How to build a secure home wireless network

Source: Internet
Author: User
Tags connect firewall

With the progress of the times, more and more people set up a home wireless network to facilitate Home Office, and wireless network security issues, but also more and more people's attention. Currently, many Wi-Fi networking products are not always more effective in security configuration. Below, this article will introduce you to some of the summary recommendations for improving the security of your home wireless network:

First, change the default administrator and user name password

Connect Wi-Fi home network nodes, usually routers or access points, such equipment manufacturers generally provide page management module, allowing users to view the Web page address and account information, and support network configuration management. However, these web tools typically require legitimate users to have administrative privileges. Manufacturers generally also preset in the device administrator or user name and password, in order to avoid unnecessary trouble, please change these admin username and password in time.

Second, open WPA/WEP encryption

Almost all Wi-Fi devices support some form of encryption. Encryption enables you to make messages that are transmitted over a wireless network easily accessible. In the development of Wi-Fi today, encryption technology has also been mature. For your own home wireless network, you might naturally think of using the strongest encryption technology to secure a wireless network. The caveat, however, is that any encryption technology requires the same encryption settings for Wi-Fi devices that work on the network.

In the default state, the wireless access point device usually does not have the encryption service turned on. In fact, the manufacturer has injected the WPA (Wired Equivalent Protocol)/WEP (Wi-Fi Protection Access Protocol) into the wireless device, forcing the user's host to access the wireless access point after providing a password. Therefore, the user should turn on the WPA/WEP encryption service to improve the security protection of the access point.

Third, change the default service area identifier (SSID)

Wireless access points (routers) typically broadcast the network name (SSID) within the range they can cover, and the manufacturer has the default SSID settings for the devices it produces. For example, the SSID of a Linksys device is usually "Linksys." Admittedly, knowing the SSID itself does not allow your neighbors to break into your wireless network, but knowing the SSID can easily lead to other unintended consequences.

More importantly, if someone discovers the default SSID, it's easy to be the target of their attack (they'll assume that the network is not properly configured for security). Therefore, when you configure the wireless network security, be sure to change the default SSID.

Four, enable MAC address filtering

Each fragment transmitted in the WiFi network has a physical address relative to the IP logical address, and each device is assigned a unique MAC address at the factory. Wireless access points and routers can record each MAC address connected to its device.

Many wireless access point devices allow users to type the MAC address of the wireless device they have restricted access to so that other illegal wireless devices cannot access their devices. However, many hacker software can be disguised as a legitimate MAC address device intrusion user network. Therefore, you need to open your own wireless network MAC address filtering mechanism, by blocking illegal MAC address to effectively intercept the illegal intrusion.

V. Disabling SSID broadcasts

Back to the column page: http://www.bianceng.cnhttp://www.bianceng.cn/Network/Security/

In Wi-Fi networks, wireless access points (routers) typically broadcast network names (SSID) within the range they can cover to be detected by other wireless network adapters. This feature is actually designed for wireless hotspot areas so that dynamically moving devices can detect shared wireless access points.

However, in the home network, if you do not want your wireless network to be detected by outsiders and illegal intrusion, such a function is not needed, so it is best to disable the SSID broadcast. This way, your wireless network will not appear in the list of networks that other people can search, so you can better avoid the intrusion of your neighbor or hacker.

Six, prohibit automatic connection to open Wi-Fi network

If you connect to open Wi-Fi (such as a free wireless hotspot or a neighbor's wireless access point), it's easy to expose your computer security risks. Although this is not usually the case, most computers have a setting that allows you to automatically find and connect to any available network (the default is to allow automatic connection and will not prompt you). Unless in exceptional circumstances, we recommend that you disable this setting.

Seven, for your device to specify a static IP

Because DHCP services are becoming easier to build, many home wireless networks use the DHCP service to dynamically assign IP to clients on the network. This leads to another security risk, that is, the attack side of the access network can easily get a legitimate IP through the DHCP service.

In fact, in the member fixed home network, we can by assigning a fixed IP address to the network member device, and then setting up the IP address list on the router to allow access to the device, which can effectively prevent illegal intrusion and protect your wireless network.

Eight, install the firewall

Today's routers are generally built with firewall capabilities, and it also allows you to disable these features. For security reasons, make sure that the router's firewall is turned on, while on the PC you can install a professional personal firewall for dual protection.

Nine, reasonable place access point location

It is well known that wireless network routers or other access point devices transmit data in the form of radio waves, and that data propagation has a valid range. When your device is covered far beyond your home, then you need to pay special attention to it, because in that case, hackers may easily be able to land outside your home to your home wireless network.

In addition, if your neighbor also uses wireless networks, then you need to consider whether your router and other devices will overlap with the neighbors, if overlapping will cause conflicts, affect your network transmission. Once this happens, you need to set up a band that is different from the neighbor network for your router. We suggest that you choose the location of the router according to your own situation. Generally speaking, it is more appropriate to place in the center of the family.

Shut down the network for a long time when not in use

In any case, the most effective security strategy is to physically shut down the wireless network so that no hacker can start. Therefore, it is recommended that users cut off the power of the wireless access point directly when they do not use the wireless network.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.