How to Prevent Network Attacks

In the past few days, I felt that the Network was suddenly slow. At first I thought it was a line problem. I didn't care much about it, but it was so depressing for several consecutive nights! When I started the P2P Terminator, I found that there were three sub-computers connected to the Internet, and the speed of one of them reached 250 K! No wonder it's slow. The bandwidth of 2 m is almost fully occupied by it. what's even more depressing is that this machine is not in our house yet. It was originally hacked!

Have you been hacked today? I 'd like to ask!

Let's talk about how to check whether your computer has been hacked!

(1) If you use the XP system, you can open "Network Neighbor" -- "Working Group Computer", and use win7 to open "network" to see how many computers are displayed. If you only have one computer, only one computer is displayed. If there is more, someone else will miss the Internet.

(2) enter the IP address of the router in the address bar of the browser, which is 192.168.0.1. Enter the user name and password (the default user name is admin, And the password is blank) and press OK, click "Network Settings" -- "DHCP server" -- "client list" to see how many computers are there.

(3) Use the corresponding Internet access control software, such as the P2P Terminator. Generally, the software displays all the computers connected to the same vro and the download speed.

Next, let's briefly talk about the methods used by the network owner!

Generally, wireless routers and APS support WEP, WPA, and wpa2 encryption methods. In contrast, WEP encryption is easy to crack, while WPA and wpa2 authentication methods depend on the encryption method used.AlgorithmIn personal mode, TKIP may be cracked within 1 minute to 20 minutes. For more advanced AES, unless it is violent or dictionary attack, it is impossible to crack.

There are two types of network: Software network and hardware network. Software network is the accumulation of wireless data packets by listening to some software according to the algorithm standards supported by 802.11n, in this way, we can automatically analyze the data and crack the keys corresponding to the desired wireless network, such as spoonwep2, a tool for obtaining the wireless encryption key, or winaircrackpack, a tool for wireless LAN scanning and key cracking.

The hardware network is a hacker network, which is generally referred to as the card king and card King. The hacker network itself has nothing to do with. What makes it a powerful tool of the network is the so-called installation disc attached to it, the installation disc generally provides a lite Linux system named bt3 and the cracking software. The hacker who wants to hack into the network installs bt3 on his computer directly or through the vmwarevirtual machine, you can use its cracking software to search for and crack wireless network passwords. This software is one of the software mentioned in the above software network. It can be downloaded for free from the Internet. Theoretically, it is possible to crack the wireless network with the render net, and most of the render net devices have a great deal of radiation, it is unhealthy, so people who buy the internet player have the potential to be dumb, haha.

Finally, let's talk about how to prevent network attacks!

We take DIR-605 wireless router as an example, to see what needs to be set, we can avoid being rubbed.

Step 1: Modify the SSID
Log on to the vro configuration page and click "wireless installation ".

As you can see, the SSID in the default vro status is dlink and the SSID is broadcast.

Modify the SSID name to testwpa. The reason for this change is to avoid conflict with the SSID of similar products, resulting in a blocked wireless network connection and preventing attackers from easily guessing the SSID.

Step 2: Hide the SSID
After the SSID is modified, select "enable hidden wireless" at the bottom. In this case, we generally use Windows Wireless Management.ProgramIf you search for a wireless network, your wireless network will not be found.

Step 3: Set wireless security encryption
Generally, the factory-based wireless security mode of the router is disabled. That is to say, the wireless network is not encrypted by default, and any PC can be connected with a wireless network card. So the most important step we have done now is to encrypt our wireless network. As mentioned above, the current WPA/wpa2 encryption method is the safest, here we select "enable WPA/wpa2 wireless security (enhancement )".

After enabling, you will see the following information about WPA/wpa2. Select the highest security level AES for the password type, and enter the password you want to set in the network key field, the password must be 8-63 ASCII characters. That is to say, you can enter more than 8 letters, numbers, or special characters. The higher the complexity of the password, the more difficult it is to crack. The remaining options remain in the default status.

The above SSID is modified and hidden. After wireless encryption is completed, you can use the "Save settings" button to make these functions take effect. If the functions of your vro are not in the same configuration interface, you can set and save them one by one to take effect.

Step 4: Change the Administrator Password

In "Settings Management", enter "new password", then enter "Confirm Password", and click "Save settings" to make the settings take effect.

In the third step above, we also see that the wireless network key on the configuration interface is not displayed as the origin or * character, therefore, if other people connect to your LAN, they can log on to your vro to view the configuration information, including the wireless key, in addition to sharing your network resources, it is also likely that your ADSL account and password will be leaked. To avoid this situation, we will add a password for your vro management permission. Generally, if the vro password is null or admin by default, you can maintain the vro ".

After configuring the preceding content, you must enter the password you just set before logging on to the vro again.

Step 5: Add MAC address filtering

Return to the vro configuration page, find the Mac Filtering Rule, and select "enable Mac filtering to allow computers in the list to access the network ", add the MAC addresses of the PCs you are sure you want to connect to on the DIR-605 one by one, you can add a total of 25, and finally click Save settings for it to take effect. After this feature is configured, PCs that do not appear in MAC filter rules cannot connect to the DIR-605 properly.

Appendix:

How do you connect to a wireless network that hides the SSID? The following uses the WINXP system as an example.

We set the wireless network with the SSID testwpa but hidden its SSID. Therefore, when we use XP's "view available wireless networks, it cannot be searched.

Now click Change advanced settings and the Wireless Network Connection Properties dialog box appears, where we create a wireless network manually so that we can connect to the DIR-605. As shown in, click "add ".

(1) In Network Name (SSID): Fill in the SSID we set in the DIR-605 ------ testwpa;

(2) wireless network key: Select WPA2-PSK for network verification; select AES for data encryption; then fill in the wireless network key set on the router and confirm.

Click OK.

Also, check the "verify" tab to make sure that "enable IEEE 802.1x authentication for this network" is not checked.

After completing the preceding content, you can find the available network testwpa we just created in the wireless network connection attribute ------ network of choice.

Click OK again, and make sure that your wireless network connection automatically gets the IP address, then the wireless network will automatically connect to the DIR-605.