Six simple tips for wireless network security

Wireless network systems can cause serious security problems if they do not take appropriate security measures, whether the wireless system is installed at home or in the office. In fact, some providers of Internet services for residential areas have banned users and other unauthorized people from sharing networking services in their service agreements. An insecure wireless network can cause services to be lost or exploited to launch attacks on other networks. To avoid some of the similar wireless network security vulnerabilities, here are six convenient wireless network security tips.

Why do you want to turn off network lines?

The key to securing wireless access points is to prohibit unauthorized users from accessing the network. That is, a secure access point is closed to an unauthorized user. It is much more difficult to secure a wireless network than to secure a wired network. Since the wired network has only a limited number of fixed access points, the wireless network can be accessed from any point within the antenna's allowable range.

Design The placement of the antenna

The first step in keeping the wireless access point closed is to place the antenna properly, limiting the amount of semaphores that can reach the effective range of the antenna. Do not put the antenna near the window, because the glass can not block the wireless signal. The ideal position of the antenna is the center of the target coverage area, and the signal leaked to the wall is as small as possible. However, full control of wireless signals is almost impossible, so there are other measures that need to be taken at the same time to ensure network security.

Using the Wireless Encryption protocol

Wireless Encryption Protocol (WEP) is a standard method of information encryption on a wireless network. Although it has some drawbacks, it is still useful to block hackers. In order to make product installation easy, many wireless device EP mode, the biggest drawback is that the data can be directly read from the wireless network, so the hacker from the start of your wireless network can immediately scan all kinds of information on the wireless network. The

Changes the service Set identifier and prevents the SSID broadcast

Service Set Identifier (SSID) as the identity identifier for wireless access, which the user uses to establish a connection to the access point. This identity identifier is set by the communication device manufacturer, and each vendor uses its own default value. For example, 3COM devices are used "101". As a result, hackers who know these identifiers can easily enjoy your wireless service without authorization. You need to set up a unique and unpredictable SSID for each of your wireless access points.

If possible, you should also prohibit your SSID from broadcasting outward. In this way, your wireless network will not be able to broadcast to attract more users, of course, this is not to say that your network is not available, but it will not appear in the list of available networks.

Disabling Dynamic Host Configuration Protocol

This seems like a strange security policy, but for wireless networksCollateral, it makes sense. With this strategy, you will force hackers to crack your IP address, subnet mask, and other required TCP/IP parameters. Because even if a hacker can use your wireless access point, he needs to know your IP address.

To disable or modify SNMP settings

If your wireless access point supports SNMP, you need to disable it or modify the default public and private identifiers. If you don't, hackers will be able to use SNMP to get important information about your network.

Use Access list

to better protect your network, set an access list whenever possible. However, not all wireless access points support this feature. If you can do this, you can designate a machine to access the access point. Access points that support this feature sometimes use TFTP (Simple File Transfer Protocol) to periodically download the update access list, thereby avoiding the huge administrative hassle of having to keep lists on all devices synchronized.