The misunderstanding and security analysis in the process of establishing wireless network

Misunderstanding, the stronger the signal, the better.

First of all, let's take a look at some of the wireless product hardware indicators: transmission power, acceptance sensitivity and antenna gain. At present, the main disadvantage of wireless network in the range of signal coverage and transmission rate, usually enhance the signal method is to improve the transmission power and enhance the antenna gain.

Transmitting power: The wireless device uses the transmitting power to measure the performance of the transmitting signal, the larger the transmitting power, the farther the distance between the wireless products, the wider the coverage and the stronger the penetrating ability. The unit of measurement for transmitting power is dbm. This is the same as the light bulb we use in life, the larger the wattage, the brighter the bulb, the wider the range of illumination.

Gain: Gain is the ability of the antenna to enhance the emission and reception of the signal, the greater the gain, the stronger the signal emission, the higher the sensitivity. The measurement unit of gain is DBI, the size of the antenna and the internal material have a great relationship with the antenna gain.

Why is the signal stronger the better is a misunderstanding? The reason is because the signal is too strong, so its scope is larger, then the controllable area is reduced, the user's security is reduced. such as: A Dead end of a unit, office area of more than 300 square meters, users can receive signals, but his security is not the best.

The higher the standard, the better.

In wireless products based on the draft 802.11N standard products are currently the most technologically advanced, signal coverage of the products far away. It is precisely because of this that many enterprises in the procurement of equipment often too much pursuit of hardware indicators, and ignore the ease of use and price of products. According to the current part in the market price of 11n products sold, most of the router product prices between 1700-1900 yuan, and based on the 11n wireless card is also between 800-900 yuan, the price is not expensive. What is the concept of such a price?

The current market in the 802.11G based wireless router price of around 200, 11g wireless network card in 150 yuan, compared to 11n products are 11g product price 7-8 times. Although the 11N product technology leader, but because the price and the technology is immature and so on factor we do not recommend the small and medium-sized enterprise to use, compared with 11g's product is more suitable for the small and medium-sized enterprise use.

Security for building a wireless network

Unauthorized access to a user

We know that wireless signals are transmitted in the air, as long as within the signal coverage, some illegal users can not need any physical connection to obtain wireless network data, therefore, must be in many ways to prevent illegal terminal access and data leakage problem.

The solution is to use authentication to prevent unauthorized users from accessing, in other words, using various encryption methods to prevent illegal users from invading. Binding MAC address is our most common easiest way, each wireless card has a unique MAC address, through the AP set up with the NIC MAC address binding to achieve encryption, but this security method is also applicable to the information requirements of the home users, for enterprise users, We recommend using WEP and WPA two common encryption methods.

Access access to illegal AP

Access to an illegal AP can also pose a threat to the entire network, in addition to threats to the security of the WLAN by unauthorized users. When a wireless AP accesses a wired hub, it encounters an illegal AP attack, and an illegally installed AP can jeopardize the valuable resources of the wireless network.

The solution is to use the validity of the AP validation and periodic site review to prevent, in this verification process, not only the AP needs to confirm the legality of wireless users, wireless terminal equipment must also verify that the AP is a false access point, and then can communicate.

Attacks by viruses and hackers

In addition to the above two points, virus and hacker attacks will also pose a threat to the wireless local area network, many networks have a carefully set of security devices as the shell of the network to prevent illegal attacks, but within the shell-protected network is very vulnerable and vulnerable. Hackers can quickly access the backbone of the network through a simple configuration, exposing the network to the attacker, so the need to strengthen preventive measures. Even a network with a certain border security device can also expose the network to attack.

A common solution is to install firewalls, upgrade clients to software and antivirus software, and isolate the company's wireless network from its core network.

Service and performance Limitations

We know that the current wireless LAN transmission bandwidth is limited, compared with the wired network is far from enough, in the actual use of the physical layer because of the cost, the actual throughput is only half of the standard, and the actual throughput is shared by all users. If the hackers send a large number of PING,AP bandwidth from Ethernet will be saturated, if the broadcast traffic, multiple AP will be blocked at the same time, the attacker can send signals in the same wireless channel with the wireless network, so that the attacked network will be automatically adapted through the CSMA/CA mechanism, Also affects the transmission of wireless networks.

In addition, the transmission of large data files or complex client/server system will generate a lot of network traffic. In the face of this problem solution is, often network monitoring, if the quality of AP and signal status is not stable, it is recommended to test equipment, such as testing, so that can effectively identify the network rate, frame type, to help fault location.

Wireless Internet is really convenient for our lives, but at the same time do you consider the other side of him? There are misunderstandings, security problems exist, so please readers pay more attention to their wireless network environment.