Under the publicity of "Free WiFi Internet access", more and more people are tempted to join the ranks of "dang" because of the temptation of "free lunch. At the same time, many people also found their wireless networks "hacked" and suspected that wireless routers were cracked by WiFi universal keys and other software. As everyone knows, "external disasters are caused by internal causes ". The wireless key leakage process is illustrated in detail below.
After a mobile phone with the network software installed is connected to its own wireless network, the network software automatically or manually uploads the name and password of the wireless network to its server. When someone else finds this wireless signal using a mobile phone installed with the network software, they can get the wireless network password to achieve the network's goal.
In other words, when you use the network software to enjoy a "free lunch", your "lunch" may also be shared by others.
2The wireless network is not encrypted.
If we compare a wireless network to a home, the name of the wireless network is a door, and the password of the wireless network is a lock of the door. If there is no lock, other people just need to find this door, they can freely access this home, or even take home things. An unencrypted wireless network is also called an open wireless network. The wireless device that finds the signal can see that the network is not encrypted, and then tries to "rub the network ".
3Wireless network cracked
Brute-force cracking is generally performed on wireless networks. Theoretically, there is no password that cannot be cracked as long as there is enough time.
The WEP-encrypted wireless password is equivalent to a class a lock (this encryption method has been removed from routers). The anti-theft coefficient is low and it can only be resisted for a few minutes; WPA/WPA2 is a super-B-level lock core with a high anti-theft factor. If the password settings are more complex, it will not be cracked in general.
1
, Affecting network stability
The total bandwidth of the home network is like a piece of cake. If someone else splits the cake, the rest may not be enough. If hackers use the network to perform large-volume operations such as P2P download or watch online videos, they will inevitably occupy a large amount of bandwidth, resulting in network cards, slowness or even disconnection, making them crazy.
2,Threatening network security
Your own anti-Leech key is carried in your pocket by others, and your home may be taken away quietly. When a network player connects to your wireless network, it is in the same LAN as you can access each other. He can access the vro management interface to tamper with the configuration information of the vro, access any computer in the same LAN, and steal files or even network account information from the computer, which has serious consequences.
The most direct method is to view the number of hosts currently connected to the wireless network displayed on the vro management interface. First, log on to the vro Management Interface (the default management address of the vro is 192.168.1.1 or tplogin.cn), and clickWireless Settings>Wireless host statusTo view the number of connected hosts, as shown in the following figure.
For example, in the use environment, you confirm that only two wireless terminals are connected to the wireless network, but the wireless host status shows that the current number of hosts is three, that means your wireless network has been hacked.
[1] set wireless encryption. Log on to the vro management page and click
Wireless Settings
>
Wireless security settings, Select the encryption method: WPA-PSK/WPA2-PSK, set the password recommended password combination of letters, numbers and symbols, and the length is preferably not less than 12 characters.
[2] set wireless MAC address filtering. If the terminal of the network is basically fixed and no one is connected to the wireless network, we recommend that you enable wireless MAC address filtering to only allow access from devices of all family members. Setting method: log on to the vro management page and clickWireless Settings>WirelessMACAddress FilteringTo add the MAC addresses of wireless terminals in the environment to the allowed List and enable the rules:
2Use with caution"Network Software"
Hazards of a mobile phone installed with the "network anti-DDoS software:
First, I had a wireless network and shared it with people around me. Then I connected wireless networks in my company and shared the wireless network of my company. I went on a business trip to a hotel and went shopping in a mall, go to a friend's house and visit the house.
Even if your mobile phone does not have a network software such as "WiFi universal key", it is hard to ensure that your wireless network has been secretly shared if it is installed on your friend's mobile phone someday. You can change the wireless password from time to prevent network attacks.
"Network software" can achieve "free WiFi access", but also has a huge security concerns, you do not know who is in the same LAN with you, just like you don't know who you are waiting for in the same room. Free, good, and rare.
Thank you for your attention in this article. Below are some answers to the questions raised in the message:
1The new router interface does not exist.MACHow can I set the address filtering function?
We recommend that you use the guest network function. The main network is only available to friends and friends. For average visitors, you only need to tell them the Wireless name and password of the visitor network. Log on to the vro management page and clickAdvanced Settings>Wireless Settings>Visitor networkEnable the guest network, set the Wireless name and wireless password, and clickSave, As shown in the following figure.
A terminal connected through a guest network cannot access the vro management interface or access intranet resources. Therefore, even if the guest installs the network software, it does not threaten your primary network. Currently, routers supporting guest network functions include: TL-WR842 +, TL-WR2041 +, TL-WDR5510, TL-WDR6500.
2What should I do if the wireless password is leaked?
If your wireless password is unfortunately leaked, we recommend that you modify the Wireless name and password, and uninstall the Wi-Fi cracking/network software on all terminals to prevent further leaks.
3, How to change the wireless password?
See section 1.1 (set wireless encryption) in section 4 (how to prevent network attacks ).
Note:If only the wireless password is changed and the Wireless name is not changed, the wireless terminal must first delete the previous network configuration before connecting to the wireless network.
4Have you installed the network anti-DDoS software before and uninstalled it now? Will it still be hacked?
If you have previously connected to a wireless network using a terminal installed with the network software, even if you have uninstalled the software, your wireless network information will still be "remembered" by the network software server, so it will still be hacked. The solution is to change the Wireless name and password, and use the new wireless name and password.
5Wireless connections used by enterprises are inconvenient to bindMACAddress, and you cannot check if someone else has installed the network software. What should you do?
In commercial environments such as enterprises, wireless networks can adopt the following policies to ensure wireless network security:
1) manages networks through VLAN and access control of vrouters. Untrusted areas should be isolated from the trunk network;
2) The AC + AP networking solution is used to assist in further authentication methods, such as Portal authentication (WEB Authentication) and WeChat authentication, so as to prevent unauthorized network attacks.