Справочник Пользователя для Microsoft Corporation MN700
Chapter 5: Network Management 35
Filename: G_Ch5_Sec_BS.doc Project: H1_top
Template: BBN_A5_1col_ltr_fix.dot Author: ArleneR Last Saved By: S&T
Revision #: 16 Page: 35 of 4 Printed: 06/21/03 11:24 PM
Help Protect Your Network from Hackers
The Microsoft Wireless Base Station provides network address translation (NAT) and a
firewall to help secure your system from hacker attacks over the Internet.
firewall to help secure your system from hacker attacks over the Internet.
NAT hides the Internet protocol (IP) addresses of the computers on a network from the
Internet so that only the base station IP address is visible. Without the IP address, it is
more difficult for hackers to access the computers on your network.
Internet so that only the base station IP address is visible. Without the IP address, it is
more difficult for hackers to access the computers on your network.
The firewall specifies what information can be communicated from the computers on
your network to the Internet, and from the Internet to the computers on your network.
Like an actual firewall built to prevent fire from spreading between adjoining buildings,
computer firewalls help prevent the spread of unauthorized communication between
an individual computer or group of networked computers and the Internet.
your network to the Internet, and from the Internet to the computers on your network.
Like an actual firewall built to prevent fire from spreading between adjoining buildings,
computer firewalls help prevent the spread of unauthorized communication between
an individual computer or group of networked computers and the Internet.
If you are using the base station as an access point only, NAT and the firewall are
disabled. In this case, you should make sure that another device on your network
provides a firewall and NAT for your network.
disabled. In this case, you should make sure that another device on your network
provides a firewall and NAT for your network.
Help Protect Your Network from Unauthorized Access
Because wireless networks use radio signals, it is possible for other wireless network
devices outside your immediate area to pick up the signals and either connect to your
network or capture the network traffic. To help prevent unauthorized connections or
the possibility of eavesdroppers listening in on your network traffic, do the following:
devices outside your immediate area to pick up the signals and either connect to your
network or capture the network traffic. To help prevent unauthorized connections or
the possibility of eavesdroppers listening in on your network traffic, do the following:
O
Place the base station toward the center of your home. This decreases the strength
of the signal outside your home.
of the signal outside your home.
O
Use media access control (MAC) filtering. You can use MAC filtering to grant or deny
users the ability to connect to your network based on the MAC addresses of the
adapters they are using. For information about MAC filtering, see Broadband
Network Utility Help.
users the ability to connect to your network based on the MAC addresses of the
adapters they are using. For information about MAC filtering, see Broadband
Network Utility Help.
O
Enable wireless security on your network. You can enable two types of wireless
security on your base station:
security on your base station:
O
Wired Equivalent Privacy (WEP). WEP provides 64-bit or 128-bit encryption. When
you enable WEP, you establish a WEP key that scrambles or “encrypts” the data
being transmitted between wireless nodes so that it is decipherable only by
computers that have the WEP key. In addition, only users who know the network
WEP key can join your network and use your Internet connection.
you enable WEP, you establish a WEP key that scrambles or “encrypts” the data
being transmitted between wireless nodes so that it is decipherable only by
computers that have the WEP key. In addition, only users who know the network
WEP key can join your network and use your Internet connection.
O
Wi-Fi Protected Access™ (WPA). Like WEP, WPA provides data encryption and
enforces user authentication. When you enable WPA, however, you establish a
WPA passphrase instead of a key. Although WPA is a more sophisticated form of
encryption than WEP, you can only enable it on computers running Windows XP
operating system with Service Pack 1 installed and the WPA Support Patch. You
can download the Windows XP Support Patch for WPA at
www.support.microsoft.com.
enforces user authentication. When you enable WPA, however, you establish a
WPA passphrase instead of a key. Although WPA is a more sophisticated form of
encryption than WEP, you can only enable it on computers running Windows XP
operating system with Service Pack 1 installed and the WPA Support Patch. You
can download the Windows XP Support Patch for WPA at
www.support.microsoft.com.
Note You cannot enable both types of wireless security on your network. You must
choose either WEP or WPA. If you decide to enable WPA, make sure all the clients on
your network meet the specified system requirements.
choose either WEP or WPA. If you decide to enable WPA, make sure all the clients on
your network meet the specified system requirements.
For more information about WEP and WPA, see Broadband Network Utility Help.