XP wireless network security detailed ---- Transfer from Old Essence
This article tells the security of XP wireless networks, so it does not involve the basics of XP wireless networks. Please read the IEEE802.x related articles on basic knowledge. (Recommended "WIN XP Wireless Network 802.1X Wireless Network" http://blog.9cbs.net/bloodyzolo/archive/2005/01/23/264589.aspx) Early wireless network due to its own specificity and equipment expensive reasons It has not been universal. Therefore, wireless network security has never causing many people's attention. As in recent years, the price of wireless network equipment has dropped again, and finally drops to most people can accept. Configuring a wireless network does not need to have a previous senior engineer technology. Under XP, you only need to click on the wizard to click on the mouse, you can build a wireless network for a few minutes, it is easy to synonymous with unsafe, so wireless network The security is also more and more attention. At present, the main risks of the wireless network are reflected in the service and stolen, data damage, and several aspects of normal service, which exists in the XP wireless network. In order to avoid the threat of safety risks, we will analyze one by one. It should still be the above sentence: "Simple is unsafe synonym", XP's wireless security risks, it is precisely from XP simpler and easy-to-use features - "Wireless Zero Configuration", Since the access point can automatically send the received signal, once the XP client enters the coverage of the wireless network signal, the connection can be automatically established. If the signal coverage of multiple wireless networks, the system can automatically access the nearest access. Point contact, and automatically configure the network card for connection, after completion, the established connection SSID will appear in the "available network", because many manufacturers use the network card half MAC address to name SSID, so make the SSID default name It is estimated that the attacker knows that after the default name, the network at least to the access point is easy. The main targeting measures are three: 1. Enable the non-broadcast function of the wireless device, and the spread of SSID is not performed. This feature needs to be viewed in the hardware device option. After enabling the network, the person who wants to connect the network must provide an accurate network name instead of the network name of the XP system. 2. Use an irregular network name to prohibit the use of the default name. If it is not broadcast, the attacker can still be entered into the network by guessing the network name, so it is necessary to modify the default name. The irregularities here can learn from the password settings, and do not set the network name with sensitive information. 3. Client MAC address filtering settings Only clients with the specified Mac can connect to the access point, which can be further off. The above three ways are only the primary settings of XP wireless security. Do not expect to set up these three steps, you can have no worries. From the current security settings, although it can be prepared, it can be prepared, but because of the pair The data in the transmission is taken any encryption. Therefore, as long as the attacker uses some specific wireless local area network tools, you can grab a variety of packets in the air. By analyzing the content analysis of these packets, it can be obtained. Includes SSID and MAC addresses, so three of the previous three methods are inseparable from this attack. The next step is to face the encryption problem of wireless transmission ---- WEP. This is a very controversial topic, so in order to avoid walking into the misunderstanding, we will not explain the strengths and weaknesses of this issue, only one sentence: "WEP provides wireless LANs with data security, complete Sexuality to data source authenticity is more comprehensive, but WEP's key is easy to be attacked. "
