Selasa, 29 Juni 2010
Wireless network or a wireless network is often referred to as fairly easy to set up, and also feels very comfortable, especially if we want to be able to walk way around the home or office with a portable computer but still could still access the internet network. However, since the wave of wireless use, it will be easier to hack into than wired connections. There are a few tips here to secure the wireless network.
The following steps steps
Encryption is the first security measure, but many wireless access points (WAPs) do not use encryption as a default. Although many WAP has Wired Equivalent Privacy (WEP) protocol, but not enabled by default. WEP does have some holes in securitynya, and an experienced hacker would be able to open it, but it's still better than no encryption at all. Be sure to set the WEP authentication method to "shared key" rather than "open system". To "open system", he did not encrypt data, but only authenticate the client. Change the WEP key as often as possible, and use 128-bit WEP compared with the 40-bit.
Because of the weakness of the existing weaknesses in WEP, then it is advisable to use a Wi-Fi Protected Access (WPA) as well. To use WPA, WAP had to the support. The client side must also be able to support WPA .
3. Change the Default Administrator Password.
Many plants now use the same password for all administrative WAP their products. The default password is usually already known to the hackers, which can be used to change the settings on your WAP. The first thing that must be done in the WAP configuration is changing the default password TSB. Use at least eight characters, any combination of letters and numbers, and do not use the word of words in the dictionary.
4. Turn off SSID Broadcasting.
Service Set Identifier (SSID) is the name of our wireless network. By default, the SSID of the WAP will be in the broadcast. This will make users easy to find these networks, because the SSID will appear in the list of available wireless networks that exist on the client. If the SSID is turned off, users must know the SSID of his first bit can be connected with the network.
The way this one seems very simple, but few companies or individuals do it. If we have users who only connect at certain times only, there is no reason to run a wireless network at any time and provides an opportunity for intruders to carry out his evil intentions. We can turn off the access point when not in use.
Usefulness of the SSID broadcast is turned off to prevent anyone else know the name of our network, but if you still use the default SSID, will not be difficult for us to guess the SSID of the network.
Most WAP (not the cheap cheap of course) will allow us to use the filter media access control (MAC). This means we can create a "white list" of computers may access the computer that our wireless network, based on the MAC or physical address of the network card in each pc. Connections from the MAC is not in the list will be rejected. This method is not always safe, because it is still possible for a hacker sniffing packets that we do transmit via the wireless network and get a valid MAC address from one user, and then used it to make a spoof. But MAC filtering will make an intruder difficulties that are still very good candidate.
To protect the cable from the internal network threats coming from the wireless network, it is important to make a wireless DMZ or perimeter network is isolated from the LAN. This means installing a firewall between the wireless network and LAN. And for wireless clients that require access to the internal network, he must first authenticate to the RAS server or use VPN. This provides an extra layer for protection.
802.11b WAP transmits waves of up to approximately 300 feet. But this distance can be added by replacing with a better antenna. By using high-gain antenna, we can get more distance. Directional antenna will transmit signals in a particular direction, and pancarannya not circular as in omnidirectional antennas that are usually found on the package setandard WAP. In addition, by selecting the appropriate antenna, we can control distance and direction signals to protect themselves from intruders. In addition, there are several settings that can be WAP signal strength and direction through the WAP config.
One way to hide from hackers who often use technologies 802.11b / g is more popular is to use 802.11a. Because 802.11a works on frequencies different (ie the frequency of 5 GHz), NICs are designed for working on technology that is popular not be able to capture the signals
0 Comments:
Post a Comment