this protocol is safer and more advanced than the WEP protocol.
Enable WEP for common Encryption
When transmitting data with low confidentiality requirements in wireless networks, we often use the WEP protocol, which is widely used by common household users. The operation of enabling WEP protocol to protect local wireless network is very simple, now this article takes DI-624 + A D-LINK wireless router as an example, to introduce to you in detail the operation steps of enabling WEP protocol:
First, run the IE browser program from the client, enter the default backend management address of the wireless router device in the browser window, and then enter the Administrator account name and password correctly, go to the background management page of the device, click the "Homepage" tab on the page, and click the "wireless network" project in the left-side area of the corresponding option settings page, in the list area on the right of the project, find the "security mode" setting option and click the drop-down button next to the setting item, from the drop-down list shown in the pop-up 1, we can see that the DI-624 wireless router of D-LINK + A supports both "WEP" encryption protocol and "WPA" encryption protocol;
Select the most common "WEP" encryption protocol and then select the appropriate authentication method. Generally, the wireless router provides users with three authentication methods: Shared Key, automatic selection, and open system, to effectively protect the security of information transmitted over wireless networks, we should use the "Shared Key" verification method here. Enter the appropriate wireless network access password in the "WEP password" text box, and then click "execute" on the corresponding settings page to save the preceding settings, finally, restart the wireless router device, so that we can successfully encrypt the local wireless network in the wireless router.
After the WEP password protocol is enabled on the wireless router device, we must correctly set the wks in the wireless network to ensure that they can access the content in the wireless network smoothly. When configuring wireless Internet access parameters for a common workstation, you can click the start, set, and network connection commands in turn. In the displayed network connection List window, right-click the network connection icon corresponding to the wireless network card device, and execute the "properties" command from the shortcut menu to open the wireless network connection Property setting window; click the "wireless network configuration" tab in the window, find the "preferred network" setting item on the corresponding option settings page, and find the target wireless network node, click the "properties" button on the corresponding page. Then, go to the "association" option settings page, and select the "shared" option at the "Network Verification" setting item on this page, click "OK" to complete the settings of wks wireless Internet access parameters.
In the future, when a wireless workstation in the local wireless network needs to access the wireless network, you only need to double-click the wireless network card device in the corresponding workstation. In the login connection dialog box that appears, enter the encrypted password correctly, click the "OK" button in the Login Dialog Box, so that the wireless network access and transmission operations are secure. Even if the common workstation near the local wireless network intercepts the data we transmit through the wireless channel, they will not be able to see the content if they cannot guess the password.
Although the WEP protocol can ensure the security of Wireless Access for ordinary home users, the encryption protocol also has obvious shortcomings, because the Protocol's key is fixed and the algorithm strength is not very high, the initial vector is only 24 bits, and some illegal users can easily crack it using professional tools such as AirSnort. Therefore, for enterprise users and individual users with high confidentiality requirements, the use of WEP Protocol often has certain security risks. At this time, they may wish to use a more secure WPA encryption protocol to protect the wireless network transmission of Important privacy information.
Enable WPA for Advanced Encryption
We know that the WEP protocol has obvious security vulnerabilities, and the WPA protocol uses a stronger generation algorithm. When we click an information package, its key content is automatically changed once, so that we can enjoy higher level of security protection.
Enabling the WPA protocol to protect the local wireless network operation is also very simple, we take DI-624 + A D-LINK wireless router as an example, to introduce you to the detailed operation steps to enable the WPA protocol:
First, run the IE browser program from the client, enter the default backend management address of the wireless router device in the browser window, and then enter the Administrator account name and password correctly, go to the background management page of the device, click the "Homepage" tab on the page, and click the "wireless network" project in the left-side area of the corresponding option settings page, in the list area on the right of the project, find the "security mode" setting option and click the drop-down button next to the setting item, select either "WPA" or "WPA-PSK" from the drop-down list that appears;
Then, set the "encryption method" to "TKIP", and set the PSK password. Please note that we try to keep the password a little longer, after entering the password, save the password and restart the wireless router device. In this way, the WPA encryption protocol is successfully enabled for the local wireless network.
Similarly, in order for workstations in the wireless network to smoothly access the encrypted wireless network, we also need to set the wireless Internet access parameters of the workstation. When configuring wireless Internet access parameters for a common workstation, you can click the start, set, and network connection commands in turn. In the displayed network connection List window, right-click the network connection icon corresponding to the wireless network card device, and execute the "properties" command from the shortcut menu to open the wireless network connection Property setting window; click the "wireless network configuration" tab in the window, find the "preferred network" setting item on the corresponding option settings page, and find the target wireless network node, click the Properties button on the corresponding page. Then, go to the associated Options settings page, and select the WPA or WPA-PSK option at the Network Authentication Settings item on the page, at the same time, adjust the "Data Encryption" parameter to "TKIP", and then enter the previously set PSK password in the "Network key" settings, click "OK" to complete the settings of wks wireless Internet access parameters.
Tips
In addition to encryption to protect the security of the wireless network, we can also use address binding to ensure that the local wireless network is not secretly used by illegal users. Below, this article takes DI-624 + A D-LINK wireless router as an example, to give you a detailed introduction to the specific implementation steps of Address binding operation:
First, run the IE browser program from the client, enter the default backend management address of the wireless router device in the browser window, and then enter the Administrator account name and password correctly, go to the background management page of the device, click the "Homepage" tab on the page, and click the "DHCP" option on the corresponding options page, in the setting area (2) on the right of the corresponding "DHCP", we can perform targeted settings to bind the MAC address of the workstation in the local network to the wireless router, in the future, only the bound local workstation can obtain a valid IP address to complete wireless Internet access.