Wireless network technology is developing rapidly. In the face of growing network technology, how should we set it to be safer for enterprises? Here is a detailed introduction.
As the WEP and WPA encryption methods gradually break through, enterprise wireless networks become increasingly insecure, for intruders, as long as they can receive wireless communication packets from wireless networks, they will certainly be able to obtain the encryption key through brute-force cracking, so that the enterprise's wireless network is no longer secure. Is there a way to maximize the security of wireless communication? The answer is yes. Today I will introduce you to some tips, which can greatly increase the difficulty of wireless intruders cracking wireless networks.
Enterprise-level wireless network security settings 1. What is SSID information:
Before explaining the tips for improving security, we must first clarify the concept of SSID. The Service Set Identifier can also be written as an ESSID to distinguish different networks. It can contain up to 32 characters. A wireless network card can access different networks with different SSID settings, the SSID is usually broadcast by the AP. The scanning function provided by XP allows you to view the SSID in the current region. In short, the SSID is the name of a LAN. Only computers with the same name and SSID can communicate with each other.
Although we can hide the SSID information to improve the security of wireless communication, it seems so pale and powerless to hide it in front of professional intrusion tools, the wireless data sniffer tool can still intercept the information of the hidden SSID. In actual application, another SSID corresponding to ESSID is BSSID, which is a special application of Ad-hoc LAN called Basic Service Set (BSS ). A group of computers can have their own group with the same BSS name. BSSID cannot be hidden.
In short, BSSID cannot be hidden, and ESSID can be used by sniffer to find the actual information even if hidden.
Enterprise-level Wireless Network Security Settings 2. Changing the SSID brings enterprise wireless security to a higher level:
Since we cannot fundamentally hide the SSID information, we only need to use clever settings to increase the difficulty of hacker cracking. In the past, a few characters were randomly entered when the SSID was set. Most users use numbers or English characters as the SSID identification information. In fact, we can set the SSID information in Chinese, so that due to the special nature of Chinese characters, sniffer will automatically convert to the corresponding characters, this step is added to greatly increase the difficulty of wireless data cracking. Even if the intruder obtains the characters to be cracked, it must be properly reversed to view the specific Chinese SSID information. Next, let's take a look at how to set the SSID to a Chinese character.
Step 1: access the management address of the enterprise wireless router through the IE browser, and enter the correct user name and logon password.
Step 2: click "Basic settings" under the "wireless" tab and set the basic information of the wireless network.
Step 3: Enable the wireless function, enter the Chinese ID in the wireless network name SSID, and then save the settings and apply them.
Step 4: Our wireless network will display the Chinese SSID information. We can see that the corresponding network SSID information is Chinese through the wireless connection and management tools provided by the XP system.
Step 5: connect to and configure the Chinese SSID wireless network in a similar way, simply double-click the Input key. If the Chinese SSID wireless network is hidden, we need to use a dedicated tool to connect to the wireless network card, because the network name of the wireless management tool of the XP system does not support the Chinese name, when you enter the Chinese SSID, an error occurs. The network name SSID contains one or more invalid characters. Enter another network name.
Tips for enterprise-level wireless network security settings:
Not all wireless routers and wireless network cards support wireless networks that connect to the Chinese SSID information. In addition, if we set the SSID information to Chinese, the network connection speed may slow down, however, you don't have to worry about restoring the connection to normal once the connection is successful, but the initialization speed is slow. In addition, for some WIFI devices (PSP, PDA, and smart phones), wireless networks with Chinese SSID information may not be found. However, this phenomenon is not common.
Step 6: After setting the wireless network SSID information to Chinese, we can use some professional sniffer scanning tools to find the target wireless network, garbled characters are displayed in the SSID information, which greatly increases the difficulty of wireless network cracking. Intruders basically give up completely.