Protect wireless security and learn about wireless network intrusion

For the average person, just paying attention to the convenience brought by wireless, but not paying attention to security, it is easy to be smothered by individual "hearted people" Invasion of wireless networks does not require high technical content, as long as some simple computer and network common sense, and the method of prevention is very simple, but many people are greedy and convenient to pay attention to, and look at the story of the protagonist. I went home after work that day, listening to the two sisters living in the downstairs in the elevator and describing how to wirelessly connect to the home. I thought that these two computers were also playing wirelessly on weekdays. The previous computer had three long and two short. I always asked to see it. This time, I was so busy that I was hanging out and I was transparent in the elevator. I am very angry, the consequences are very serious, see how I clean up you, to ensure that this is not the case, these two small MM will be hard and soft and ask for help, I can't help but scream. MM next door hacker absent-minded after eating, I took a notebook to the balcony, this location is closest to the study room of the family downstairs, if not estimated wrong, the wireless router should be placed next to the study computer, the signal should be the strongest in the balcony At about 8 o'clock in the evening, looking at the darkness of the house, it is time to do it. After the notebook is powered on, enter “ldmgmt.msc” in the running mode, open the device manager, start the Intel Wireless/Pro 2915ABG wireless module in the network adapter, then set the wireless connection properties, and set the IP address automatically in the Internet protocol properties. Then enter “ipconfig /renew” in the command prompt character, and the returned result is: Ethernet adapter Wireless network connection: Connection-specific DNS Suffix . : domain IP Address. . . . . . . . . . . . : 192.168. 1.100 Subnet Mask . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Ipconfig /all”, see that the DHCP Server parameter is indeed 192.168.1.1, which means that my laptop has received the sister's wireless router. Defense: The wireless router has the DHCP Server function enabled by default. Although it can facilitate client address allocation and management, it also makes it easy for intruders to access. It can be disabled for security reasons. Log in to the web management interface of the wireless router. In the DHCP project, select the “Do not enable” option. The client uses the manual IP address and the default gateway to verify that the wireless router is so easy to access the wireless router. The two sisters really didn't have a sense of security and prevention. The next step was to verify the wireless router. Each network device has a globally unique “ID card” number, and the wireless router is no exception. The format is 5254AB1D917A. Among the 12-digit hexadecimal characters, the first 6 bits are used to mark a specific manufacturer. The last 6 digits are used to mark the specific product. To verify the wireless router's real body, this is easy. Enter "ldp -a" in the command prompt character and see the result returned as: Interface: 192.168.1.100 — — 0x2 Internet Address Physical Address Type 192.168.1.1 00-0a-eb-d5-1c-a2 dynamic With the wireless router's MAC address, I immediately open IE, to the IEEE website to check which address is assigned to which vendor, So enter the first 6 bits & ldquo; 00-0a-eb & rdquo; into the Search for column (Figure 2). The result shown in Figure 3 is displayed on the returned web page. It turned out that the sister bought a TP-Link wireless router, which was a step closer to the goal. I laughed awkwardly. Defense: Each network device burns a specified MAC address at the factory, and the manufacturer can be identified from the address. In order to prevent the wireless router from being recognized by others, it can be modified to other MAC addresses. In the web management interface of the wireless router, expand “network parameter →MAC address clone", and change the first 6 bits to other. Although the wireless router's manufacturer knows that the wireless router manufacturer is TP-Link, I still can't start because I don't know the specific product model, but I don't have to worry. The manufacturer likes to use the same account password and other parameters on different products. Just get started. Although there is no manual for the TP-Link wireless router, it is very simple to check its default account password. Go to Baidu website immediately and search for the TP-Link wireless router default password. If not, You will find clues on a web page on the first screen. If there is nothing wrong, the default account and password are both admin, asking the Buddha to protect the sisters will not change. Sure enough, enter “192.168.1.1” in the IE address bar, and enter admin in the pop-up verification screen to enter the web management interface of the wireless router. Defense: For security reasons, the wireless router should immediately modify the default account and password when it is initially used. In the web management interface, expand “System Tools & Rarr; Modify Login Password” and enter the new username and password. If you enter the unmanned environment Now that the highest management authority of the wireless router is at your fingertips, the next step is to enter the uninhabited environment. At this time, I am thinking about how to destroy it. Is it a messy setting of the wireless router? Update a mismatched firmware to get rid of the wireless router? Or modify the Internet parameters so that they can not get on QQ? I want to think about it. In the end, I decided to point it up. The premise is not to cause irreparable damage to them, but I can’t let them fix it. The purpose is to let them move the rescue. Of course, they are looking for a soldier, so the hacking begins. …… In the web management interface, enter the client list of the DHCP server, see a total of 3 clients, if not estimated, these 3 should be my laptop and sister's two computers, copy them MAC address of the two computers, then open the firewall of the wireless router, enable MAC address filtering, prohibit the enabled MAC address in the set MAC address list from accessing the Internet, allow other MAC addresses to access the Internet. Then in the MAC address filtering will sister two The MAC address of the computer is added to it. Restart the wireless router in the system tool, close the IE immediately after the operation, cover the notebook screen, and sneak into the living room to watch TV. Defense: If the highest authority of the wireless router is stolen, it will be difficult to prevent it. After waiting for about 10 minutes, at 9 o'clock, the doorbell rang as scheduled. I opened the door kindly and asked the visitor about the anecdote. She said that the family couldn’t get on the net for no reason, let me go and see, I If you don’t say anything, you will follow. Watching the two sisters pay great attention to my master, I will not change the computer on the east. In fact, the remedy is very simple. I pretend to be busy on the computer for a while, so that they mistakenly think that it is difficult to solve the problem. The two sisters treat me as a god. I know that they are just worms. Because of their hospitality, I have been drinking two bowls of sweet soup in a row. My heart is also sweet and sweet. It is not too late. I propose to go back. I couldn’t help myself when I was lying in bed at night, and I laughed when I slept. Rescue: Actually, the sisters don't know if the Internet is a computer fault, or a wireless router problem, or a telecom problem. For me, I know the problem. You can prescribe the right medicine. First, turn off the wireless router, and then press the Reset button on the body. Then, after the power is turned on, the wireless router will be restored to the factory settings, the firewall and MAC address filtering information will be deleted, and the online account and other parameters will be retained.