How to Strengthen Your Wireless Network | Total Security

-

                       Wi-Fi security


 Whether you have a private network or use a corporate network, security should always come first. Traditional wired networks are inherently more secure than wireless networks, and better protected from outside attacks. Without physical access to cables , which are usually located inside a building, outsiders cannot access or read the data.

How to strengthen your wireless network, Total security


For those who nonetheless want to use the convenience of a wireless network, there are significant security challenges to be faced. This is because information is not transmitted by means of a cable, but the public space, and the range is instead of being determined by the length of the cable, depends on the strength of the radio signals . When a device is connected to a wireless network, or Wi-Fi, a hacker only needs a receiver which is in the circle of the transmitted radio signals. It is therefore important to ensure maximum Wi-Fi security in order to be able to use wireless communication networks without any restrictions.

What exactly is Wi-Fi?

The Wi-Fi is a set of wireless communication protocols which allows several computer devices to be linked together using radio waves, that is to say wireless. This type of connection is mainly used when it is too complicated, too expensive, or impossible to connect devices on a network with cables. But it is also possible to set up a wireless network only for practical reasons. Wireless connections are widely used especially in homes, as they are a great way to access the Internet throughout the home without having to connect wires everywhere. Wi-Fi networks are also useful in offices, especially when many portable devices, such as computers or tablets, are used there.

There are 3 different operating modes for wireless networks:

  • Infrastructure mode : the structure of this mode is similar to that of the mobile network. A wireless access point coordinates the coordination of all users on the network and sends them, at defined intervals, small data packets that include information about the network name, transmission times and connection type. . Often a router acts as an access point.
  • The wireless distribution system : since Wi-Fi uses the same type of addressing as Ethernet, it is easy to connect to the wired network (or any other radio network). Networks are linked in this way, for example, to increase the range, which is why we speak of a wireless distribution network, that is to say of wireless propagation.
  • Ad-hoc mode : in ad-hoc mode, there is no standard control unit, so coordination is handled by the respective terminals. These networks are used for fast and direct communications between individual participants. However, this mode of Wi-Fi is not very widespread, users often preferring alternatives such as Bluetooth.

The weak points of Wi-Fi networks

The data framework for communication with wireless networks has been defined by the IEEE 802.11 standard of the Institute of Electrical and Electronics Engineers (IEEE). In the beginning however, security was not necessarily a major concern for Wi-Fi. Unencrypted transmissions and lack of user identification guaranteed anyone within range of range access to the entire network. The need to secure Wi-Fi networks then arose and made it possible to develop security measures for Wi-Fi, namely the following encryption and identification techniques:

  • Wired Equivalent Privacy ( WEP ): WEP is the oldest encryption standard, developed in 1997. It offers two identification systems: the open system, in which all clients have access to the network, and authentication by shared key, including a shared password. WEP also includes an RC4 encryption method. While it was a pioneer in its day, WEP has many weaknesses, and today it is considered permeable and obsolete.
  • Protected Network Access (WPA , standing for Wi-Fi Protected Access ): WPA is built on the WEP architecture, and designed to eliminate its weaknesses. To do this, WPA works with a dynamic key, based on the Temporal Key Integrity Protocol (TKIP). Since WPA also has security weaknesses, new wireless access points (since 2011) and devices designed for Wi-Fi (since 2012) are officially no longer compatible with this protocol.
  • Protected network access (WPA 2)  : with the IEEE 802.11i standards in 2004, the more secure encryption and authentication mode also appeared: WPA 2. Instead of TKIP, WPA 2 uses the AES encryption method which is good. more modern. If you are installing a Wi-Fi network, it is therefore advisable to prefer WPA2 over the old WEP and WPA standards.
  • Wi-Fi Protected Setup (WPS) : WPS is not a transmission or encryption technology, but an automatic configuration designed to make Wi-Fi setup easier for new network users. Authentication is done through a button (WPS-PBC), physical on the access point, or virtual via software or a PIN (WPS PIN). It is also possible to change the network parameters using a USB key or an NFS (short circuit technology).

Although WPA2 is a more secure development than WEP and WPA, some operators continue to use these outdated standards because they are compatible with their wireless access points, which can encrypt Wi-Fi. Whether this is unintentional or for compatibility reasons (to allow access to old devices) ultimately does not matter. It is clear that these networks are exposed to a significant risk of unwanted access, which is one of the main reasons for the bad reputation of Wi-Fi security. There are other mistakes, which are invitations to hackers, and yet are regularly made by wireless network operators:

  • Default usernames and passwords for access to Wi-Fi networks
  • Basic unsecured configuration of the Wi-Fi access point
  • Errors in the implementation of WPA2 and WPS

In addition, wireless networks are vulnerable to Do's and DDoS attacks, as well as so-called evil twin attacks These consist of imitating the open Wi-Fi access point of a company or an institution (a train station, an airport, etc.), by creating a pirate network with the same name. The evil twin network responds to authentication requests on its own and receives access data for Wi-Fi from unsuspecting network devices. It also receives the client's MAC address ( MAC spoofing ) and thus obtains all the data essential to connect. Open Wi-Fi access is particularly vulnerable to this type of attack.

Securing a Wi-Fi network: a question of consequences

The list of potential attacks on wireless networks shows how important it is to be concerned about Wi-Fi security. Indeed, many are still convinced that a secure password and a firewall are sufficient to ensure maximum protection . To ensure complete protection of a wireless network, it is necessary to do more than turn on a router, a five-minute installation, and come up with a password that is difficult to guess but not too complicated to enter. The more careful you are with configuration and installation, the more secure the network will be.

The basis of Wi-Fi security: proper configuration of network access points

The network access point, usually a router, as the central control point of the network, is also a decisive element in its security. Indeed, it is the settings of the hardware components that determine whether an attacker can penetrate your Wi-Fi network in a few seconds, or if it will be blocked thanks to sufficient protection. Here are the most important configuration steps.

Step 1: set up individual administrator access

To configure an access point, it must be administered by operating software, which is presented in the user interface of your usual browser, as soon as you access the IP address of the access point . Access to this interface is through a user account with a standard user name and password. These connection data are not individual, but identical depending on the device models, they are generally very simple identifiers, such as "admin" (password or user name) or "1234". At the start of the configuration, you must therefore enter your own connection data for the administrator account .

Step 2: Choose WPA2 as the Encryption Method

To encrypt Wi-Fi, it is imperative to choose WPA, its predecessors WPA and WEP having shown increased risks in terms of security. Likewise, the mixed combination "WPA / WPA2" is not recommended either. It is a good idea to provide devices that are compatible with WPA2 instead , and not to rely on the old encryption methods. If you are using WPS configuration software, you only need to turn it on when necessary.

Step 3: set a secure Wi-Fi password

So far, WPA2 has only seen password attacks, including brute force attacks and dictionary attacks, which are very popular with cyber criminals. It is therefore essential to set the bar very high when it comes to password total securityIt is advisable to use encryption algorithms and word lists when installing the wifi: this can for example consist of as many characters as possible , using both upper and lower case letters, numbers and special characters. It is also recommended to avoid comprehensible words, and instead choose random letters.You can also keep the Wi-Fi password on paper in a safe place, while keeping it digitally is not recommended.

Step 4: Choose an unidentifiable network name

One of the total security measures for Wi-Fi is to formulate an unidentifiable SSDI (English Service Set Identifiers ). SSDI is the name of your network, and anyone who consults the list of available networks can see it. Therefore, if you are not an open hotspot, it is recommended that you do not share any personal information that may be related to you, your business or your location. For many, hiding the name of the Wi-Fi network ( hidden SSID) constitutes progress in terms of safety. However, this technique does not represent a barrier against cybercriminals, and results in a more difficult connection for authorized customers. By hiding the SSDI from its Wi-Fi, it is also possible that some devices no longer detect the network.

Step 5: Enable automatic operating software updates

For the security of Wi-Fi in general, it is essential that the operating software of the access point is constantly updated. As with any program, cybercriminals can indeed exploit security vulnerabilities discovered here, such as gaining administrator rights or introducing malware. Some access points have an automatic update function of the operating software, which only needs to be activated in a secure manner. Otherwise, it is advisable to regularly check if updates are available for your device, then download and install them manually.

Optimize authentication with IEEE 802.1X

IEEE 802.1X is a port-based security standard, which guarantees access to authorized clients only if they have been verified and approved by an authentication server (RADIUS). This provides access to a predefined list, which indicates whether or not the client in question is authorized to connect to the wireless access point. The identification method is based on the Extensible Authentication Protocol (EAP) , also compatible with WPA 2. This variant is also called WPA2 Enterprise, WPA2-1X or WPA2 / 802.1X.

Other useful tips regarding Wi-Fi security measures

If you have configured your access point taking into account the recommendations above, your wifi network already has a correct level of protection. Depending on the intended use, however, there may be other tasks to perform. Since the majority of Wi-Fi is connected to a network, mainly thanks to the Internet , it is essential to install an individual firewall on your access point, in order to filter out unwanted connections. Furthermore, it is also relevant to identify and combat unwanted access to the source, using intrusion detection systems.

If you want your customers to have Wi-Fi access, it is recommended to always work with a separate SSDI, which you can create and configure in addition to your professional Wi-Fi. In all cases, as a Wi-Fi operator, you are responsible for the use made of the connection, which means that any infringement of copyright (illegal downloads, etc.) can be directly blamed on you. For more security, it is advisable to regularly monitor the use of the bandwidth, and to block the questionable sites as well as the settings of the router.

If you use Wi-Fi in a professional setting, security tests using specific tools can be useful. In this way, we can simulate cyber attacks , and determine whether the Wi-Fi security measures that we have taken are effective. Here again, the same principle as for Wi-Fi security is the basis: the more detailed and precise you are, the more effective the results. It is therefore important to make the effort and optimize your wireless access point. In summary, here are the essential measures to apply to make your Wi-Fi network difficult to attack by cybercriminals:

Comments

Post a Comment

Popular posts from this blog

Why Not to Restart Your Computer if It Is Infected With the Ransomware | Total Security

-
Image
The Internet has made our lives easy, especially in the field of online buying and selling, but with simplicity come greater challenges. One of the main issues that come with shopping online is its security concerns. So far this year, more than a thousand shoppers in Australia alone have reported cases of online shopping fraud, and 56.6 percent of those cases come with massive financial losses. As the Internet has become our daily tool for trading, investing, and consuming content, we cannot stop buying and selling online, although we are at risk of phishing from scammers who get richer by defrauding users, so we can do a lot to prevent our money from being stolen and defrauded. Buying from various online stores. This article provides practical advice for smart shopping online. These tips are classified into two parts: 1- Prevention Tips - How to protect yourself from fraud and deception while shopping on the Internet? 2- Tips - What do you do after being deceived? 1- How to protect yo...
Read more

Major internet threats to watch out for in 2023

-
Image
 Introduction Cyber security experts constantly protect computer systems from various cyberthreats. Every day, cyberattackers target public and private networks leading to a diversity of assaults which has grown significantly. There are several reasons for cyberattacks. Money is the major one. A system might be taken offline by a cyberattacker, who would then demand money to make it work again. Attacks known as ransomware—which demand money to be unlocked—are more sophisticated than ever. Cyber assaults target both individuals and corporations, frequently as a result of the personal information people save on their devices and the usage of unsecured public networks. To improve cyber security, it is essential to monitor changing and more frequent cyberattacks.   What is meant by Cyber Security Threats? Any potential harmful assault that aims to gain unauthorized access to data, interfere with digital activities, or contaminate information is referred to as a Cyber...
Read more

Online Safety Guide for High School Students | Antivirus

-
Image
You learn to drive, you learn about universities, you have a boyfriend or a girlfriend for the first time, you go to parties, you make new friends and you enjoy life!  This recently acquired independence comes with new adventures and new experiences.  It's easy to get carried away.  In addition to your classes and extracurricular activities, an introduction to cybersecurity can help you live this new life in complete safety. Cybersecurity Tips Basic Malware Information You have certainly heard of viruses and malware.  But what is it exactly?  Malware is a computer program of a malicious nature.  These programs can get onto your computer by various means.  Once in place, they can get personal information, swallow your essays, or erase your precious vacation photos.  To fight malware, you need to install internet security software on your devices and ignore phishing emails and other online fraud. Basic Phishing Information Phishing is an online frau...
Read more