Wireless network application configuration six steps away

Wireless network development, has driven the network world more powerful, then in the network configuration, we have to consider some more efficient and faster settings to deal with the network security issues.

Most of us are not very clear about the techniques in wireless networks, so how do we solve the problem with application configuration? Here are six major elements.

The starting point for establishing secure wireless network access nodes (access points) is to prevent leaks from information to unauthorized external access. This principle is often difficult to understand and to do. Because the wireless network security setting is more complex than the general cable network, because the cable network's access node is fixed, but in the wireless network signal receives the range, all nodes can connect. The problems caused by the characteristics of the

Wireless network itself are unavoidable, but the adoption of the right wireless network system protection will protect the user's system and avoid serious security problems. In the case of sloppy configuration, the unsecured wireless network will lead to "Service Unavailable" or "springboard" for attacking other networks. To minimize the risk posed by security vulnerabilities, ensure that network technicians are configured and tested with the following recommendations.

1, plan the antenna installation location

This is the first step in implementing a "non-leaking" wireless access node, and the location of the antenna is determined by the coverage of the wireless signal. Please be careful not to put the antenna next to the window, because the glass can not block the signal leakage. Ideally, the signal emitter antenna is best placed in the middle of the work area, so that the signal leaks can be minimized. Of course, the foregoing is unlikely to be fully achieved, but there is no mistake as far as possible to ensure that the above principles are enforced.

2, the use of WEP (Wireless Encryption Protocol)

WEP (Wireless Encryption Protocol) is the standard for data transmission encryption for wireless networks. Although it still has obvious fragility, it is quite effective to prevent ordinary hackers. Many manufacturers of wireless access node products have set WEP to disable for easy installation. So once the node antenna begins to send and receive signals, the hacker can access the wireless data through the sniffer.

3, changing the SSID settings and canceling broadcasting the

Service Settings Initialization validator (Ssid,service set Identifier) is used to authenticate the initialization string used by the wireless access node, and the client is required to complete the connection initialization through the SSID. The validator is set by the manufacturer and the same manufacturer uses the same default value, such as the 3Com company's device using the "101" string. If the hacker understands the corresponding initialization string, then the unauthorized link can be easily established. Therefore, I suggest that in configuring your organization's wireless network, change the SSID initialization string to make it difficult to guess, and, if conditions permit, limit the SSID broadcast of the validator to prevent illegal linking. The network will still be available, but it will not give hackers an opportunity. The security policy of

4, canceling DHCP

sounds strange, but it is very effective for the security of a wireless network. After taking this step, the hacker will have to guess the IP address, subnet mask and other necessary TCP/IP parameters of your organization's network. Even if hackers can access your organization's wireless network nodes, but if you do not know the IP address and so on, it is still not the door.

5, Cancel or change the SNMP settings

If your organization's Access node supports SNMP, either cancel it or change public and private common strings. If you do not take this step, hackers will use SNMP to obtain important information about your organization's network.

6, use Access list

To further protect your organization's wireless network, set up an access list. Not all wireless access nodes support this feature, but if your organization does this, it will implement a machine that can be connected to access nodes precisely. Access node devices that support this feature use the TFTP protocol to periodically download updated access lists, so that administrators do not need to synchronize the access lists on each device.