Khonzani kuwo wonke umuntu, bangane abathandekayo!
Namuhla sizokhuluma ngendlela yokuguqula i-router evamile ibe irutha ezohlinzeka wonke amadivayisi akho axhunyiwe ngoxhumano lwe-inthanethi olungaziwa.
Asambe!
Ungafinyelela kanjani inethiwekhi nge-DNS, ungamisa kanjani ukuxhumana okubethelwe unomphela ku-inthanethi, ungavikela kanjani umzila wakho wasekhaya - namanye amathiphu awusizo ozowathola esihlokweni sethu.
Ukuze uvimbele ukucushwa komzila wakho ekulandeleleni ubuwena, kufanele ukhubaze izinsiza zewebhu zedivayisi yakho ngokusemandleni akho futhi uguqule i-SSID ezenzakalelayo. Sizokhombisa ukuthi singakwenza kanjani lokhu sisebenzisa iZyxel njengesibonelo. Namanye ama-routers isimiso sokusebenza siyefana.
Vula ikhasi lokumisa lerutha esipheqululini sakho. Ukuze wenze lokhu, abasebenzisi bamarutha e-Zyxel badinga ukufaka “my.keenetic.net” kubha yekheli.
Manje kufanele unike amandla ukuboniswa kwemisebenzi eyengeziwe. Ukuze wenze lokhu, chofoza amachashazi amathathu ekhoneni eliphezulu kwesokudla lesixhumi esibonakalayo sewebhu bese uchofoza inkinobho yenketho ethi "Advanced View".
Iya kumenyu ethi “Wireless | I-Radio Network" futhi esigabeni "Inethiwekhi Yomsakazo" faka igama elisha lenethiwekhi yakho. Kanye negama lefrikhwensi engu-2,4 GHz, ungakhohlwa ukushintsha igama lefrikhwensi engu-5 GHz. Cacisa noma yikuphi ukulandelana kwezinhlamvu njenge-SSID.
Bese uya kumenyu "Inthanethi | Vumela Ukufinyelela". Susa ukumaka amabhokisi aphambi kokuthi "Ukufinyelela i-inthanethi nge-HTTPS kunikwe amandla" kanye "nokufinyelela i-inthanethi kumidiya yakho yesitoreji ngezinketho ezinikwe amandla ze-FTP/FTPS". Qinisekisa izinguquko zakho.
Ukwakha ukuvikelwa kwe-DNS
Okokuqala, shintsha i-SSID yomzila wakho
(1). Bese kuzilungiselelo ze-DNS cacisa iseva ye-Quad9
(2). Manje wonke amaklayenti axhunyiwe aphephile
Irutha yakho kufanele futhi isebenzise enye iseva ye-DNS, njenge-Quad9. Inzuzo: uma le sevisi ilungiselelwe ngokuqondile kumzila, wonke amaklayenti axhunywe kuyo azofinyelela i-inthanethi ngokuzenzakalelayo ngale seva. Sizochaza ukucushwa futhi sisebenzisa i-Zyxel njengesibonelo.
Ngendlela efanayo njengoba kuchazwe esigabeni esandulele ngaphansi kokuthi "Ukushintsha igama le-router ne-SSID", iya ekhasini lokucushwa le-Zyxel bese uya esigabeni "Inethiwekhi ye-Wi-Fi" kuthebhu ethi "Iphoyinti Lokufinyelela". Lapha, hlola indawo yokuhlola ethi "Fihla i-SSID".
Iya kuthebhu ethi “DNS Server” bese uvula inketho ethi “DNS Server Address”. Emgqeni wepharamitha, faka ikheli le-IP "9.9.9.9".
Ukusetha ukuqondisa kabusha unomphela nge-VPN
Uzofinyelela ukungaziwa okwengeziwe ngoxhumo oluhlala njalo lwe-VPN. Kulokhu, akusadingeki ukhathazeke ngokuhlela ukuxhumana okunjalo kudivayisi ngayinye ngayinye - iklayenti ngalinye elixhunywe kumzila lizofinyelela ngokuzenzakalelayo Inethiwekhi ngoxhumano oluvikelekile lwe-VPN. Kodwa-ke, ngenxa yale njongo uzodinga enye i-firmware ye-DD-WRT, okufanele ifakwe kumzila esikhundleni se-firmware evela kumenzi. Le softhiwe iyahambisana namarutha amaningi.
Isibonelo, irutha yeNetgear Nighthawk X10 yeprimiyamu inosekelo lwe-DD-WRT. Nokho, ungasebenzisa irutha engabizi, njenge-TP-Link TL-WR940N, njengendawo yokufinyelela ye-Wi-Fi. Uma usukhethile umzila wakho, uzodinga ukunquma ukuthi iyiphi isevisi ye-VPN ongayithanda. Esimweni sethu, sikhethe inguqulo yamahhala ye-ProtonVPN.
Ifaka enye i-firmware
Ngemva kokufaka i-DD-WRT, shintsha iseva ye-DNS yedivayisi ngaphambi kokumisa uxhumano lwe-VPN.
Sizochaza ukufakwa sisebenzisa irutha ye-Netgear njengesibonelo, kodwa inqubo iyafana kwamanye amamodeli. Landa i-firmware ye-DD-WRT futhi uyifake usebenzisa umsebenzi wokuvuselela. Ngemva kokuqalisa kabusha, uzozithola uku-interface ye-DD-WRT. Ungakwazi ukuhumushela uhlelo olimini lwesiRashiya ngokukhetha okuthi “Administration | Ukuphatha | Ulimi" inketho "Russian".
Iya kokuthi “Setha | Ukusetha okuyisisekelo" kanye nepharamitha ye-"Static DNS 1" faka inani elithi "9.9.9.9".
Futhi hlola izinketho ezilandelayo: “Sebenzisa i-DNSMasq ye-DHCP”, “Sebenzisa i-DNSMasq ye-DNS” kanye “ne-DHCP-Authoritative”. Londoloza izinguquko ngokuchofoza inkinobho ethi "Londoloza".
Ku-“Setup | IPV6" khubaza "IPV6 Support". Ngale ndlela uzovimbela ukungadalulwa kwamagama ngokuvuza kwe-IPV6.
Amadivayisi ahambisanayo angatholakala kunoma yisiphi isigaba samanani, isibonelo i-TP-Link TL-WR940N (cishe ama-ruble angu-1300)
noma Netgear R9000 (cishe 28 rub.)
I-Virtual Private Network (VPN) Ukucushwa
Yethula iKlayenti le-OpenVPN (1) ku-DD-WRT. Ngemva kokufaka idatha yokufinyelela kumenyu ethi "Isimo", ungabheka ukuthi umhubhe wokuvikela idatha wakhiwe yini (2)
Empeleni, ukuze usethe i-VPN, udinga ukushintsha izilungiselelo ze-ProtonVPN. Ukucushwa akuyona into encane, ngakho landela izikhombisi-ndlela ngokucophelela. Ngemva kokubhalisa kuwebhusayithi ye-ProtonVPN, kuzilungiselelo ze-akhawunti yakho, landa ifayela le-Ovpn ngamanodi ofuna ukuwasebenzisa. Leli fayela liqukethe lonke ulwazi oludingekayo lokufinyelela. Kwabanye abahlinzeki besevisi, uzothola lolu lwazi kwenye indawo, kodwa ngokuvamile ku-akhawunti yakho.
Vula ifayela le-Ovpn kusihleli sombhalo. Bese ekhasini lokucushwa komzila, chofoza okuthi “Amasevisi | VPN" futhi kule thebhu, sebenzisa iswishi ukuze uvule inketho ethi "OpenVPN Client". Ukuthola izinketho ezitholakalayo, faka imininingwane efayeleni le-Ovpn. Ukuze uthole iseva yamahhala e-Holland, isibonelo, sebenzisa i-“nlfree-02.protonvpn.com” kulayini othi “Iseva ye-IP/Igama” futhi ucacise okuthi “1194” njengembobo.
Setha "Idivayisi Yomhubhe" ibe "TUN" kanye "Ne-Encryption Cipher" ibe "AES-256 CBC".
Nge-"Hash Algorithm" setha okuthi "SHA512", vumela "Ukuqinisekiswa Kwephasi Lomsebenzisi" futhi ezinkambini "Zomsebenzisi" kanye "Nephasiwedi" faka imininingwane yakho yokungena yeProton.
Manje sekuyisikhathi sokudlulela esigabeni esithi "Izinketho Ezithuthukisiwe". Setha i-“TLS Cypher” ibe “None”, “LZO Compression” ibe “Yebo”. Yenza kusebenze i-“NAT” kanye “ne-Firewall Protection” futhi ucacise inombolo ethi “1500” njengokuthi “Izilungiselelo ze-Tunnel MTU”. "I-TCP-MSS" kufanele ivaliwe.
Kunkambu ethi “TLS Auth Key”, kopisha amanani kufayela le-Ovpn, ozowathola ngaphansi komugqa othi “QALA ukhiye we-OpenVPN Static V1”.
Kunkambu ethi “Ukucushwa Okungeziwe”, faka imigqa oyithola ngaphansi kokuthi “Igama Leseva”.
Okokugcina, ku-“CA Cert”, namathisela umbhalo owubona emgqeni othi “QALA Isitifiketi”. Londoloza izilungiselelo ngokuchofoza inkinobho ethi "Gcina" bese uqala ukufaka ngokuchofoza "Sebenzisa izilungiselelo". Ngemva kokuqalisa kabusha, irutha yakho izoxhunywa ku-VPN. Ukuze uthole ukwethembeka, hlola uxhumano ngokusebenzisa “Isimo | OpenVPN."
Amathiphu omzila wakho
Ngamaqhinga ambalwa alula, ungaguqula irutha yakho yasekhaya ibe inodi evikelekile. Ngaphambi kokuthi uqale ukumisa, kufanele ushintshe ukucushwa okuzenzakalelayo kwedivayisi.
Ukushintsha i-SSID Ungalishiyi igama lerutha emisiwe. Ngokuyisebenzisa, abahlaseli bangafinyelela iziphetho mayelana nedivayisi yakho futhi benze ukuhlasela okuqondiwe kubungozi obuhambisanayo.
Ukuvikelwa kwe-DNS Setha iseva ye-Quad9 DNS njengemisiwe ekhasini lokumisa. Ngemva kwalokhu, wonke amaklayenti axhunyiwe azofinyelela Inethiwekhi nge-DNS evikelekile. Iphinde ikusindise kusukela ekulungiseleleni amadivaysi mathupha.
Usebenzisa i-VPN Ngenye i-firmware ye-DD-WRT, etholakala kumamodeli amaningi omzila, ungakha uxhumano lwe-VPN lawo wonke amakhasimende ahlobene nale divayisi. Asikho isidingo sokumisa amaklayenti ngawodwana. Lonke ulwazi lungena kuNethiwekhi ngendlela ebethelwe. Amasevisi ewebhu ngeke esakwazi ukuthola ikheli lakho le-IP langempela nendawo.
Uma ulandela zonke izincomo ezichazwe kulesi sihloko, ngisho nochwepheshe bokuvikela idatha ngeke bakwazi ukuthola iphutha ngokulungiselelwa kwakho, njengoba uzozuza ukungaziwa okukhulu (ngokusemandleni akho).
Ngiyabonga ngokufunda indatshana yami, ungathola amamanyuwali engeziwe, izindatshana mayelana ne-cybersecurity, isithunzi se-inthanethi nokunye okuningi [kusiteshi sethu seTelegram](https://t.me/dark3idercartel).
Ngibonge kubobonke abafunde indatshana yami nabajwayelene nayo ngiyethemba niyithandile bese nibhala kumacomment ukuthi nicabangani ngalokhu?
Source: www.habr.com