The author at home two days before the trial of a wireless router, I suddenly found around the use of wireless networks is more and more neighbors, but most users are not encrypted, and many did not modify the machine's SSID, in a single glance to D-Link, Netgear, TP-LINK is a variety of brand everything. Of course, some neighbors still encrypted to the network, including one called "ji de jia mi" the SSID so I was impressed.
Mobility and flexibility of wireless networks is beyond doubt, but from a security point of view, the user's network will form a broadcast source, without taking any safety measures in the case, others will easily find and connect to you networks. Ranging from an intruder on the Internet for free, while some important data and privacy of your computer is stolen, and the neighbor modified SSID "ji de jia mi" (remember encryption) is also to remind everyone in good faith. But objectively speaking, even with a Wi-Fi encryption is still not absolutely safe, wireless technology advances, techniques and tools in the same follow-up invasion. So at this stage we should be how to effectively defend the dissemination of data in the air it? In this paper, we will introduce you to some of the preventive measures against the invasion of some typical means.
Several typical wireless intrusion means of introduction:
Encryption Attack: This is a means of brute force, the current cryptographic attacks against WEP mainly, due to the inherent flaws WEP encryption, WEP security protocol will detect intruders vulnerabilities with the appropriate tools, and then by means of packet capture analysis cracks, this process can often be completed within a few hours.
Wireless Fishing: steal this way and now popular as phishing, hacker to set up a wireless access device disguised attempt at a network or a public place, so that victims of mistaken premises have Wi-Fi use. Especially in public places, when the signal strength of the wireless device disguised very good, most likely to attract users deceived. In this case, hackers can charge more victims, type the password, or pattern input victim computer. Although this is not really the true sense of the invasion described above but less than "violence" to break a number of clever, and more serious consequences.
Malicious spoofing: hackers set up a fake wireless access devices, if the victim to connect to the server, the server will send a false message response, so even on the victims of counterfeit server. The method and the above-mentioned "phishing attack" is quite similar.
In addition, if your wireless is completely open, then you can free Internet intruders, or attack other networks through a third party and explore your network.
Wireless security interest friends may know, and now this regard cracking tools are many, from detection, listening to the final break everything, break the face of threats from these tools as a normal user we can only wait to die yet ? Here I will list several of the more popular cracking tools and methods that we should understand these tools at the same time, you can take appropriate protective measures.
Network Stumbler: a wireless network in a common test software, the Windows-based tools can be very easy to find out within a broadcast range of the wireless signal, you can determine which signals or noise information can be used for site measurements. For many home users can use this software to test the optimum placement of the wireless router, and for the evil intentions of the users, Network Stumbler become a tool to capture the signal source. Therefore, I suggest that you promptly in case of network encryption or should shut down your SSID broadcast.
Kismet: a more powerful Web search tools, Network Stumbler is to turn off SSID broadcast can not search for a radio source, but Kismet may be, we can only rely on the more advanced and relatively complex security settings to avoid this potentially dangerous.
After searching and targeting, the invaders would be illegal links with some cracking tools, which are common Airsnort, Cowpatty and Ethereal several.
Airsnort: one kind of sniff and crack the WEP key tool. The tool will find a lot of sniffed packets to crack the WEP key. But the current security technology in terms of wireless products WEP has been rarely used, but earlier or later still use WEP encryption friend has noted that in order to avoid this invasion the most effective way is to use a 128-bit rather than 40-bit the WEP encryption key, so you can make take longer to break. Of course, the direct use of more advanced WPA encryption method will be very effective.
CowPatty: The tool is primarily used to crack WPA-PSK, it by simply try a variety of different options in the article, whether a just and a pre-shared key matches the view. So concerned about network security and friends can set complex password to prevent such intrusions, or try to delay the intruder guess time.
Ethereal: Ethereal can scan for wireless and Ethernet information, but also has very strong filtering capabilities. It can sniff out 802.11 management information can also be used as sniffer non-broadcast SSID. Prevention Ethereal is actually very simple, just use WPA2, AES algorithm is generally impossible hacker intrusion.
Simply put, turn off SSID broadcasting or using the Advanced Encryption (currently not recommended to use WEP encryption is lagging behind) are most illegal intruder can be excluded. In addition, disable DHCP and SNMP settings, particularly in terms of disabling DHCP on the wireless network makes sense. Because hackers would have to shut down after the DHCP crack your IP address, its more difficult invasion.
In addition to the technical aspects of prevention, but for the average home user, choose the right place for the point is also a method of wireless router. Since most wireless security problems are due to the access point it is not in a closed environment caused by reasonable restrictions can be placed in the signal transmission distance than you need to cover the area, so the location such as the sill is not suitable for display wireless router. (Enterprise-level users can also use this approach to network segmentation between departments, thereby reducing the difficulty in management)
With the popularity of wireless applications, its safety is a topic we have to face, but I believe that this topic does not have to be overly exaggerated, because there will be any network vulnerabilities, and these should not be the reason why we abandoned it , but also from the practical point of view the overall security of the wireless capabilities on the still very strong, as long as through the rational allocation and use of substantially no problem. In addition to hacking into the wireless network for the sake of friends there is no need of this, many public places now have free wireless for everyone to use, but as far as I know, there are many online Advocacy Coalition "wireless sharing" to facilitate wireless enthusiasts to share and exchange.