6 li bo mt Wi-Fi d mc nht

Trong bi vit ny chng ti s lit k 6 li bo mt Wi-Fi ln nht m ngi

dng thng mc phi vi mc ch gip cc bn trnh v bo v mng khng dy ca mnh tt hn.

Mng khng dy cung cp rt nhiu s thun tin trong s dng. Mc d vy, ngc li vi s thun tin trong s dng l nhng phc tp trong vn bo mt. y l 6 li bo mt in hnh nht m chng ta hay mc phi khi thit lp v s dng mt mng khng dy. Trnh c vn ny, mng v d liu ca bn s c an ton hn.

li

bo

mt

Wi-Fi

in

hnh

1. Khng m ha hoc ch s dng bo mt WEP khng an ton Vic m ha mng khng dy rt cn thit v hai l do: khng cho php ngi dng khng xc thc kt ni vi mng v ngn chn hin tng nghe trm lu lng Internet. Nu ngi dng ngu nhin c th kt ni vi mng, h c th truy cp cc th mc chia s ca bn hay cc ti nguyn mng khc. Nu c th nghe trm, h c th capture mt khu hoc chim quyn iu khin website hay cc ti khon dch v c ng nhp khng s dng m ha SSL. Cn nh rng m ha WEP hin khng an ton v n c th b crack mt cch d dng. Ti thiu nht bn cng nn s dng WPA-PSK hoc WPA2-PSK. Hai ch bo mt ny s m ha lu lng v ngn chn hin tng truy cp tri php. Mc d vy chng vn d b tn cng trc cc tn cng brute force, v vy hy to v s dng mt khu m ha mnh (passphrase). S dng mt khu di (ln n 63 k t) v trn ln cc k t, ch s, cc k t c bit, 2. Khng s dng bo mt WAP2-Enterprise vi xc thc 802.1X

Tt c cc mng khng dy c s dng bi cc t chc v doanh nghip c nhiu nhn vin nn s dng ch bo mt WPA-Enterprise. Ch bo mt ny yu cu mt my ch ring (my ch ny c gi l RADIUS server) thc hin xc thc 802.1X, tuy nhin mt s trng hp c th s dng cc im truy cp c h tr chc nng RADIUS server i km. Ngoi ra cng c nhiu dch v (chng hn nh AuthenticateMyWiFi) tr gip ton b qu trnh ny. Ch Enterprise ny gip tng bo mt v cho php bn qun l s truy cp tt hn i vi cc mng Wi-Fi. Thay v phi s dng cng mt mt khu trn tt c cc my tnh v thit b truy cp khng dy, bn c th gn cho mi ngi dng mt ti khon ring hay mt chng ch s ring m h phi s dng kt ni. V vy, khi mt nhn vin no ri cng ty hoc mt thit b no b mt, bn ch phi thay i mt ti khon. Nu s dng ch WPA-Personal, bn phi thay i mt khu trn tt c cc im truy cp, my tnh v thit b ca mnh.

Ch WPA-Enterprise cng ngn chn ngi dng trn mng khng dy nghe trm lu lng ca ngi dng khc. Khng ging nh trng hp s dng ch Personal, ngi dng khng th s dng cc ng dng phn mm hacker capture mt khu cng nh chim quyn iu khin ti khon ca nhng ngi dng khc. 3. Khng bo mt cc thit lp 802.1X client

Nu ang s dng ch WPA-Enterprise, bn nn cu hnh tt c cc ti khon ngi dng vi mc bo mt hon chnh ngn chn cc tn cng man-in-the-middle. Trong cc thit lp EAP ca my khch (chng hn nh Windows), bo m n phi c thit lp hp l ha chng ch my ch, a ch my ch cn c t sn v chn chng ch CA gc. 4. Tin tng vo vic lc a ch MAC

Tnh nng lc a ch MAC lun c cung cp trong cc router v im truy cp khng dy. N cho php bn nh ngha danh sch cc my tnh v thit b c php hay khng c php kt ni, da trn a ch MAC ca cc thit b. Mc d vy, a ch MAC vn c th b lm gi mt cch d dng. Ai c th bit mt a ch MAC no l xc thc v sau thay i a ch MAC trn my tnh ca h ging vi a ch MAC xc thc th hon ton c th kt ni. Khng bao gi s dng lc a ch MAC trn mng khng dy khng c m ha. Bn c th hnh dung, nu khng cho php ngi khc truy cp mng nhng mng ca bn khng c m ha th n vn c th b nghe trm. Nu s dng m ha, bn c th s dng lc a ch MAC qun l my tnh hay thit b no m ngi dng xc thc kt ni vi mng khng dy. 5. Tin tng vo cc SSID n

Cc router v im truy cp khng dy cho php bn n tn mng (SSID). y l chiu khng cho ngi l pht hin c mng ca bn, tuy nhin SSID vn xut hin trong mt s gi d liu. H hon ton c th s dng cng c c bit (min ph v d kim) nhanh chng pht hin ra SSID n ca bn. Bin php ny ch bt mt c ngi dng thng thng ch khng h ngn chn c cc hacker. C th cho rng vic n SSID ging nh vic trang b thm mt lp bo mt khc gy kh khn cho nhng k tn cng nhng cn lu rng, cch thc ny lm cho vic s dng mng tr nn kh khn hn cng nh gim hiu sut mng. iu ny l v bn phi to th cng mt profile trn cc my tnh v thit b ca mnh, do khng th nhn thy chng v kch kt ni. Vn ny cng lm pht sinh thm rt nhiu d liu khng ng c trn mng, v tnh lm gim bng thng mng. 6. Khng hn ch SSID m nhn vin c th kt ni n

Mt trong nhng vn bo mt thng b b st l ngi dng c th kt ni mt cch d dng vi cc tn hiu khng dy khc. Cc tn hiu ny c th c pht i t mt router Wi-Fi khng an ton, thuc mt t chc khc hay do hacker thit lp ln nh cp cc chng ch ngi dng. Ngi dng c th kt ni mt cch c ch tm, v d nh mun trnh hnh ng lc web, hay khng h c ch tm. Tuy nhin d trong bt c trng hp no, n cng u c th phi by my tnh hoc thit b ca bn trc nhng k c mu xu. Trong Windows Vista v cc phin bn mi, bn c th t gii hn cho SSID c th nhn v kt ni mng thng qua lnh netsh wlan t Command Prompt. Cch thc ny khng th thc hin trong Windows XP. V cn bo m rng cc thit lp c cu hnh cho php t ng kt ni vi cc mng c sn v xa cc mng khc khi danh sch cc mng a thch.