Point of View: enhance the security awareness of Wireless Access Networks

Wireless Access networks have developed rapidly. At the same time, we must pay attention to many problems, especially security. So I have studied how to enhance the security awareness of wireless access networks. I will share with you here, I hope it will be useful to you. With the development of science and technology and the improvement of people's living standards, it is very common to have more than two computers in a modern family. Many families choose wireless routers to share the Internet. Wireless Internet access frees people from the tangle of lines and allows them to surf the Internet freely in the wireless access network world. But please note that the people here refer not only to your family, but also to your neighbors or even strangers. With the introduction of the IEEE 802.11n draft, the transmission speed of the wireless access network route has also been greatly improved. However, many users only pay attention to the transmission speed, but ignore the security of wireless access networks. Taking the author as an example, seven or eight wireless connections can be found on the Chinese TV station at home, and no password is set, so you can easily "share" his network bandwidth. According to the survey, 90% of network intrusions are caused by the absence of corresponding security settings on the wireless router.

DHCP Function

DHCP is short for Dynamic HostConfiguration Protocol (Dynamic Host Allocation Protocol). Its main function is to help users randomly allocate IP addresses, this saves the trouble of manually setting IP addresses, subnet masks, and other required TCP/IP parameters. This is a user-friendly feature, but it is used by many people with ulterior motives. Generally, the DHCP function is enabled by default, so that all wireless devices in the signal range can be automatically allocated to the IP address, which leaves a great security risk. Attackers can easily obtain a lot of information about your vro through the assigned IP address, so it is necessary to disable the DHCP function.

Encryption

Nowadays, many wireless routers have the wireless access network encryption function, which is an important protection measure for wireless routers. Data Encryption in radio waves ensures the security of transmitted data information. Generally, wireless routers and APs have the WEP encryption and WPA encryption functions. WEP generally includes 64-bit and 128-bit encryption types, you only need to enter 10 or 26 hexadecimal strings as the encryption password to protect the Wireless Access Network. The WEP protocol encrypts data transmitted wirelessly between two devices to prevent illegal user eavesdropping or intrusion into the wireless access network. However, the WEP Key is generally stored in Flash, therefore, some hackers can use vulnerabilities in your network to easily access your network. WEP encryption appeared earlier and has now been upgraded to WPA encryption. WPA is a standard-based and interoperable WLAN Security Enhancement solution, the data protection and access control level of existing wireless LAN systems can be greatly enhanced; WPA enhances the algorithm for generating encryption keys, even if hackers collect and parse group information, it is almost impossible to calculate a general key. The emergence of WPA makes network transmission more secure and reliable.

SSID Broadcast

In short, the SSID is the name you give your wireless access network. When searching for a wireless network, your network name is displayed in the search results. Once attackers use a common initialization string to connect to the wireless network, it is very easy to intrude into your wireless access network. Therefore, I strongly recommend that you Disable SSID broadcast.

Note that the access point of a specific model or the default SSID of the router can be easily searched on the Internet, such as "netgear, linksys, etc.", so you must replace it as soon as possible. For general families, select a name that is quite different. If you disable the SSID and search for a wireless network, you will find that the wireless network is ignored by the wireless network adapter because no SSID is broadcast. Especially when you use Windows XP to manage wireless access networks, the goal is to keep wireless networks invisible. However, disabling the SSID will slightly reduce the network efficiency, but greatly improve the security. Therefore, disabling the SSID broadcast is very worthwhile.

IP address filtering and MAC address list

Because the MAC address of each Nic is unique, you can set the MAC address list to improve security. After the IP address filtering function is enabled, only users of the IP address in the MAC list can access the wireless network normally. Other users that are not in the list cannot connect to the network. In addition, You must select the "allow only valid MAC addresses in the configured MAC address list to access the wireless network" option in the "filter rule, otherwise, the wireless router will prevent all users from connecting to the network. This method is very practical for home users. Just add several computers in the home to the list, which can avoid the "network" of neighbors and the intrusion of attackers.

Active update

Search for and install the latest firmware or driver updates for the used wireless router or wireless network card to eliminate previous vulnerabilities. In addition, you can download and install the wireless function updates of the operating system, such as Windows XP SP3 or Vista SP1, to better support the use and security of wireless access networks, enable your device to have the latest functions. Wireless Access networks are getting faster and faster, and wireless networks should be more and more secure. In fact, you only need to perform the preceding simple settings to increase your security level a lot. Wireless Access to the network environment is not as simple as connecting to the network, so that you can use the security work at home with greater peace of mind.