Read 315 party WiFi can't connect? Tell you what to do-WiFi, router-IT news

Thanks to CCTV, thanks to 315, with 315 evening for two consecutive years, shows how connect Wi-Fi phone is vulnerable. It is to me, a party, and I don't have money, you can change the router whose grass improved home network security, CCTV is extremely virtuous! True story! Or you can try?

What happened is this ~

When show 315 the party grab viewers on the phone ordering information and privacy when wife asks me:

How CCTV see viewers phone the order information, phone numbers? Is CCTV for their mobile phone viruses do? What Butler is installed the software on my phone, CCTV can you see a message on my cell phone?

My lovely wife is firmly put the phone in my hand, for fear of CCTV TV screen access to her private information. And I know the router's opportunity came. Two questions I asked the wife, put her on the road.

Think carefully, who choose good movies mobile seat, sent to the tickets on the server?

Is a micro-film, 50 percent in the afternoon! Wife showing off shook his cell phone. Wrong! Is a router! All information on the mobile phone are sent through a router to the Internet, the router is like a postman, letter to micro-film you send out! Reservations for micro-films will give back to your letter. Oh! Daughter-in-law seems to realize.

So, who is handling your order, packaged to the East for the address and telephone number?

Is a router! Daughter-in-law still lost in thought, I had to answer.

When you put the cell phone or other device when connected to the router can connect to the Internet, all network communication is done through it. That is, in fact, know you browse each page of the router, each submitted a password. Router will not take the initiative to analyze these sites, passwords are. However, with all of the devices in a network environment, all sensitive information that can monitor these through the router, which is why 315 evening, audience mobile phone photos, order information may be intercepted because-they are routers that connect the CCTV.

Once the bad guys, and when you are in the same network, he can do whatever they want to steal your privacy and intercept your password, find your browsing habits and even put a fake website that contains a variety of Trojan horse, trap, disguised as you go to the Web site, deploy a bigger steal, attack plan. And when the bad guys do when you still enter as usual Web site, running the App downloaded from official sources, believe that their Internet access, use the App used to good security, didn't realize the danger has occurred.

That I am not connect CCTV or other router, go out only with 4G network, go home and use my own router, only you and I on the same router, isn't it just fine?

Brides get free privacy risk public routers. It is not! Home wireless router as long as plugged in, will be 24 hours the network signal is spread out. All can receive the signal of the device, as long as you entered the correct password, you can connect to the router.

That's great, our network signal is not good, on my cell phone out of their homes even without Wi-Fi at home, this can worry.

You can put wireless network signal, understood as the human voice, give a shout in the open Valley, because there are no walls to block the sound travels farther than in the room. Even in the room, although the majority of hearing people cannot hear your conversation sound, but the rug like Tony Leung Chiu-Wai plays the tuner in the movies, people who are particularly good hearing.

A wireless router is the same, when most of the equipment for distance or block its signals cannot be received, some high power card can easily pass through a few walls, even a few miles clearly receives its signals. And such a network card in Zhongguancun, Shenzhen huaqiang North, in Taobao, you can easily buy, but only dozens of Yuan. If combined with directional antennas, you stand at the window and eyesight and all buildings are likely to receive your home wireless network signal.

Wi-Fi signal from wall to block diagram

Even if power adapter is able to receive our signal home router password is!

Receive your signals is the first step, and then they can crack the password for your wireless network.

Almost all wireless routers, all have a WPS button, when friends come to visit at home, or buy a new device, home wireless network you want to connect, simply press the WPS button on the router, then this needs to press the WPS button on the networking equipment, we will need to enter the wireless network name and password to directly connect to the router network. The principle is that the router pre-build an 8-bit random number PIN code, whether it is done by pressing the button on the router to match the process, or directly enter the 8-digit PIN code, without WPS feature allows you to enter password to directly connect to the wireless network. This is convenient for the user functions, has not be known by the user, and hardly anyone enjoyed this convenient online service also hides a huge security risk.

In most of the router's settings, whatever the user wants it or not, of the WPS feature is turned on by default. Although the user can see the switch in the settings page, but the router WPS acronym and full name of Wi-Fi Protected Setup and is not stated, because most users don't understand skip.

Though is the number of 8-bit combinations of authentication mechanisms will be the 8-PIN code into the first half 4-yard second half and 4 yards. 4 If the error before, the router will return an error message, that is, we just need to follow 0000 right? 0001 right? 0002 right? This way ask, up to 10,000 times, you can ask the first 4 digits. If there is no error message, it means 4 code is correct before, you can try 4 yards. 4 yards more simple, because the last one is a check code, generated by the front 7 digital, so in fact only 3 numbers to try a total of 1000 combinations.

Which should be as high as 100 million sets of password combinations, reduced to just over 11000 group, dramatically reducing the time needed to crack. Some can be easily downloaded over the network to the PIN-code-cracking software, in a short minutes long but more than 10 hours of time, by exhaustion method each to worked out the correct PIN code required for network network name and password. That is, regardless of you of Wi-Fi password set have has more complex, has more good of regularly replaced router password of habits, but as long as WPS function is open of, on is equal to has has two group can connection router of password, a group is originally of complex password, a group is 8 bit digital password, cracked this group digital password completely no technology content, tool are is ready-made of, pupils are can easily started using.

Therefore, you must turn off the router WPS function, and change your password. Conditions, it is best to replace the router with the manufacturers produced the latest models, most of these new routers for network attack prevention measures.

That router has the WPS feature is turned off is not safe yet?

It is not! Remember, if you turn off the Wi-Fi switch on the phone, mobile phone connection to the router will disconnect. When you turn on the Wi-Fi switch again, phone and the router to connect automatically without the need to enter the password again. Right? But this seemingly normal processes, hidden safety risks. When your wireless devices such as mobile phones, computers, when connected to your router. People with ulterior motives by another can also be easily downloaded to existing tools on your routers flood came in a short time a network request that "hit dizzy" your router, stopped all work to disconnect already connected device and the router.

Cell phones, for example, when the phone is disconnected from the network when found, will again request a connection to the router, then router between the mobile phone and will have four encrypted dialogue to confirm identity, found after is has been connecting qualified equipment will release, allows the device to connect to the router. But the router between the mobile phone and chat information will be captured into a handshake packet file. Run through some crack handshake packet software computers, it can be worked out the real password.

Cracking time depends on password complexity, crack the password to mount a dictionary and computer's GPU computing power. If your wireless password is your phone number, that can almost be second break. If your wireless password or your password is the same, and this site has ever been "dragging", was made into the whole Web site passwords stored in the dictionary file, even if your password is complex and can also be cracked in a short time. Even if your password is not a simple password, nor be used to register, but if this crack shake hands with packets of computer is powerful enough, even distributed computing by multiple computers at the same time, crack your router password is only a matter of time.

For this hack, we are really a safe response. But if we set the router password is long enough and complex enough, no logical connection between the alphanumeric password, and is the only password not common with other network services, will greatly increase the difficulty of cracking and time, perhaps before the bad guys break out, they have given up and turned to the next target.

In addition, we can turn off the feature that automatically assigns IP addresses for the new device and the connected device's IP address and the MAC address of the device is bound. IP addresses are equivalent to numbers, MAC addresses are equivalent to the device ID, if we number and ID binding, reduced the literally anyone can check the numbers, risk of masquerading as a legal residents. All numbers have been issued to legal residents, because no number of new code could not stay in, so that you will be more secure.

In addition, most new routers offer a mobile client, you can always monitor the router's operating status and networking devices, where network traffic anomalies, new equipment added, or when a device is not turned on, when he now has networking list, we will respond quickly.

If you get a new router, off the WPS feature, open MAC address binding, sets a complex diamond password, is it safe?

Supposedly has so carefully, the router should already be safe. But if a connection of your router's family members or friends, similar Wi-Fi key software is installed on the phone, and did not carefully review the software tips click on use, that your password may have already been shared cloud server for all to use. Or their mobile phones to do jailbreak, Root software can get greater control of the operation, also pose a threat to network security in your family.

Therefore, not only to their own good habits, and to forward this post to your friends and family, so that they understand the method of network security knowledge. In addition, some of the latest router has a "guest network" function, you can set a separate network password for a visiting friend. This password will expire within a certain period not only, but also isolated from the network members, effectively reducing the harm due to password leaks.

After reading the article of Balla Balla you will be in for a surprise, me, routers is a unsafe goods, whole infernal in my home "undercover", no I have to return to the era of cable (phone no network interface). Oh, with all that said, actually only alerts you to security awareness, say no more, I bought a new router.

看完315晚会WiFi不敢连了？告诉你应该怎么做 - WiFi,路由器 - IT资讯

感谢央视，感谢315，用连续两年的315晚会，展示了连接无线网络的手机是多么的脆弱。对我来说，一台晚会，就让我不用动小金库，便可换个长草很久的路由器，大幅提升家庭网络安全，央视真是功德无量啊！真事儿！要不你也试试？

事情的经过是这样的~

当315晚会上展示抓取观众手机上的各种订单信息和隐私的时候，媳妇问我：

央视是怎么看到观众手机里的订单信息、电话号码的？是央视给他们的手机装病毒了吗？我手机上安装了什么管家软件，央视能看到我手机上的信息么？

我可爱的媳妇此时正紧紧地把手机握在手中，生怕央视透过电视屏幕调取她的隐私信息。而我，知道换路由器的机会来了。我回问了媳妇两个问题，就把她领上道了。

仔细回想一下，是谁把手机上选好的电影座位，传送到订票服务器上的？

是微信电影，下午场5折！媳妇炫耀地晃了晃手机。错！是路由器！手机上的所有信息都经过路由器发送到网上，路由器就像是个邮递员，把你写给微信电影的信送了出去！又把微信电影将座位保留给你的信取了回来。哦！媳妇似乎恍然大悟的样子。

那么，又是谁经手了你的订单，把地址电话打包发给京东的？

还是路由器！媳妇仍陷入沉思中，我只好抢答了。

当你把手机或者其他能上网的设备连接到路由器上时，所有与网络的通信，都是经由它完成的。也就是说，其实路由器知道你浏览的每一个网页，提交的每一个密码。只是路由器不会主动去分析这些网址啊，密码啊都是什么。但是，同处于一个网络环境下的所有设备，其实都能监控到这些经由路由器的敏感信息，这也就是为什么315晚会上，观众们的手机相片、订单信息会被截获的原因——他们都连接了央视的路由器。

而一旦坏人和你处于同一个网络里时，他就能为所欲为，窃取你的隐私，截获你的密码，发现你的浏览习惯，甚至把一个包含了各种木马、陷阱的假网站，伪装成你常去的网站，部署更大的窃取、攻击计划。而当坏人这么做的时候，你还和往常一样输入着网站的网址，运行着从官方渠道下载回来的App，认为自己的上网、使用App的习惯很好很安全，丝毫没意识到危险已经发生。

那我不连接央视或者别人的路由器，出门只用4G网络，回家用我自己的路由器，只有你才和我在同一个路由器里，是不是就没事了？

显然媳妇已经明白了连接免费公共路由器会带来隐私泄露的风险。并不是！家里的无线路由器只要接通电源，就会24小时不间断地将网络信号扩散出去。而所有能接收到这个信号的设备，只要输入了正确的密码，就能连接到路由器上了。

那太好了，咱家的网络信号不好，我的手机出了家门就连不上家里的Wi-Fi了，这下可以不用担心了。

你可以把无线网络信号，理解为人的声音，在空旷的山谷里喊一声，因为没有墙壁的阻挡，声音会比在房间里传播得远。即便是在房间里，虽然大多数听力正常的人无法听清楚你们轻声交谈的声音，但却瞒不过像电影里梁朝伟饰演的调音师那样，听力特别好的人。

无线路由器也是一样，当大多数设备因为距离较远，或有阻隔无法接收到它的信号时，有些大功率网卡却可以轻松地穿越几道墙，甚至在几公里以外清晰地接收它的信号。而这样的一块网卡，在中关村，在华强北，在淘宝，可以轻松买到，不过几十元钱而已。如果再配合定向天线，基本上你站在窗口，目力能及的所有建筑里都有可能接收到你家里的无线网络信号。

Wi-Fi信号受墙体阻隔示意图

就算大功率网卡能接收到咱家的信号，可家里的路由器有密码啊！

接收到你的信号是第一步，然后他们便可以破解你的无线网络密码了。

几乎所有无线路由器上，都有一个WPS按钮，当朋友来家中做客，或者买了一个新设备，需要连接家里的无线网络时，只需要在路由器上按一下这个WPS按钮，再在这台需要联网的设备上按一下WPS按钮，便可以不用输入无线网络名称和密码直接连接路由器联网。其原理是路由器预先生成一个8位的随机数字PIN码，无论是通过按路由器上的按钮来完成密码匹配过程，还是直接输入这8位PIN码，WPS功能可以让你无需输入密码直接连接无线网络。这原本是为用户带来极大方便的功能，不但并没有被用户熟知，几乎没人享受过这种便捷的联网服务，还隐藏了巨大的安全隐患。

在大部分路由器的设置里，不管用户需要与否，WPS功能都是默认打开的。尽管用户在设置页面里可以看到这个开关，但路由器对于WPS的缩写和Wi-Fi Protected Setup的全称并没有加以说明，大部分用户因为看不懂而直接跳过。

虽然是8位数的组合，但验证机制会将8位PIN码分成前半4码和后半4码。前4码如果错误的话，路由器就会直接返回错误讯息，也就是说，我们只需要按照0000对不对？0001对不对？0002对不对？这样的方法问下去，最多10000次，就能问出这前4位数字。一旦没有错误讯息，就表示前4码是正确的，便可以尝试后4码。后4码更简单，因为最后一位是检查码，由前面7个数字产生，因此实际上要试的只有3个数字，共1000个组合。

这使得原本最高应该可达一亿组的密码组合，缩减到仅剩11000组，大幅降低破解所需的时间。借助一些可以在网络上轻易下载到的PIN码破解软件，就能在短则几分钟，最长不过十几个小时的时间里，通过穷举法逐个尝试，破解出正确的PIN码，获得联网所需的网络名称和真实密码。也就是说，无论你的Wi-Fi密码设置得有多复杂，有着多好的定期更换路由器密码的习惯，但只要WPS功能是打开的，就等于有了两组可以连接路由器的密码，一组是原本的复杂密码，一组是8位数字密码，破解这组数字密码完全没有技术含量，工具都是现成的，小学生都能轻易上手使用。

所以，你必须马上关闭路由器的WPS功能，并重新更换密码。有条件的话，最好将路由器更换为大厂出品的最新型号，这些新款路由器对于大多数网络攻击都有防范措施。

那把路由器的WPS功能关闭了不就安全了吗？

并不是！回想一下，假如你在手机上关闭了Wi-Fi开关，手机与路由器的连接就会断开。再次打开Wi-Fi开关时，手机会和路由器自动连接，而不需要再次输入密码。没错吧？但这看似再正常不过的过程，也隐藏着安全隐患。当你的手机、电脑等无线设备，连接到了你的路由器的时候。别有用心的人可以通过另外一个同样能轻易下载到的现成工具，对你的路由器在短时间内发起如洪水般袭来的网络请求，“砸晕”了你的路由器，停止了一切工作，让原本已经连接的设备与路由器断开。

以手机为例，当手机发现网络断开后，会再次请求与路由器建立连接，这时路由器和手机之间会产生四次经过加密的对话来确认身份，发现是已经具有连接资格的设备后就会放行，允许设备重新连接到路由器上。但路由器和手机之间的对话信息会被捕获成一个握手包文件。通过一些运行了破解握手包软件的电脑，就可以破解出真实密码。

破解的时间取决于密码的复杂程度、破解密码时挂载的字典和电脑的GPU运算能力。如果你的无线密码是你的手机号码，那几乎可以被秒破。如果你的无线密码和你的某网站密码是同一个，而这个网站又曾经被“拖库”，整个网站存储的密码都被做成了字典文件的话，即便你的密码很复杂，同样也能在短时间内被破解。就算你的密码既不是简单密码，也不曾被用于网站注册，但如果这台破解握手包的电脑足够强大，甚至是由多台电脑同时进行分布式计算的话，破解你的路由器密码也只是时间问题。

对于这种破解方式，我们真的没什么绝对安全的应对办法。但如果我们把路由器的密码设置得足够长，足够复杂，密码字母数字之间无逻辑关联，并且是唯一的密码，不与其他网络服务通用的话，会极大地增加破解的难度和时间，或许在坏人破解出来前，他们就已经放弃，转向下一个目标了。

另外，我们可以关闭为新设备自动分配IP地址的功能，并将已连接设备的IP地址与设备的MAC地址进行绑定。IP地址相当于门牌号码，MAC地址相当于设备的身份证，如果我们把门牌号码和身份证绑定，就降低了随便谁都能入住这个门牌号码，伪装成合法居民的风险。而所有门牌号码都已经发给了合法居民，新来的因为没有门牌号码无法入住进来，这样就会更加安全一些。

另外，大多数新路由器都提供了手机客户端，可以随时监控路由器的运行状态和联网设备，当发现网络流量异常、有新设备加入进来，或者明明某个没有开机的设备居然出现在已经联网的列表里时，我们就要迅速做出应对了。

那如果换了新路由器，关了WPS功能，开了MAC地址绑定，设置了复杂的金刚密码，是不是就安全了？

按说已经如此小心了，路由器应该已经很安全了。但如果某个连接过你路由器的家庭成员或朋友，在手机上安装了类似Wi-Fi钥匙的软件，且没仔细查看软件提示就点击使用了，那你的密码或许已经被分享到了云端服务器上供所有人使用了。或者他们的手机做过越狱、Root等让软件可以获得更高控制权限的操作，同样也会威胁到你家里的网络安全。

所以，不仅要自己养成良好的使用习惯，也要将这篇稿子转发给你的家人朋友，让他们也了解网络安全的方法知识。另外，一些最新的路由器都具有“访客网络”的功能，可以为来访的朋友设置一个单独的联网密码。这个密码不仅会在一定时间内失效，而且还能与网络成员进行隔离，有效降低因为密码泄露而造成的危害。

看完了巴拉巴拉的文章你会一惊，我擦，路由器根本就是个不安全的货啊，在我家里整个一个无间道“卧底”，难不成我得退回到网线时代（手机也没网口啊）。唉，说了这么多，其实也只能提醒大家尽量提高安全意识，不多说了，我下单买新路由器去了。