Now, most families have become a trend to access the Internet through the formation of wireless networks. Yet how many people know that there are so many cyber-security problems lurking behind this trend. In principle, wireless networks are more vulnerable to intrusion than wired networks, because the attacked computer and the attacking computer do not need the connection on the network cable device, he can enter your intranet, access the resources, if the data you transmit in the internal network is not encrypted, as long as it is within the effective range of your wireless router or repeater. More likely to be prying into your data secrets. In addition, the wireless network in terms of its development history, far less than the cable network long, its security theory and solutions are far from perfect. All of this leads to the safety of wireless networks teaching wired networks to be poor. In this article, let me show you how to make your wireless network safer and more reliable with some security measures.
1. Modify user name and password (do not use default username and password)
A typical home wireless network accesses an external network by means of a wireless router or repeater. Typically, these routers or repeater device manufacturers provide a Management page tool to establish a wireless network for users to set up these devices. This page tool can be used to set the device's network address and account information. To ensure that only the device owner can use the Admin page tool, the device usually has a login interface, and only users who enter the correct username and password can enter the admin page. However, when the device is sold, the manufacturer gives each model the same default username and password, unfortunately, many home users will not be able to modify the device's default username and password after they have purchased the equipment. This allows hackers to have an opportunity. They can easily find the address of the device by using a simple scanning tool and try to login to the admin page with the default username and password, and immediately gain control of the router/switch if successful.
2. Using encryption
All wireless networks provide some form of encryption. As I mentioned before, an attacking computer is a great opportunity to access the wireless network if it is within the range of the wireless router/repeater, and once it has access to the internal network, all the data transmitted in that network is transparent to him. If these data are not encrypted, hackers can use a number of packet sniffing tools to grasp the packet, analyze and spy on the secret. Turn on your wireless network encryption so that even if the data you transmit on the wireless network is intercepted, there is no way (or is not so easy) to read. There are already several encryption technologies in the wireless network. Usually we choose the encryption technology that is the most powerful. Also note that if you have multiple wireless network devices in your network, the encryption techniques for these devices should be selected in the same way. (Computer science)
3. Modify the default service area identifier (SSID)
Usually each wireless network has a service Area identifier (SSID), the wireless client needs to join the network needs to have a same SSID, otherwise it will be "shut out." Typically, router/repeater device manufacturers have set a default SSID in their products. For example, the SSID of a Linksys device is usually "Linksys". If a network does not specify an SSID for it or only uses the default SSID, then any wireless client can access the network. This has undoubtedly opened the door for hackers to invade the network.
4. Prohibit SSID broadcasts
In wireless networks, each routing device has a very important function, that is, service area identifier broadcast, that is, SSID broadcast. Initially, this feature was designed primarily for commercial wireless networks with a particularly large flow of wireless network clients. A wireless network in which the SSID broadcasts is turned on, and its routing device automatically broadcasts its own SSID number to the wireless network client within its valid range, which is used by the wireless network client to use the SSID number to access the network. However, this feature has great security implications, as if it automatically opens the door for hackers who want to enter the network. In a business network, because of the need to sacrifice security to enable this feature to meet the frequently changing wireless access, the network member is relatively fixed as a home wireless network, so it is not necessary to turn on this feature.
5. Set MAC address filtering
As we all know, basically every network contact device has a unique logo called Physical address or MAC address, of course, wireless network equipment is no exception. All routing devices, such as routers/repeaters, track all their packet-source MAC addresses. Often, many of these devices provide operations on MAC addresses so that we can prevent illegal devices (hosts, etc.) from accessing the network by establishing our own list of quasi-MAC addresses. However, it is worth mentioning that this method is not absolutely effective, because we can easily modify their own computer network card MAC address, I have an article specifically describes how to modify the MAC address.
6. Assigning static IP to your network device
Because DHCP services are becoming easier to build, many home wireless networks use the DHCP service to dynamically assign IP to clients on the network. This leads to another security risk, that is, the attack side of the access network can easily get a legitimate IP through the DHCP service. However, in the members of a very fixed home network, we can by assigning a fixed IP address to the network member device, and then set up the router to allow access to the device IP address list, which can effectively prevent illegal intrusion, protect your network.
7. Identify your location and hide your router or repeater.
It is well known that devices such as wireless routers or repeaters transmit data in the form of radio waves, and that data propagation has a valid range. When your device is covered far beyond your home, then you need to consider your network security, because in this case, hackers may easily be able to log into your home wireless network. In addition, if your neighbor also uses a wireless network, you also need to consider whether your router or repeater coverage will overlap with the neighbors, if the overlap will cause conflicts, affect your network transmission, once this happens, You need to set up a band (also called channel) that is different from your neighbor's network for your router or repeater. According to your own family, choose the appropriate effective range of routers or repeaters, and choose the location of their placement, generally speaking, the most suitable for the middle of the family home.