Wireless Internet Security Settings Strategy

Accessing the LAN or the Internet wirelessly has become a reality. However, at present, it is not so easy to achieve efficient and secure access. After all, it is better to connect to the LAN or the Internet through wireless. The setting of twisted line access to the LAN or the Internet is much more complicated. Today, as wireless networks continue to mature, the security risks of wireless networks are becoming the focus of attention, and preventing wireless networks from being invaded by foreigners has become the first thing wireless network users must face. What are the hidden dangers of wireless Internet access? As we all know, wireless network nodes can radiate to a range of about 300 meters. Therefore, any computer with a wireless network card installed within 300 meters can access the wireless network node and possibly enter the wireless network. It is obvious that this convenient access method is easy to bring security threats to wireless networks. For example, a hacker computer within 300 meters also has the opportunity to enter your wireless network, thereby controlling the “everything in one place” of your computer; although wireless networks are not as strict as wired networks in terms of confidentiality of information, But you certainly don't want illegal attackers to easily know the various tracks in your network, such as which websites you visited, what private emails you sent, etc., all of which may be understood by illegal visitors. Chu. What's more, if an illegal visitor who is not far from you enters your wireless network, it will easily steal all kinds of account information on your Internet, which will cause you more security losses. Therefore, in the face of various security risks of wireless networks, you must act in time to take countermeasures, such as encryption technology or network authentication and identification technology to ensure that only users or network devices that you specify in advance can enter your wireless network. In the meantime, other operations that want to force access to your wireless network with various wireless network technologies will be rejected. The security status of wireless Internet access Due to the congenital technical shortcomings of wireless networks, the security of wireless Internet access has not been fully guaranteed until now; however, if wireless Internet users take timely and effective measures, they can still increase illegality. It is difficult for an attacker to invade a wireless network. Generally speaking, the security of the network is mainly reflected in the aspects of data encryption and control access. Data encryption often ensures that the transmitted information can only be accepted and understood by the network users that it expects, and the control access can ensure that the network information can only be ensured. Obtained by an authorized user. For a normal network, its information is transmitted to a specified destination through a cable. As long as the physical link is not destroyed, the information of the ordinary network will not be leaked; but the information of the wireless network is through the microwave. Radiation is transmitted, so all wireless stations may receive network information in the area covered by the wireless network node, and the wireless network node cannot ensure that the information can only be transmitted to the specific receiving device, so the data privacy of the wireless Internet access It is a bit worse than a wired network. At present, IEEE 802.11a, IEEE 802.11b, IEEE 802.11g and other technical protocols used in wireless networks support the security settings of wireless Internet access. By properly setting network parameters, it is possible to ensure that the wireless network authenticates each Internet user; The security setting function of the wireless network only has a preventive effect on the general intrusion. If a user with a slightly higher attack level is encountered, the security setting function of the wireless network cannot do anything. Wireless Security Responses For ordinary wireless network users, what measures should be taken to ensure that their wireless networks are safe and secure? In order to make wireless Internet access as safe as possible, this article specifically provides you with the following wireless network security measures: 1. Set the network key correctly. As you know, by default, the wireless network node manufacturer is convenient for the primary users. Install a wireless network, specifically set the wireless network node's data transmission encryption function to "disable", so that the user's first access to the network is not secure, illegal attackers can easily use professional sniffing tools, intercepted To plaintext data transmitted over a wireless network. For this reason, when you first connect to the WLAN, you must remember to set up the network key to encrypt the data transmitted on the wireless network, so as to effectively resist the illegal invasion of ordinary hackers. Before setting the network key, you must first install the wireless network card, and set the IP address and mask address of the wireless network card to be in the same network segment as the IP address and mask address of the wireless network node; then open the workstation. In Internet Explorer, enter the default IP address of the wireless network node in the address bar. (At present, the IP addresses of most wireless network nodes are “192.168.1.1”, if you can't connect, you can check the operation manual of the corresponding device.) Enter the wireless network node management login page, enter the login password (this password can be found in the wireless network node's manual), you can set the security of the wireless network node in the subsequent pages. Click the security option in the wireless network node management page, select the WEP encryption function, and set the password string according to different encryption types; if you choose the 64-bit encryption type, you must enter the 10-bit string as the encryption. The password, if you choose the 128-bit encryption type, you must set the number of digits of the password to 26 digits. After completing the password setting, turn off the power of the wireless network node, and then turn on the power again, so that the wireless network node will be restarted and the network key will take effect. Next, you must also set the connection properties of the wireless network in the workstation to be securely connected to the WLAN. Click the “Start”/“Settings"/“Network and Dial-up Connections option and right-click on the <quo;Wireless Connections" option under the option and click &ldquo The "Properties" command opens the Wireless Network Properties Settings window; click on the "Wireless Network Configuration" tab of the window and select the wireless network with encryption enabled in the tab page, then click <;Properties" In the subsequent properties window, select the “Associate” tab, and then select the “Data Encryption (WEP Enable)” option in the corresponding tab page, so that the “Network Key” setting item will be selected. Activate, then you can enter the access password of the wireless network node correctly, and click “OK” to make the workstation securely connect to the wireless network. 2. Change the default SSID setting In the default state, the manufacturer of the wireless network node will use the SSID (initialization string) to check the connection request to log in to the wireless network node. Once the test is passed, it may be successfully connected to the wireless network. However, because the same manufacturer's wireless network nodes use the same SSID name, it provides inconvenience for attackers who attempt to connect to the wireless network illegally, once they use the common initialization string to connect to the wireless When the network is online, it is easy to build an unauthorized link, which poses a threat to the security of the wireless network. To do this, when you first install the WLAN, you must log in to the management page of the wireless network node in time, open the SSID setting option, reset the initialization string, it is best to make it difficult to guess; and in order to avoid it more effectively Illegal links, you'd better cancel the SSID webcast if conditions permit, so as to minimize hacking opportunities. Of course, after the SSID name in the wireless network node changes, you must also re-edit the SSID service name in the wireless network property settings window of the workstation to ensure that your workstation is successfully connected to the wireless network. Modifying the SSID name on a normal workstation is as simple as clicking in the Wireless Network Connection Properties window, then clicking on the "Wireless Network Configuration" tab, then in the tab page, select the wireless network node name and click "&ldquo The "Properties" button, in the pop-up "Associate" tab page, directly enter the new SSID name in the "Service Name (SSID)" text box, and finally click the "OK" button. It will make the settings take effect. 3. Suitable antenna placement Because the wireless network node is the conversion of wired signals and wireless signals, the location of the antenna in the wireless network node can not only determine the signal transmission speed of the wireless local area network, but also the strength of the communication signal. Wireless network communication security, it is necessary to put wireless network nodes in a suitable location for this purpose! Before placing the antenna, you should first figure out how much the communication signal coverage of the wireless network node is, and then place the antenna to the location where other users cannot <touch" depending on the range. For example, if the signal transmission capability of the wireless network node is within 30 meters, and now you want to establish a small wireless LAN in a space of 100 square meters, it is best to place the wireless network node in the center of the space. Distribute other workstations around the wireless network nodes so that workstations in other rooms do not automatically search for your wireless network, so the wireless network is less prone to signal leakage. If you just place the wireless network node at the window or wall, it will not only affect the external transmission of the signal, but also the workstation users on the other side of the wall can easily search and connect to your wireless network. As a result, your network security will be greatly reduced. 4, do other preventive work In order to better protect the security of the wireless network, you can also carry out some other effective security measures according to the different functions of the wireless network node. For example, if the wireless network access node supports simple network management functions (SNMP function), I suggest that you turn off this function as much as possible to prevent illegal attackers from easily accessing the private information in the entire wireless LAN through the wireless network node. If your wireless network node also supports access list functionality, you can use this feature to precisely limit which workstations can connect to the wireless network node, and those workstations that are not in the access list are not authorized to enter the wireless network. For example, considering that each wireless network card has its own MAC address, you can create a “MAC access control list” in the wireless network node device, and then input the MAC address of the network card that you think is legal. In the table, only the MAC address displayed in the “MAC Access Control List” will enter your wireless network.