Protect wireless Security Understanding wireless network intrusion Method

For the average person, only to enjoy the convenience of wireless, but not to pay attention to security, it is very easy to be individual "conscientious" swoop in, in fact, the intrusion of wireless network does not require a high technical content, as long as some simple computer and network common sense, and the method of prevention is very simple, Just a lot of people greedy for a while not to pay attention to, and see the Hero soldier story.

I came home from work that day, and in the elevator, listening to the two sisters who lived downstairs, were enraptured to describe how the family was wirelessly connected to the Internet, thought, on weekdays, these two computer blind incredibly also played wireless, before the computer has a happens always asked me to see, this time such a big thing actually put me on one side, in the elevator when I transparent. I am very angry, the consequence is very serious, see how I pack you, guarantee not out tonight, these two small mm must be carrot and stick to ask me to help, think of here can not help to send out the Yin yin cold laughter.

MM next to the hacker

After having a absent-minded meal, I scoop a notebook to the balcony, this location closest to the family's study, if not mistaken, wireless router should be placed next to the study computer, in the balcony signal should be the strongest, night around 8 o'clock, looking at the dark outside the house, it is time to start.

When the notebook is powered on, enter "Devmgmt.msc" to open Device Manager in the run, start the Intel Wireless/pro 2915ABG Wireless module in the network adapter, set the wireless connection properties, and set the IP address automatically in the Internet Protocol properties. Then enter "Ipconfig/renew" in the command prompt to return the result:

Ethernet Adapter Wireless network connection: Connection-specific DNS Suffix. : Domain IP address. ........... : 192.168.1.100 Subnet Mask ........... : 255.255.255.0 Default Gateway ... . : 192.168.1.1

The result gave me a thrill, it looks like it, then enter "Ipconfig/all" and see that the DHCP server parameter is really 192.168.1.1, which means that my notebook has received the sister's wireless router.

Anti: Wireless routers turn on DHCP server features by default, which can facilitate client address assignment and management, but also make intruders easy to access, and can be deactivated for security reasons. Log on to the Web management interface of the wireless router, and in the DHCP project, select the "Do not enable" option to manually specify the IP address and default gateway by the client

Verifying the wireless router's

Unexpectedly so easy to access the wireless router, it seems that the sisters really little security awareness is not, then the implementation of the wireless router to identify the real.

Each network device has a globally unique "id" number, wireless router is no exception, the format such as: 5254ab1d917a, in this string of 12-bit 16 characters, the first 6 to mark a specific manufacturer, after 6 to mark specific products, to verify the real wireless router, this is good to do, Enter "Arp-a" in the command prompt to see the result returned:

INTERFACE:192.168.1.100--0X2 Internet Address Physical Address Type 192.168.1.1 00-0A-EB-D5-1C-A2 dynamic

With the wireless router's MAC address, I immediately opened IE, to the IEEE Web site to check this address is assigned to which vendor, so enter the top 6 "00-0a-eb" input to the search for a column (Figure 2). The results shown in Figure 3 are displayed in the returned Web page. Originally the sister bought is Tp-link wireless router, away from the target and a step closer, I hei hey to laugh.

Anti: Each network equipment in the factory burned a designated MAC address, you can identify the manufacturer from the address, in order not to allow the wireless router to allow others to identify, can be arbitrarily modified to other MAC address. In the Web management interface of the wireless router, expand network parameter →mac address cloning, and modify the top 6 digits to other.

Wireless Router Confidential disclosure

Although know the wireless router's manufacturer is Tp-link, but I still cannot start, because does not know the specific product model, but does not need to worry, the manufacturer in the different product likes to use the same account password and so on the parameter, this is good to begin.

Although there is no tp-link wireless router instructions, but to check its default account password is very simple, immediately to Baidu website, "Tp-link wireless router default password" for the keyword search, if not surprisingly, in the first screen of a page will find clues.

If there is no mistake, the default account and password are admin, ask the Lord Bless the Sisters will not change. Sure enough, in the IE Address bar input "192.168.1.1", in the pop-up verification screen input Admin, enter the wireless router Web management interface.

Anti: For security reasons, the wireless router should immediately modify the default account number and password in the initial use, in the Web management interface, expand the "System tools → modify login Password", enter a new username and password.

No-man

Since the wireless router's highest administrative rights are readily available, the next is No-man, at this time I was thinking about how to do the damage, is the wireless router chaos set up a pass? Update a mismatched firmware to kill the wireless router? or modify the parameters of the Internet so that they can not QQ? Think about it, finally I decided to go to the end, The premise is not to cause irreparable damage to them, but also can not allow them to repair themselves, the purpose is to let them move reinforcements, of course, is to find the soldier, so the hacker action began ...

In the Web management interface, access to the DHCP server's client list, see the Client a total of 3, if not mistaken, these 3 should be my notebook and sister two computers, copy their two computer MAC address, and then open the wireless router firewall, open MAC address filtering, prohibit the set The MAC address list has enabled MAC addresses to access the Internet, allowing other MAC addresses to access the Internet.

Then the MAC address of the sister two computers is added to the MAC address filter. Restart the wireless router in the System tool, shut down IE immediately after the operation completes, cover the notebook screen, sneak into the living room to watch TV.

Anti: If the wireless router's highest authority is stolen, it will be difficult to do anything to prevent it.

Fulfilled

About 10 minutes later, at 9 o'clock, the doorbell as scheduled and rang, I opened the door friendly, asked the visitors have anything, she said that the home how no reason on the net, told me to go down to see, I without further ado then went on. Looking at the two sisters to me this master great dedication, I will not panic in the computer on the east to change the West change. In fact, the remedy is very simple, pretending to be busy on the computer for a while to play the master, so that they mistakenly solve the problem is difficult. The sisters treated me like God, they also just tricks, because of their hospitality, I drank two bowls of sweet soup, the heart is also Zizi, time is not early, I put forward to go back, at night in bed to think up still have to endure the handsome, sleep still laugh aloud.

Save: In fact, the sisters do not know on the network is a computer failure, or wireless router problems, or telecommunications problems, and for me to know the problem, you can prescribe the right thing, first off the wireless router, and then press the body of the reset button, and then connected to the power on the wireless router will be restored to the factory settings, Firewall and MAC address filtering information will be deleted, while the Internet account and other parameters are retained.