How to prevent the security hidden trouble of wireless internet?

What are the hidden dangers of wireless internet access:

As you know, wireless network nodes can be radiated to a range of about 300 meters, as a result, any computer with a wireless card installed within 300 meters can access the wireless network node and may enter the wireless network; it is obvious that this convenient way of accessing the wireless network poses a security threat. For example, a hacker computer within 300 meters also has the opportunity to access your wireless network, to control the "every move" in your computer; Although wireless networks are not as strict on the confidentiality of the information as they are wired, you certainly don't want illegal attackers to be easily aware of your whereabouts on the Web, For example, what websites you visit, what privacy messages you send out, etc., are likely to be known to illegal visitors.

What's more, illegal visitors who are not far away from you can easily steal your online account information as soon as they get into your wireless network, which can give you more security damage. Therefore, in the face of the security risks of wireless networks, you must act in time to take action, such as through encryption technology or network authentication identification technology, to ensure that only your prior designated users or network devices to access to your wireless network, and other operations that want to force access to your wireless network using a variety of wireless network technologies will be rejected.

　　The security status of wireless Internet access:

As a result of the wireless network congenital technical flaw, caused the wireless internet security to now has not been completely guaranteed; However, if the wireless Internet users take timely and effective response measures, it can increase the difficulty of illegal attackers to invade wireless networks.

Generally speaking, the security of the network, mainly in the data encryption and control access these aspects, data encryption can ensure that the transmission of information can only be expected by their own network users to accept and understand, and control access to ensure that the network information can only be granted by authorized users. For a typical network, its information is transmitted through the cable to the designated destination, and as long as the physical link is not compromised, the normal network information will not be compromised, but the wireless network information is transmitted through microwave radiation, so in the area covered by the Wireless network node, All wireless workstations are likely to receive network information, and wireless network nodes cannot ensure that information can only be transmitted to a specific receiving device, so the data confidentiality of wireless Internet access is less than that of a wired network.

The current technical protocols of IEEE 802.11A, IEEE 802.11B, and IEEE 802.11g, which are used by wireless networks, all support the security setting of wireless Internet, and can ensure that the wireless network authenticates each Internet user by setting network parameters rationally. Of course, The Wireless network security setting function only has the GUARD function to the general intrusion, if encounters the attack level slightly higher some users, the wireless network security setting function can not be helpless.

　Wireless Security Response measures:

What measures should be taken to ensure the safety of wireless networks for ordinary wireless network users? In order to make wireless Internet as safe as possible, this article specifically provides you with some of the following wireless network security measures:

　1. Set up network key correctly

As you know, in the default state, wireless network node manufacturers for the convenience of primary users to install wireless network, specifically the wireless network node data transmission encryption function set to "Disable", so that the user first access to the network is not safe, illegal attackers are easy to use professional sniffer tools, Intercepts the plaintext data that is transmitted in the wireless network. For this reason, when you first connect to a wireless LAN, you must remember to set the network key, to encrypt the data transmitted in the wireless network, so as to effectively resist the illegal intrusion of ordinary hackers.

Before you set up your network key, you must first install the wireless network card, at the same time the wireless card IP address and the mask address, set to the wireless node with the IP address, mask address in the same network segment; then open the IE browser in the workstation and enter the default IP address of the wireless network node in the Address bar ( At present, most of the wireless network node's IP address is "192.168.1.1", if not connected, you can see the corresponding equipment operating instructions, into the Wireless network node management login page, enter the password (the password can be found in the wireless network node instructions), You can set the security of the Wireless network node on the page that follows. Click the security option in the Wireless Network node management page to select the WEP encryption feature and set the password string according to the different encryption types; If you choose a 64-bit encryption type, then you must enter a 10-bit string as the encryption password, if you choose 128-bit encryption type, You must set the number of digits for the password to 26 digits. After the password is set up, power off the wireless network node and then power on again so that the wireless network node will reboot and the network key will not take effect.

Below, you must also set up the connection properties of the wireless network in the workstation in order to securely connect to the wireless LAN. Click the start/settings/network and dial-up connections options. Right-click the Wireless connection option under the option, and then, on the right-click menu, open the Wireless Network Property Settings window by clicking Properties, and clicking the Wireless Network Configuration tab of the window. And on the tab page, select the wireless network that has encryption enabled, then click Properties, select the Association tab in the subsequent Properties window, and then check the data encryption (WEP enabled) option on the label page so that the network key settings item is activated. Then you can correctly enter the wireless network node access password, and then click "OK", you can make the workstation securely connected to the wireless network.

　　2, change the default SSID settings

In the default state, the manufacturer of the wireless network node uses the SSID (initialization string) to verify connection requests that attempt to log on to the wireless network node, and may be successfully connected to the wireless network once the test is passed, but since the same SSID name is used by the same manufacturer's wireless network node, This provides an intrusion convenience for attackers attempting to connect illegally to wireless networks, and once they connect to a wireless network with a generic initialization string, it is easy to build an unauthorized link that threatens the security of the wireless network. To do this, in the initial installation of a wireless LAN, you must be in time to log on to the Wireless Network node Management page, open the SSID settings option, reset the initialization string, it is best to make it difficult to guess; and in order to avoid illegal links more effectively, you'd better cancel the SSID webcast if conditions permit , which minimizes the chance for hackers to invade.

Of course, after the SSID name changes in the wireless network node, you must also modify the SSID service name in the Wireless Network Properties Settings window of the workstation to ensure that your workstation is successfully connected to the wireless network. Modifying the SSID name in a normal workstation is actually very simple, as long as you're in the Wireless Network Connection Properties window, click the Wireless Network Configuration tab, and then, on the tab page, select the Wireless network node name, and then click the Properties button, and in the Next Pop-up Link tab page, Enter the new SSID name directly in the service name (SSID) text box, and then click OK to make the settings effective.

　　3. Suitable placement of antennas

Because the wireless network node is the wired signal and the wireless signal transforms "the pivot", the location of the antenna in the wireless network node can not only determine the wireless local area network signal transmission speed, communication signal strength, but also can affect the wireless network communication security, the wireless network node in a suitable location is very necessary! Before placing an antenna, you'd better make sure that the wireless network node's communication signal coverage is large, and then according to the scope of the size of the antenna to other users can not "touch" place. For example, if the Wireless network node signal transmission capacity within 30 meters, and now you want to build a small wireless LAN in 100 square meters of space, it is best to place the wireless network nodes in the center of the space, while the other workstations scattered in the wireless network node four-week placement, Such a dozen in other rooms will not automatically search your wireless network, then the wireless network is not prone to the danger of signal leaks. If you place a wireless network node in a window or wall position, not only will it affect the external launch of the signal, but also the workstation users on the other side of the wall can easily search and connect to your wireless network, so your network security will be greatly reduced.

　　4, do other preventive work

In order to better protect the safety of wireless networks, you can also carry out some other effective security precautions according to the different functions of wireless network nodes. For example, if the wireless Network access node supports Simple network management (SNMP), the author recommends that you try to shut down the feature to prevent illegal attackers from easily accessing the entire wireless LAN's privacy information through wireless network nodes. If your wireless network node also supports access list functionality, you can use this feature to precisely limit which workstations can be connected to wireless network nodes, and those that are not in the access list are not authorized to enter the wireless network. For example, considering that each wireless Internet card has its own MAC address, you can create a "Mac access control Table" in a wireless network node device, and then enter the MAC address of the network card that you think is legitimate, and then only the MAC address displayed in the Mac Access control table. To get into your wireless network.