In response to the various problems in network security, how we should solve, here is to tell us a truth, to start from the security aspect, this is the key to solve the problem. One of the outstanding problems with corporate wireless networks is security. As more and more companies deploy wireless networks, they connect employees, professional partners, and the general public to the company's systems and the Internet. The need to enhance the security of wireless networks is becoming increasingly urgent. Fortunately, as more and more companies become more aware of the threats to wireless networks and the ways to deal with them, the threat gap between wired and wireless networks is getting smaller.
Wireless network threats
Wireless network security is not a stand-alone issue, and businesses need to recognize that attackers should be dealt with on several fronts, but many of the threats are unique to wireless networks, including:
1. Insert attack: Insert an attack to deploy an unauthorized device or create a new wireless network, which is often not a security process or safety check. The access point can be configured to require the client to enter a password when accessing. Without a password, an intruder can connect to the internal network by enabling a wireless client to communicate with the access point. However, some access points require all clients to have the same access password. This is very dangerous.
2. Roaming attackers: Attackers do not need to be physically located inside corporate buildings, and they can use network scanners such as NetStumbler tools. Wireless networks can be sniffed out on mobile vehicles using laptops or other mobile devices, a activity known as "wardriving"; Walking down the street or performing the same task through the corporate web site, this is called "warwalking".
3. Fraudulent access point: the so-called fraudulent access point is the access point that is set up or exists without the permission or knowledge of the wireless network owner. Some employees sometimes install fraudulent access points that are designed to circumvent the security practices that the company has installed and create covert wireless networks. The secret network, though largely harmless, can construct a unprotected network and thus serve as an open gateway for intruders into the corporate network.
Of course, there are other threats, such as client-side attacks (including denial of service attacks), interference, attacks on cryptographic systems, and incorrect configuration, all of which are factors that can pose a risk to wireless networks.
Three ways and six ways to realize wireless network security
For closed networks, such as some home networks and unit networks, the most common approach is to configure access restrictions in network access. This limitation can include encryption and checking of MAC addresses.
Because wireless networks provide attackers with many opportunities to enter and compromise corporate networks, there are a number of security tools and technologies that can help organizations secure their networks:
Specifically, there are several protection methods:
1, Firewall: A robust firewall can effectively prevent intruders through wireless devices into the enterprise network attempts.
2. Safety standards: The earliest security standards WEP has proven to be extremely insecure and vulnerable to security attacks. Newer specifications, such as WPA, WPA2, and ieee802.11i, are more robust security tools. Enterprises adopting wireless networks should make full use of one of these two technologies.
3, encryption and authentication: WPA, WPA2, and ieee802.11i support built-in advanced encryption and authentication technologies. WPA2 and 802.11i provide support for AES (Advanced Encryption Standard), which has been adopted by many government agencies.
4. Vulnerability scanning: Many attackers use network scanners to continually send messages that probe neighboring access points, such as probing their SSID, Mac, and so on. Companies can use the same approach to identify vulnerabilities that can be exploited by attackers in their wireless networks, such as finding unsafe access points.
5, Reduce power: Some wireless routers and access points allow users to reduce the transmitter power, thereby reducing the coverage of the equipment. This is a practical way to restrict access to illegal users. At the same time, carefully adjusting the position of the antenna can also help prevent the signal from falling on the thief hand.
6. Educating users: Enterprises should educate their employees to use wireless devices correctly and require employees to report any abnormal or suspicious activity they detect or discover.