Redescribe Wireless Router Security Settings

There are too many articles about wireless router security settings, so we will emphasize the related content of wireless router security settings through testing, consolidate the configuration knowledge ｡

Major brand manufacturers have added key and forbidden SSID broadcast methods in the configuration design of wireless routers. But are these security settings really effective? The following uses wireless devices that support the IEEE 802.11g standard as an example to illustrate how to solve the problems one by one through actual tests ｡

Set network keys for Wireless Router Security

Wireless encryption protocol (WEP) is a standard method for encrypting data transmitted in wireless networks. Currently, most wireless devices only have WEP encryption, more secure WPA encryption is not widely used ｡

Currently, there are two key types for a wireless router or AP. For example, the wireless router used has a 64-bit and 128-bit encryption type, enter 10 or 26 strings as the encryption password respectively ｡

We would like to remind you that the data transmission encryption function is disabled when many wireless routers or APs are leaving the factory. If you use it without further settings, then your wireless network becomes a "unlimited" decoration. Therefore, it is extremely important to encrypt your wireless network ｡

Test results: the 64-bit encryption method is used. During the test, the existence of the wireless Network is found through software such as Network Stumbler. However, the wireless Network cannot be used because the password cannot be obtained ｡

Disable SSID broadcast in Wireless Router Security Settings

In layman's terms, the SSID is the name you give your wireless network. Note that the wireless routers or APS launched by the same manufacturer use the same SSID, once attackers attempt to connect to the wireless network using a common initialization string, they can easily establish an illegal connection, which poses a threat to our wireless network, we recommend that you name the SSID as a personal name ｡

A wireless router generally provides the "allow SSID broadcast" function. If you do not want your wireless network to be searched by someone else using the SSID name, we recommend that you Disable SSID broadcast. your wireless network is still available, but it will not appear in the list of available networks found by others ｡

TIPS: After the SSID broadcast is disabled, the efficiency of the wireless network will be affected. However, in exchange for improved security, it is worthwhile ｡

Test results: because no SSID is broadcast, the wireless network is ignored by the wireless network adapter, especially when Windows XP is used to manage the wireless network, it achieves the goal of "Hiding eyes and ears ｡

Disable DHCP in Wireless Router Security Settings

DHCP can automatically assign IP addresses to each computer in the wireless LAN. You do not need to set IP addresses, subnet masks, and other required TCP/IP parameters. If DHCP is enabled, so that others can easily use your wireless network. Therefore, it is necessary to disable the DHCP function for wireless networks ｡

Set the DHCP server to "disabled" under the "DHCP server" setting of the wireless router ｡

Test results: Because the IP address and DNB server information cannot be obtained, the network is still unavailable even if the wireless network signal can be found ｡

Enable MAC address and IP address filtering in Wireless Router Security Settings

When you enable the MAC address filtering function in the settings of a wireless router, note that, in the filter rule, you must select the option "only allow valid MAC addresses in the configured MAC address list to access wireless networks ｡

In addition, if DHCP is disabled in the wireless LAN, we recommend that you set a fixed IP address for each computer that uses the wireless service, then, enter these IP addresses in the IP address permitted list. After the IP address filtering function of the wireless router is enabled, only users of the IP addresses in the list can access the network normally, and others can only be stunned ｡

Test Results: After the MAC address filtering and IP address filtering settings are completed, even if some people barely intrude into the wireless network, the MAC address and IP address are disabled by the filtering function of the wireless router, therefore, the wireless network is still unavailable ｡

Wireless Router Security Settings Summary

In fact, during the actual test, we found that any method mentioned above can protect your wireless network, so ordinary users do not have to worry about it and can use it with confidence ｡

In addition, if you use public wireless networks at airports, conference rooms, and other public places, remember to disable your own documents and print sharing functions, this type of shared documents can be easily accessed by another client in the same LAN ｡