Six simple settings ensure the security of wireless network applications

Source: Internet
Author: User

Why do we need to close the network line?
The key to ensuring the security of wireless access points is to prohibit unauthorized users from accessing the network. That is to say, a secure access point is disabled for unauthorized users. Ensuring the security of wireless networks is much more difficult than ensuring the security of wired networks. Because the wired network only has a limited number of fixed access points, and the wireless network can be connected from any point in the range permitted by the antenna.

Design antenna placement

The first step to keep the Wireless Access Point Closed is to place the antenna correctly, so as to limit the semaphores that can reach the valid range of the antenna. Do not place the antenna close to the window because glass cannot block wireless signals. The ideal position of the antenna is the center of the target coverage area, and the signal leaked to the antenna is as few as possible. However, full control of wireless signals is almost impossible, so other measures need to be taken at the same time to ensure network security.

Use wireless encryption protocol

Wireless encryption protocol (WEP) is a standard method for information encryption on wireless networks. Although it has some disadvantages, it is still useful for blocking hackers. To make product installation easy and easy, many wireless device manufacturers have set the factory configuration of their products to disable WEP mode. The biggest drawback is that data can be directly read from the wireless network, as a result, hackers can immediately scan all kinds of information on your wireless network from the beginning. The Service Set Identifier (SSID) is the identifier of wireless access. You can use it to establish a connection with the access point. This ID is set by the communication device manufacturer and each vendor uses its own default value. For example, "101" is used for 3COM devices ". Therefore, hackers who know these identifiers can easily enjoy your wireless service without authorization. You need to set a unique and unpredictable SSID for each wireless access point.

If possible, your SSID should also be prohibited from being broadcasted. In this way, your wireless network will not be able to attract more users by means of broadcasting. Of course, this does not mean that your network is unavailable, but it will not appear in the list of available networks.

Disable Dynamic Host Configuration Protocol

This seems like a strange security policy, but it makes sense for wireless networks. Through this policy, you will force hackers to crack your IP address, subnet mask, and other necessary TCP/IP parameters. Even if a hacker can use your wireless access point, he must know your IP address.

Disable or modify SNMP settings

If Your Wireless Access Point supports SNMP, You need to disable it or modify the default public and private identifiers. If you do not, hackers can use SNMP to obtain important information about your network.

Access list

To better protect your network, set an access list as much as possible. However, not all wireless access points support this function. If you can do this, you can specify a machine with the right to access the access point. Access Points that support this function sometimes use TFTP (simple File Transfer Protocol) to regularly download and update the access list, thus avoiding the huge management trouble of keeping the list on all devices synchronized.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.