Windows XP Wireless network security Fine Solution

Early wireless network due to its own particularity and equipment expensive reasons, has not been widely, therefore, wireless network security has not caused many people's attention, with the recent years, the price of wireless network equipment fell again, and finally to the majority of people can accept the point, and configure a wireless network does not need to have the previous senior engineer technology, under the Win XP, just follow the wizard to click a few mouse, in less than a few minutes can be built a wireless network, simple is not a synonym for security, therefore, the safety of wireless network is more and more people pay attention to.

At present, the main risk of wireless network in the service embezzlement, data theft, data destruction, interference with normal services in several aspects, these in the XP wireless network also exists. To avoid the threat of security risks, we will analyze each of them individually.

Still should be the sentence above: "Simplicity is synonymous with insecurity," the biggest factor in the wireless security risk of XP, is precisely from the most easy-to-use features of XP-"Wireless 0 Configuration" (WIRELESS? ZERO? CONFIGURATION), because the access point can automatically send receive signal, so XP client once entered the wireless network signal coverage, you can automatically establish a connection, if you enter the range of wireless network signal coverage, the system can automatically contact the nearest access point, and automatically configure the network card to connect , after completion, in the "Available network" will appear in the established connection SSID, because many manufacturers use the network card half MAC address to the default name SSID, so that the SSID default name can be inferred, the attacker knows the default name, at least connected to the access point of the network is easy.

The main measures are three:

1, enable the wireless device does not broadcast function, do not carry out the spread of SSID.

This feature needs to be found in the hardware device's options, which will close the network when enabled,

The person who wants to connect to the network at this time must provide an accurate network name rather than the network name that the XP system automatically provides.

2, the use of irregular network names, prohibit the use of the default name.

If you do not broadcast, an attacker can still connect to the network by guessing the network name, so it is necessary to modify the default name.

Here's the irregularity can use the password to set up the technique, do not set the network name that has sensitive information.

3. Client MAC Address filtering

Specifies that only clients with the specified Mac can connect to the access point, and that they can be further checked by the connecting person.

The above three methods only belong to XP wireless security of the primary settings, do not expect to set these three steps can rest assured that, from the current security settings, although it is possible to protect against some of the wireless attacks, but because there is no encryption on the data in transit, so, As long as the attackers use some specific wireless LAN tools, they can crawl the various packets in the air, through the content analysis of these packets, you can get a variety of information, including SSID and MAC address, so the previous three methods for this attack is not the same. The next thing we're facing is the encryption of wireless transmissions----WEP.

This is a very controversial topic, therefore, in order to avoid going into the wrong place, we will not explain the strengths and weaknesses of this problem one by one in detail, only a word with: "WEP provides wireless LAN with a more comprehensive security from data security, integrity to data source authenticity, but WEP keys are vulnerable to attackers." Although the vendor has been strengthened for this point, Microsoft also released the relevant upgrade package (KB826942,SUPPORT.MICROSOFT.COM/DEFAULT.ASPX?SCID=KB;ZH-CN;826942), but can not fundamentally solve the problem.

WEP runs on the access point, if we enable WEP on 2000, then the shared key provided by the client software must be used, and if it is used XP, it is not needed, the system prompts you when the first access is enabled, and you can continue with the following configuration after entering the key:

1, open "Network Connection", click on the wireless network card properties.

2, select "Preferred Network", select or add an entry, and then click Properties.

3, open the wireless network properties after the following operations:

1) Modify "Network Name"

2 "Data encryption (WEP)" tick

3 "Network Verification" tick

4 Select the "Key format" (ASCII or hexadecimal) and "key length" for matching access points (40 or

104).

5 need to enter the correct "network key"

6) do not select "Auto Select Key".

4, save close.

OK, the settings for WEP under XP are basically complete, but for the sake of a more secure wireless network,

Let's look at other security measures that need attention:

1, the network contains as much as possible a validation server.

Configuring the network to all connection requests must first be authenticated by the authentication server.

Will greatly improve the security of the wireless network.

2. Modify WEP key once a month

Because WEP has a documented flaw, it is a good idea to modify the WEP key every once in a while.