WLAN (Wireless LAN) Security management guide

In the previous article about WEP encryption and cracking, you will find that WEP cracking is much easier than you think. Anyone can use these tools to crack this encryption method, you only need to observe enough traffic on the network to understand the encryption key. However, wireless networks are not so vulnerable. rigorous protection measures and the application of the latest encryption technology can fully protect our networks from internal and external attacks. This article describes how to protect the wireless network.

For some people, they may think that the security of wireless networks is very complicated. Setting a secure wireless network may require very professional basic knowledge and complex settings. Some may also say: "I just used my computer to access the Internet and didn't do anything important. Why do I have to worry about security issues? ", Therefore, they will give up their security plans, which will lead to the wide opening of their network portals ". For the answer to this question, you may not have this idea after reading the following content.

Note: WLAN is short for Wireless LAN. Wireless LAN uses wireless technology to achieve fast Ethernet access.

I. Three major risks of WLAN with no security measures:

1. Exposed Network Resources

Once someone with ulterior motives connects to your WLAN over a wireless network, they have access permissions to the entire network, just like those who are directly connected to your LAN switch. In this case, unless you have taken some measures in advance to restrict access by unknown users to resources and shared documents on the network, intruders can do anything that authorizes users to do. On your network, files, directories, or the entire hard drive can be copied or deleted, or in other worse cases, such as key records, Trojan horses, spyware, or other malicious programs that can be installed into your system and manipulated by intruders through the network, the consequences can be imagined.

2. Sensitive Information exposed

As long as appropriate tools are used, WEB pages can be reconstructed in real time, so that the URLs of WEB sites you have browsed can be captured, some important passwords you entered on these pages will be stolen and recorded by intruders. If they are credit card passwords or the like, you will know what is going on.

3. Act as a stepping stone for others

In foreign countries, if an open WLAN is used by intruders to transmit pirated movies or music, you are very likely to receive a letter from RIAA's lawyers. What's more, if your Internet connection is used by someone else to download child pornography or other inappropriate content from an FTP site, or use it as a server, you may face more serious problems. Moreover, open WLAN may also be used to send spam, DoS attacks, or spread viruses.

2. Protect Our WLAN

After understanding the problems faced by an unprotected WLAN, we should take corresponding measures before the problem occurs, do not wait until serious consequences occur to realize how important security network maintenance is. The following describes various measures taken to cope with different levels of intrusion.

1. Common users with wireless network interfaces

To attack a wireless LAN without any protection, you do not need to take any special measures, as long as any machine with a wireless Nic is configured, the person who can enable the wireless network card on the computer is a potential intruder. In many cases, people accidentally turn on computers that are equipped with wireless devices and are within your WLAN coverage, in this way, their machines are not automatically connected to your AP, or they are seen in the "available" AP list. If you are not careful, they will break into the "Domain" You have not set up. In fact, in normal statistics, a considerable number of unauthorized connections come from this situation. It is not intended for others to infringe on your network, it is the behavior that is sometimes inadvertently driven by curiosity.

The following measures can protect your network from accidental access. However, these measures are basic content and cannot provide real-time protection to prevent more skilled intruders. Although these contents are very "cainiao", most of them are so simple, but if your wireless device can support them, I suggest you make relevant settings.