Wireless Network security issues are increasingly concerned by all sectors, whether in the family or enterprise. There are not a few articles about network anti-DDoS and wireless network attacks. It seems that our wireless network is in danger. So how can we ensure the security of our wireless network?
I walked through a local commercial Park, and there were about 15 wireless access points developed to the public, and several of them could access the company's network without authentication. If you use a wireless network interface to open your handwriting book and move around in the city, it's nothing strange. To ensure the security of your wireless network and protect your wireless network from the war-driver for finding access points: war Driver is carrying a standard laptop and wireless NIC card driving around the city's commercial district. In this way, you can accurately determine the location of all the 802.11 networks in the region and whether they use WEP .) It is very important to improve the security of wireless access points using basic methods such as authentication and encryption.
Wireless access points can be configured to broadcast Access Point SSID and domain name, which is usually not required. By disabling broadcast, you can largely stop disclosing your network to the outside world. Yes, the SSID is transmitted when the wireless node is connected to the wireless network, but it is not common in comparison. The SSID should be set to not describe the enterprise information, making it more difficult for hackers to understand the owner of the wireless network.
Wireless Network security encryption can protect people from reading data during data transmission and can be used with Wired Equivalent confidentiality (Wired Equivalent Privacy, WEP), WPA, EAP-TLS, or virtual private network software. WEP lacks real authentication, but uses a static encryption key. However, static encryption keys can be obtained in a short period of time by using free software, which provides little protection to constantly eavesdroppers. WPA requires authentication and uses a long dynamic encryption key, which may be compromised. However, WPA does require compatible client hardware and software. EAP-TLS uses digital certificates to authenticate and encrypt wireless traffic using SSL, but requires a certain degree of complexity in the PKI architecture.
Wireless antennas usually have power settings that allow you to adjust the signal transmission intensity. It is best to adjust the antenna so that they can cover the areas requiring wireless access, rather than accessing areas where hackers may be lurking.
Most wireless access points also allow access to restricted Media Access Control (MAC) addresses. MAC addresses are hardware addresses used only to identify each network node. But be cautious. It can also be attacked by using a passive wireless sniffer that can capture the MAC addresses of devices allowed on the network. Once obtained, the hacker can pretend to be his MAC address, and it is not limited to that layer. Limiting MAC addresses can increase the layer that must be broken. It is worth considering.
This is a brief introduction to Wireless Network Security Basics and risks, but it allows you to fully view and manage wireless network security and wireless access point security policies.