Secure 你的 Wireless Connection

Wireless networks use radio frequencies to transmit and receive data. This means that someone walking, 开车, or flying by can easily tap into your unsecured wireless connection without your knowing it. 事实上, armed with the right tools – and these are readily available -- some people virtually stalk areas for an open wireless access point (WAP).

Wireless users should use all available security features and tools at their disposal to prevent unauthorized use of their computers, 账户还是智能手机. Some of these are listed below:

When you are not receiving or transmitting, it is safer to disable your wireless card 在你的电脑上 and WAP thereby making access impossible to a would-be intruder.

水渍险2 stands for Wi-Fi Protected Access version 2, the current official Institute of Electrical and Electronics Engineers (IEEE) standard. 它是基于802.11i security standard and is more secure than 水渍险 by using the Advanced Encryption Standard (AES) for encryption. If your wireless card is not 水渍险2 compatible, check with the vendor to see if it's upgradeable, or consider buying an external wireless card.

Avoid sending data in clear text (i.e., unencrypted) or using weak encryption (WEP). If you cannot use 水渍险2, then enable 水渍险 使用强键(i).e., difficult to guess; at least 20 characters) instead. Remember to change your key regularly.

Select the following links for definitions of 保密个人专有的 data. Contact your departmental ITC for encryption instructions.

雇佣私人保镖 防火墙 在你的电脑上.

关闭文件共享.

For any transmission requiring a password, always use encryption like a secured sockets layer (SSL)或安全壳(SSH). Use these modes for any transmission. Heed all security warnings and make certain your browser verifies valid SSL certificates.

Use e-mail protocols that are SSL enabled.

Employ media access control (MAC) address filtering to ensure that the WAP only communicates with certain wireless devices (i.e., register the MAC address on your wireless card with the WAP, which should “talk” to only the cards registered to it). Using MAC address filtering is not a guarantee of full security because MAC addresses can be copied (i.e.“欺骗”). However, using MAC does make access by unauthorized persons more difficult.

When remotely connecting to the campus, use a VPN connection to securely access campus resources. 

Harden (strengthen) all security systems on your equipment (i.e., use strong 密码; authenticate access where possible; etc.).

Instant messages are generally transmitted as clear text making login scripts, 密码, 信用卡号, other 保密 information more accessible.

Change the default service set identifier (名称), the wireless network name, to one that is difficult to guess. Prohibit the broadcast of the 名称 so that it does not indicate its availability for use. 如果可能的话, change your WAP’s default channel addresses: set your WAP to receive, 但不是为了广播.

Disable Dynamic Host Configuration Protocol (DHCP) so that the IP address would need to be configured manually on your laptop. Or, as an alternative, change the default DHCP address range.

你的 网络路由器 可以设置为阻止访问吗. 路由器, 或者任何接入点, should require strong 密码 in order to access administrative functions. Disallow wireless access to these administrative functions.