Ukuqonda izinsongo nendlela yokuvikela inethiwekhi yakho ngokumelene nabo
Okuhle Ngenani
Ukunethezeka kwamanethiwekhi angenantambo angena ngentengo nokho. Ukufinyelela kwenethiwekhi yocingo kungalawulwa ngoba idatha iqukethe ngaphakathi kwekhamera exhuma ikhompuyutha kumshini. Ngenethiwekhi engenazintambo, i-"cabling" phakathi kwekhompyutheni kanye nomshini ubizwa ngokuthi "umoya", noma iyiphi idivayisi engaphakathi ingafinyelela. Uma umsebenzisi angakwazi ukuxhuma ngephoyinti lokufinyelela elingenazintambo kusuka kumamitha angu-300 kude, khona-ke ngombono ukuze omunye umuntu angene engxenyeni engamamitha angu-300 engenazintambo ezingenazintambo.
Ukusongela kokuvikeleka kwenethiwekhi okungenantambo
- I-Rogue WLAN's - Kungakhathaliseki ukuthi ibhizinisi lakho linenethiwekhi engenazintambo ezivumelekile ngokomthetho noma cha, ama-routers angenantambo angabizi kakhulu, futhi abasebenzisi abafuna ukuxhuma bangase baxhume imishini engagunyaziwe kwinethiwekhi. Lezi zinethiwekhi ezingenantambo ezingenakuxhumana zingase zivikeleke noma zivikeleke ngendlela engafanele futhi zibeke ingozi kwinethiwekhi enkulu.
- Ukuthungatha ukuxhumana kwangaphakathi - Ukuhlaselwa okuvela ngaphandle kwenethiwekhi ngokuvamile kungabonakaliswa kanjalo. Uma umhlaseli angakwazi ukuxhuma ne-WLAN yakho, angakwazi ukususa ukuxhumana okubonakala sengathi avela ezizindeni zangaphakathi. Abasebenzisi banamathuba amaningi okuthemba nokusebenza ekuxhumaneni kwangaphakathi okungahleliwe.
- Ukwebiwa Kwezinsiza Zenethiwekhi - Ngisho noma intruder ingahlaseli amakhompyutha wakho noma idibanise idatha yakho, ingaxhuma ku-WLAN yakho iphinde ikhiphe umkhawulokudonsa wakho wenethiwekhi ukuze igqoke iWebhu. Bangakwazi ukusebenzisa umkhawulokudonsa ophezulu otholakala kumanethiwekhi amanengi webhizinisi ukulanda umculo namavidyo kliphu, usebenzisa izinsiza zakho zenethiwekhi eziyigugu futhi uthinte ukusebenza kwenethiwekhi kubasebenzisi bakho abavumelekile.
Ukuvikela Inethiwekhi Yakho kusuka ku-WLAN Yakho
Ukuphepha okuthuthukisiwe kuyisizathu esihle kakhulu sokusetha i-WLAN yakho ku-VLAN yayo. Ungavumela wonke amadivayisi angenantambo ukuba axhumane ne-WLAN, kodwa uvikele lonke inethiwekhi yakho yangaphakathi kunoma yiziphi izinkinga noma ukuhlaselwa okungase kwenzeke kunethiwekhi engenantambo.
Ukusebenzisa i-firewall, noma i-router ACL (uhlu lokulawula ukufinyelela), ungakwazi ukuvimbela ukuxhumana phakathi kwe-WLAN nayo yonke inethiwekhi. Uma uxhuma i-WLAN kunethiwekhi yangaphakathi nge-proxy web noma i-VPN, ungakwazi ngisho nokuvimbela ukufinyelela ngamadivaysi angenawaya ukuze bakwazi ukusakaza i-Web kuphela, noma bavunyelwe ukufinyelela kumafolda athile noma izinhlelo zokusebenza.
Ukufinyelela okuvikelekile kwe-WLAN
Ukubethela okungenantambo
Enye yezindlela zokuqinisekisa ukuthi abasebenzisi abangagunyaziwe abafaki ukuxhuma kunethiwekhi yakho engenantambo ukubethela idatha yakho engenawaya. Indlela yokuqala yokubethela, i-WEP (ubumfihlo obulinganayo obunamathele), itholakale ibe yiphutha eliyisisekelo. I-WEP incike kusihluthulelo esabelwe, noma iphasiwedi, ukukhawulela ukufinyelela. Noma ubani owazi ukhiye we-WEP angajoyina inethiwekhi engenantambo. Kubekho indlela okwakhiwa ngayo ku-WEP ukuze ushintshe ngokuzenzakalelayo ukhiye, futhi kukhona amathuluzi atholakalayo angaphaza ukhiye we-WEP ngamaminithi, ngakho ngeke kuthathe isikhathi eside ukuthi umhlaseli afinyelele kwinethiwekhi ye-wireless ye-WEP-encrypted.
Ngesikhathi ukusebenzisa i-WEP kungase kube ngcono kangcono kunokusebenzisa ukubethela okungekho nhlobo, akuvumelekile ukuvikela inethiwekhi yebhizinisi. Isizukulwane esilandelayo sokubethela, i-WPA (Wi-Fi Protect Access), yenzelwe ukusebenzisa isiphakeli sokuqinisekisa sokugunyaza esingu-802.1X, kodwa singasebenza ngendlela efanayo ne-WEP ku-PSK (I-Pre-Shared Key mode). Ukuthuthukiswa okuyinhloko kusuka ku-WEP kuya ku-WPA kusetshenziswa i-TKIP (Temporal Key Integrity Protocol), eguqulela ukhiye wokuvimbela uhlobo lwezindlela zokuqhekeka ezisetshenziselwa ukuchofoza ukubethela kwe-WEP.
Ngisho noma i-WPA yayiyindlela ye-band-aid noma kunjalo. I-WPA yayiwumzamo we-hardware engenawaya kanye nabathengisi be-software ukuze basebenzise ukuvikeleka okwanele ngenkathi balinde indinganiso esemthethweni engu-802.11i. Ifomu lesimanje kakhulu lokubethela yi-WPA2. Ukubethela kwe-WPA2 kunikeza izindlela eziningi eziyinkimbinkimbi futhi ezivikelekile kuhlanganise ne-CCMP, esekelwe ku-algorithm ye-AES yokubethela.
Ukuze uvikele idatha engenazintambo ekutholeni futhi uvimbele ukufinyelela okungagunyaziwe kunethiwekhi yakho engenantambo, i-WLAN yakho kufanele ihlelwe okungenani ngekhodi ye-WPA, futhi ngokukhethekile ukubethela kwe-WPA2.
Ukuqinisekiswa okungenantambo
Ngaphandle nje kokubethela idatha engenazintambo, i-WPA ingaxhuma nge-802.1X noma i-RADIUS amaseva wokuqinisekisa ukuqinisekisa indlela yokuphepha yokufinyelela ku-WLAN. Lapho i-WEP, noma i-WPA kwimodi ye-PSK, ivumela ukufinyelela okungaziwa muntu noma ubani onokhiye ofanele noma iphasiwedi, i-802.1X noma i-RADIUS ukuqinisekiswa kudinga ukuthi abasebenzisi babe namagama okusebenzisa okusemthethweni namagama wephasiwedi noma isitifiketi esivumelekile ukungena kwinethiwekhi engenazintambo.
Ukufuna ukuqinisekiswa kwe-WLAN kunikeza ukuphepha okwandisiwe ngokukhawulela ukufinyelela, kodwa futhi kunikeza umgodi kanye nomzila wezombusazwe ukuphenya uma kukhona okusolisayo okuqhubekayo. Ngenkathi inethiwekhi engenazintambo esekelwe ukhiye okwabiwe ungangena ngemvume i-MAC noma ikheli le-IP, lolo lwazi alusizo kakhulu uma kuziwa ekunqumeni imbangela eyisisekelo yenkinga. Ukugcinwa kwemfihlo kanye nobuqotho obuhlinzekwayo nakho kunconywa, uma kungadingekile, izigunyazo eziningi zokuthobela ukuphepha.
Nge-WPA / WPA2 ne-802.1X noma i-RADIUS isiqinisekiso sevava, izinhlangano zingasebenzisa izivumelwano ezihlukahlukene zokuqinisekisa, njenge-Kerberos, i-MS-CHAP (i-Microsoft Challenge Handshake Authentication Protocol), noma i-TLS (Transport Layer Security), futhi isebenze izindlela zokuqinisekisa ubuqiniso ezifana namagama womsebenzisi / amaphasiwedi, izitifiketi, ukuqinisekiswa kwe-biometric, noma amaphasiwedi wesikhathi esisodwa.
Amanethiwekhi angenazintambo angathuthukisa ukusebenza kahle, athuthukise ukukhiqiza futhi enze inethiwekhi engcono kakhulu, kepha uma engasebenzi kahle angabuye abe isithende se-Achille sokuphepha kwenethiwekhi yakho futhi aveze yonke inhlangano yakho ukuyekethisa. Thatha isikhathi sokuqonda izingozi, nokuthi ungalondoloza kanjani inethiwekhi yakho engenazintambo ukuze inhlangano yakho ingakwazi ukuthuthukisa ukuxhumana okungenaxhunyiwe ngaphandle kokudala ithuba lokuphulwa kokuphepha.