Two Misunderstandings and security analysis on the establishment of wireless networks (1)

Source: Internet
Author: User

Misunderstanding 1. The stronger the signal, the better.

First, let's take a look at several hardware metrics of wireless products: transmit power, accept sensitivity, and antenna gain. At present, the main disadvantage of wireless networks is signal coverage and transmission rate. Generally, the method to enhance the signal is to increase the transmit power and antenna gain.

Transmit power: wireless devices use the transmit power to measure the transmission signal performance. The larger the transmit power, the longer the transmission distance between wireless products, the wider the coverage, and the stronger the penetration capability. The unit of measurement for transmit power is dbm. This is roughly the same as the light bulb that we use in our lives. The larger the wattage, the brighter the bulb, and the wider the illumination range.

Gain: The gain refers to the enhancement of the signal transmitting and receiving capabilities of the antenna. The larger the gain, the stronger the signal transmitting capability and the higher the sensitivity. The gain measurement unit is dbi. The antenna size and internal materials have a great relationship with the antenna gain.

Why is the stronger the signal, the better? The reason is that the signal is too strong, so the range is larger, the controllable area is reduced, and the security of users is reduced. For example, although a user can receive signals in a unit with an area of more than 300 square meters in the office area, his security is not the best.

Misunderstanding 2 the higher the standard, the better

In wireless products, products based on the 802.11n draft standards are currently the most advanced technology, with far-reaching signal coverage. This is precisely because many enterprises tend to pursue hardware indicators too much when purchasing equipment, while ignoring the ease of use and price of products. According to the current prices of some 11n products sold in the market, the prices of most router products are between-yuan, while the prices of 11n-based wireless NICs are between-yuan. What is the concept of such a price?

Currently, the price of 802.11g-based wireless routers sold in the market is around 200, and the price of 11G wireless network cards is around 150 yuan. In comparison, the price of 11n products is 7-8 times that of 11G products. Although 11N products are leading in technology, we do not recommend small and medium enterprises because of immature prices and technologies. Compared with 11g products, 11N products are more suitable for small and medium enterprises.

Set up Wireless Network Security

Unauthorized users

We know that wireless signals are transmitted in the air. As long as the signals are covered, some illegal users can obtain wireless network data without any physical connection. Therefore, it is necessary to prevent illegal terminal access and data leakage from multiple aspects.

The solution is to use authentication to prevent unauthorized user access. In other words, it is to use various encryption methods to prevent illegal user intrusion. Binding a MAC address is the most common and simplest method. Each wireless network card has a unique MAC address, which is encrypted by binding the AP settings to the MAC address of the NIC, however, this security method applies to family users who do not have high requirements on information. For enterprise users, we recommend using two common encryption methods: WEP and WPA.

Illegal AP access

In addition to threats to the security of the wireless LAN, unauthorized AP access also threatens the entire network. When a Wireless AP is connected to a wired hub, an illegal AP attack occurs. An illegal AP installation may damage valuable resources of the wireless network.

The solution is to prevent the legality verification of the AP and regular site review. During this verification, not only does the AP need to confirm the legality of the wireless user, the wireless device must also verify whether the AP is a false access point before communication.

Virus and hacker attacks

Apart from the above two points, viruses and hacker attacks also pose a threat to the wireless LAN. Many networks have a set of well-configured security devices as the network shells to prevent illegal attacks, however, the network protected by the shell is very fragile and vulnerable to attacks. Through simple configuration, hackers can quickly access the network trunk to expose the network to attackers. Therefore, they must take preventive measures. Even a network with a certain number of border security devices can expose the network to be attacked.

A common solution is to install a firewall, install and upgrade the client software and anti-virus software, and isolate the company's wireless network from the core network.


Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.