IN Lately Many “exposing” publications have appeared about the hacking of some new protocol or technology that compromises the security of wireless networks. Is this really so, what should you be afraid of, and how can you ensure that access to your network is as secure as possible? Do the words WEP, WPA, 802.1x, EAP, PKI mean little to you? This short review will help bring together all the applicable encryption and radio access authorization technologies. I will try to show that a properly configured wireless network represents an insurmountable barrier for an attacker (up to a certain limit, of course).

Basics

Any interaction between an access point (network) and a wireless client is based on:

• Authentication- how the client and the access point introduce themselves to each other and confirm that they have the right to communicate with each other;
• Encryption- what scrambling algorithm for transmitted data is used, how the encryption key is generated, and when it changes.

The parameters of a wireless network, primarily its name (SSID), are regularly advertised by the access point in broadcast beacon packets. In addition to the expected security settings, requests for QoS, 802.11n parameters, supported speeds, information about other neighbors, etc. are transmitted. Authentication determines how the client presents itself to the point. Possible options:

• Open- a so-called open network in which all connected devices are authorized immediately
• Shared- the authenticity of the connected device must be verified with a key/password
• EAP- the authenticity of the connected device must be verified using the EAP protocol by an external server

The openness of the network does not mean that anyone can work with it with impunity. To transmit data in such a network, the encryption algorithm used must match and, accordingly, the encrypted connection must be correctly established. The encryption algorithms are:

• None- no encryption, data is transmitted in clear text
• WEP- cipher based on the RC4 algorithm with different static or dynamic key lengths (64 or 128 bits)
• CKIP- proprietary replacement for Cisco's WEP, early version of TKIP
• TKIP- Improved WEP replacement with additional checks and protection
• AES/CCMP- the most advanced algorithm based on AES256 with additional checks and protection

Combination Open Authentication, No Encryption widely used in systems guest access like providing the Internet in a cafe or hotel. To connect, you only need to know the name of the wireless network. Often such a connection is combined with an additional check for Captive Portal by redirecting a user HTTP request to an additional page where you can request confirmation (login-password, agreement with the rules, etc.).

Encryption WEP is compromised and cannot be used (even in the case of dynamic keys).

Commonly occurring terms WPA And WPA2 determine, in fact, the encryption algorithm (TKIP or AES). Due to the fact that client adapters have supported WPA2 (AES) for quite some time, there is no point in using TKIP encryption.

Difference between WPA2 Personal And WPA2 Enterprise is where the encryption keys used in the mechanics of the AES algorithm come from. For private (home, small) applications, a static key (password, code word, PSK (Pre-Shared Key)) with a minimum length of 8 characters is used, which is set in the access point settings, and is the same for all clients of a given wireless network. Compromise of such a key (they spilled the beans to a neighbor, an employee was fired, a laptop was stolen) requires an immediate password change for all remaining users, which is only realistic if there are a small number of them. For corporate applications, as the name suggests, a dynamic key is used, individual for each working client in this moment. This key can be periodically updated during operation without breaking the connection, and is responsible for its generation additional component- an authorization server, and almost always this is a RADIUS server.

All possible safety parameters are summarized in this plate:

Property	Static WEP	Dynamic WEP	WPA	WPA 2 (Enterprise)
Identification	User, computer, WLAN card	User, computer	User, computer	User, computer
Authorization	Shared key	EAP	EAP or shared key	EAP or shared key
Integrity	32-bit Integrity Check Value (ICV)	32-bit ICV	64-bit Message Integrity Code (MIC)	CRT/CBC-MAC (Counter mode Cipher Block Chaining Auth Code - CCM) Part of AES
Encryption	Static key	Session key	Per-packet key via TKIP	CCMP (AES)
Key distribution	One-time, manual	Pair-wise Master Key (PMK) segment	Derived from PMK	Derived from PMK
Initialization vector	Text, 24 bits	Text, 24 bits	Advanced vector, 65 bit	48-bit packet number (PN)
Algorithm	RC4	RC4	RC4	AES
Key length, bits	64/128	64/128	128	up to 256
Required infrastructure	No	RADIUS	RADIUS	RADIUS

While WPA2 Personal (WPA2 PSK) is clear, an enterprise solution requires further consideration.

WPA2 Enterprise

Here we are dealing with an additional set various protocols. On the client side there is a special component software The supplicant (usually part of the OS) interacts with the authorizing part, the AAA server. IN in this example displays the operation of a unified radio network built on lightweight access points and a controller. In the case of using access points with “brains”, the entire role of an intermediary between clients and server can be taken on by the point itself. In this case, the client supplicant data is transmitted over the radio formed in the 802.1x protocol (EAPOL), and on the controller side it is wrapped in RADIUS packets.

The use of the EAP authorization mechanism in your network leads to the fact that after successful (almost certainly open) client authentication by the access point (together with the controller, if any), the latter asks the client to authorize (confirm its authority) with the infrastructure RADIUS server:

Usage WPA2 Enterprise requires a RADIUS server on your network. At the moment, the most efficient products are the following:

• Microsoft Network Policy Server (NPS), former IAS- configured via MMC, free, but you need to buy Windows
• Cisco Secure Access Control Server (ACS) 4.2, 5.3- configured via a web interface, sophisticated in functionality, allows you to create distributed and fault-tolerant systems, expensive
• FreeRADIUS- free, configured using text configs, not convenient to manage and monitor

In this case, the controller carefully monitors the ongoing exchange of information and waits for successful authorization or refusal of it. If successful, the RADIUS server is able to transfer additional parameters to the access point (for example, which VLAN to place the subscriber in, which IP address to assign, QoS profile, etc.). At the end of the exchange, the RADIUS server allows the client and the access point to generate and exchange encryption keys (individual, valid only for this session):

EAP

The EAP protocol itself is containerized, that is, the actual authorization mechanism is left to the user internal protocols. On currently The following have received any significant distribution:

• EAP-FAST(Flexible Authentication via Secure Tunneling) - developed by Cisco; allows authorization using a login and password transmitted within the TLS tunnel between the supplicant and the RADIUS server
• EAP-TLS(Transport Layer Security). Uses a public key infrastructure (PKI) to authorize the client and server (subject and RADIUS server) through certificates issued by a trusted certification authority (CA). Requires issuing and installing client certificates on each wireless device, so is only suitable for a managed corporate environment. The Windows Certificate Server has facilities that allow the client to generate its own certificate if the client is a member of a domain. Blocking a client can easily be done by revoking its certificate (or through accounts).
• EAP-TTLS(Tunneled Transport Layer Security) is similar to EAP-TLS, but does not require a client certificate when creating a tunnel. In such a tunnel, similar to a browser SSL connection, additional authorization is performed (using a password or something else).
• PEAP-MSCHAPv2(Protected EAP) - similar to EAP-TTLS in terms of the initial establishment of an encrypted TLS tunnel between the client and server, requiring a server certificate. Subsequently, such a tunnel is authorized using the well-known MSCHAPv2 protocol.
• PEAP-GTC(Generic Token Card) - similar to the previous one, but requires cards one-time passwords(and related infrastructure)

All of these methods (except EAP-FAST) require a server certificate (on the RADIUS server) issued by a certification authority (CA). In this case, the CA certificate itself must be present on the client’s device in the trusted group (which is easy to implement using Group Policy in Windows). Additionally, EAP-TLS requires an individual client certificate. Client authentication is performed as follows: digital signature, so (optional) by comparing the certificate provided by the client to the RADIUS server with what the server retrieved from the PKI infrastructure (Active Directory).

Support for any of the EAP methods must be provided by a client-side supplicant. The standard built-in Windows XP/Vista/7, iOS, Android provides at least EAP-TLS, and EAP-MSCHAPv2, which makes these methods popular. Intel client adapters for Windows come with a ProSet utility that extends available list. Cisco AnyConnect Client does the same.

How reliable is it?

After all, what does it take for an attacker to hack your network?

For Open Authentication, No Encryption - nothing. Connected to the network, and that's it. Since the radio medium is open, the signal travels in different sides, blocking it is not easy. If you have appropriate client adapters that allow you to listen to the broadcast, network traffic visible as if the attacker had connected to the wire, to the hub, to the SPAN port of the switch.
WEP-based encryption requires only IV brute force time, and one of many free available utilities scanning.
For encryption based on TKIP or AES, direct decryption is possible in theory, but in practice there have been no cases of hacking.

Of course, you can try to guess the PSK key or password for one of the EAP methods. Common attacks against these methods are not known. You can try using methods social engineering, or

A major concern for all wireless LANs (and all wired LANs, for that matter) is security. Security is just as important here as for any Internet user. Security is difficult question and requires constant attention. Enormous harm can be caused to the user due to the fact that he uses random hot-spots or open points WI-FI access at home or in the office and does not use encryption or VPN (Virtual Private Network) private network). This is dangerous because the user enters his personal or professional data, and the network is not protected from outside intrusion.

WEP

Initially, it was difficult to provide adequate security for wireless LANs.

Hackers easily connected to almost any WiFi networks hacking such initial versions security systems like Wired Equivalent Privacy (WEP). These events left their mark, and for a long time, some companies were reluctant or did not implement wireless networks at all, fearing that data transferred between wireless WiFi devices And Wi-Fi hotspots access can be intercepted and decrypted. Thus, this security model slowed down the integration of wireless networks into businesses and made people using WiFi networks at home nervous. IEEE then created the 802.11i Working Group, which worked to create a comprehensive security model to provide 128-bit AES encryption and authentication to protect data. The Wi-Fi Alliance introduced its own intermediate version of this 802.11i security specification: Wi-Fi Protected Access (WPA). The WPA module combines several technologies to solve the vulnerabilities of the 802.11 WEP system. Thus, WPA provides reliable user authentication using the 802.1x standard (mutual authentication and encapsulation of data transmitted between wireless client devices, access points and server) and the Extensible Authentication Protocol (EAP).

The operating principle of security systems is shown schematically in Fig. 1

Also, WPA is equipped with a temporary module for encrypting the WEP engine through 128 – bit encryption keys and uses the Temporal Key Integrity Protocol (TKIP). And with the help checksum message (MIC) prevents data packets from being modified or formatted. This combination of technologies protects the confidentiality and integrity of data transmission and ensures security by controlling access so that only authorized users have access to the network.

WPA

Further enhancing WPA security and access control is the creation of a new unique key master for interaction between each user wireless equipment and access points and providing authentication sessions. And also, in creating a random key generator and in the process of generating a key for each package.

The IEEE ratified the 802.11i standard in June 2004, significantly expanding many capabilities thanks to WPA technology. The Wi-Fi Alliance has strengthened its security module in the WPA2 program. Thus, the level of data transmission security WiFi standard 802.11 has reached the required level for implementation wireless solutions and technologies in enterprises. One of the significant changes from 802.11i (WPA2) to WPA is the use of 128-bit Advanced Encryption Standard (AES). WPA2 AES uses anti-CBC-MAC mode (a mode of operation for a cipher block that allows a single key to be used for both encryption and authentication) to provide data confidentiality, authentication, integrity and replay protection. The 802.11i standard also offers key caching and pre-authentication to organize users across access points.

WPA2

With the 802.11i standard, the entire security module chain (login, credential exchange, authentication and data encryption) becomes more reliable and effective protection against untargeted and targeted attacks. The WPA2 system allows the administrator Wi-Fi networks Shift from security to operations and device management.

The 802.11r standard is a modification of the 802.11i standard. This standard was ratified in July 2008. The standard's technology more quickly and reliably transfers key hierarchies based on Handoff technology as the user moves between access points. The 802.11r standard is fully compatible with the 802.11a/b/g/n WiFi standards.

There is also the 802.11w standard, which is intended to improve upon the security mechanism based on the 802.11i standard. This standard is designed to protect control packets.

The 802.11i and 802.11w standards are security mechanisms for 802.11n WiFi networks.

Encrypting files and folders in Windows 7

The encryption feature allows you to encrypt files and folders that will subsequently be impossible to read on another device without a special key. This feature is present in versions of Windows 7 such as Professional, Enterprise or Ultimate. The following will cover ways to enable encryption of files and folders.

Enabling file encryption:

Start -> Computer (select the file to encrypt) -> right button mouse over the file->Properties->Advanced (General tab)->Additional attributes->Place a checkmark in the item Encrypt content to protect data->Ok->Apply->Ok (Select apply only to file)->

Enabling folder encryption:

Start -> Computer (select the folder to encrypt) -> right mouse button on the folder -> Properties -> Advanced (General tab) -> Additional attributes -> Check the box Encrypt contents to protect data -> Ok -> Apply -> Ok (Select apply only to file) -> Close the Properties dialog (Click Ok or Close).

Good day, dear readers of the blog site! Today we will talk about wireless security DIR-615, about network security generally. I will tell you what the concept of WPA is. Next I will give step by step instructions setting up a wireless network using a wizard, about automatic and manual modes assigning a network key. Next we will show how add a wireless device using the WPS wizard. Finally, I will provide a description of the WPA-Personal (PSK) and WPA-Enterprise (RADIUS) configurations.

Network Security

In this article, as promised, I will write about the different levels of security that you can use to protect your data from intruders. DIR-615 offers the following security types:

What is WPA?

WPA, or Wi-Fi Protected Access Wi-Fi access), - This Wi-Fi standard, which was designed to improve security capabilities WEP.

2 major improvements over WEP:

• Improved data encryption via TKIP. TKIP mixes the keys using a hashing algorithm and adding an integrity check feature, thereby ensuring that the keys cannot be tampered with. WPA2 is based on 802.11i and uses AES instead of TKIP.
• User Authentication, which is generally absent in WEP, through EAP. WEP regulates access to a wireless network based on specific hardware MAC addresses a computer that is relatively easy to find out and steal. EAP is built on more secure system encryption public key to ensure that only authorized network users will be able to access the network.

WPA-PSK/WPA2-PSK uses a passphrase or key to authenticate your wireless connection. This key is an alphabetical digital password from 8 to 63 characters in length. The password can include characters (!?*&_) and spaces. This key must be exactly the same key that is entered on your wireless router or access point.

WPA/WPA2 enables user authentication via EAP. EAP is built on a more secure public key encryption system to ensure that only authorized network users can access the network.

Wireless Setup Wizard

To launch the security wizard, open the morning Setup and then click the button Wireless Network Setup Wizard .

Automatic Network Key Assignment

Once this screen appears, the installation is complete. You will be provided with a detailed report of your network security settings.
Click Save , to continue.

Manual Network Key Assignment

Select wireless password security. it must be exactly 5 or 13 characters long. It can also be exactly 10 or 26 characters using 0-9 and A-F.
Click to continue.

Installation completed. You will be provided with a detailed report of your wireless security settings. Click Save to complete the Security Wizard.

Add a Wireless Device using the WPS Wizard

PBC: Select this option to use the method PBC to add a wireless client. Click Connect .

WPA-Personal (PSK) Configuration

It is recommended that you enable encryption on your wireless router before turning on your wireless network adapters. Please install the option wireless connection before enabling encryption. Your wireless signal may degrade when you enable encryption due to additional overhead.

WPA-Enterprise (RADIUS) Configuration

It is recommended that you enable encryption on your wireless router before turning on your wireless network adapters. Please establish wireless connectivity before enabling encryption. Your wireless signal may degrade when you enable encryption due to additional overhead.

1. Log in to the web-based configuration utility by opening a web browser window and entering the router's IP address (192.168.0.1). Click Setup , and then Wireless Settings From the left side.
2. Next in Security Mode , select WPA-Enterprise.
   Comment: Should be disabled

Wi-Fi encryption - which protocol to choose?

I bought myself new router and decided to set it up myself. Everything is set up - the Internet and wireless network are working. A question arose, because radio waves (Wi-Fi in my case) propagate not only within my apartment. Accordingly, they can be intercepted. In theory. The router has a wireless network encryption setting. I assume that it is precisely to exclude interception and “eavesdropping”. The question is, which of the encryption protocols available in my router should I choose? Available: WPE, WPA-Personal, WPA-Enterprise, WPA2-Personal, WPA2-Enterprise, WPS. Which Wi-Fi encryption should I use in my case?

norik | 16 February 2015, 10:14
I will omit descriptions of any outdated protocols Wi-Fi encryption. Therefore, I will describe only those that make sense to use. If the protocol is not described here, then either it is exotic or you do not need it.

WPA and WPA2 (Wi-Fi Protected Access) - available on all routers. The most popular and widespread protocol. It is also one of the most modern. IMHO - the best choice for home and small office. However, it is also quite suitable for large offices, except that it makes sense to make authorization more complicated. Its password length is up to 63 bytes, so if you crack it by guessing, you can turn gray earlier. Of course, you need to choose WPA2 if it is supported by all devices on the network (only very old gadgets do not understand it).

What's truly valuable is what's inside of this service Multiple encryption algorithms can be used. Among them: 1. TKIP - I do not recommend it, since it is quite possible to find a hole.
2. CCMP - much better.
3. AES - I like it the most, but it is not supported by all devices, although it is included in the WPA2 specification.

WPA2 also provides two initial authentication modes. These modes are PSK and Enterprise. WPA Personal, also known as WPA PSK, means that all users will log into the wireless network with a single password entered on the client side at the time of connecting to the network. Great for home, but problematic for a large office. It will be difficult to change the password for everyone every time when another employee who knows it quits.

WPA Enterprise requires a separate server with a set of keys. For a home or office with 6 machines this is cumbersome, but if there are 3 dozen in the office wireless devices, then you can take care.

Actually, this exhausts the choice of Wi-Fi encryption at the moment. The remaining protocols either do not have encryption or a password at all, or have holes in the algorithms that only the very lazy would not get into. I recommend the WPA2 Personal AES combination for home use. For large offices - WPA2 Enterprise AES. If there is no AES, then you can get by with TKIP, but then there is still the possibility of packets being read by an outsider. There is an opinion that WPA2 TKIP was never hacked, unlike WPA TKIP, but it was protected...

This article is devoted to the issue of security when using wireless WiFi networks.

Introduction - WiFi Vulnerabilities

main reason The vulnerability of user data when this data is transmitted over WiFi networks lies in the fact that the exchange occurs over a radio wave. And this makes it possible to intercept messages at any point where a WiFi signal is physically available. Simply put, if the signal of an access point can be detected at a distance of 50 meters, then interception of all network traffic of this WiFi network is possible within a radius of 50 meters from the access point. In the next room, on another floor of the building, on the street.

Imagine this picture. In the office the local network built via WiFi. The signal from this office's access point is picked up outside the building, for example in a parking lot. An attacker outside the building could gain access to office network, that is, unnoticed by the owners of this network. WiFi networks can be accessed easily and discreetly. Technically much easier than wired networks.

Yes. To date, means of protecting WiFi networks have been developed and implemented. This protection is based on encrypting all traffic between the access point and the end device that is connected to it. That is, an attacker can intercept a radio signal, but for him it will be just digital “garbage”.

How does WiFi protection work?

The access point includes in its WiFi network only the device that sends the correct password (specified in the access point settings). In this case, the password is also sent encrypted, in the form of a hash. The hash is the result of irreversible encryption. That is, data that has been hashed cannot be decrypted. If an attacker intercepts the password hash, he will not be able to obtain the password.

But how does the access point know whether the password is correct or not? What if she also receives a hash, but cannot decrypt it? It's simple - in the access point settings the password is specified in its pure form. The authorization program takes a blank password, creates a hash from it, and then compares this hash with the one received from the client. If the hashes match, then the client’s password is correct. The second feature of hashes is used here - they are unique. The same hash cannot be obtained from two different sets of data (passwords). If two hashes match, then they were both created from the same set of data.

By the way. Thanks to this feature, hashes are used to control data integrity. If two hashes (created over a period of time) match, then the original data (during that period of time) has not been changed.

However, despite the fact that the most modern method WiFi network protection (WPA2) is reliable, this network can be hacked. How?

There are two methods for accessing a network protected by WPA2:

1. Selection of a password using a password database (so-called dictionary search).
2. Exploitation of a vulnerability in the WPS function.

In the first case, the attacker intercepts the password hash for the access point. The hashes are then compared against a database of thousands or millions of words. A word is taken from the dictionary, a hash is generated for this word and then this hash is compared with the hash that was intercepted. If a primitive password is used on an access point, then cracking the password of this access point is a matter of time. For example, an 8-digit password (8 characters long is the minimum password length for WPA2) is one million combinations. On modern computer You can sort through one million values ​​in a few days or even hours.

In the second case, a vulnerability in the first versions of the WPS function is exploited. This feature allows you to connect a device that does not have a password, such as a printer, to the access point. When using this feature, the device and access point exchange a digital code and if the device sends the correct code, the access point authorizes the client. There was a vulnerability in this function - the code had 8 digits, but only four of them were checked for uniqueness! That is, to hack WPS you need to search through all the values ​​that give 4 digits. As a result, hacking an access point via WPS can be done in just a few hours, on any weakest device.

Setting up WiFi network security

The security of the WiFi network is determined by the settings of the access point. Several of these settings directly affect network security.

WiFi network access mode

The access point can operate in one of two modes - open or protected. In case of open access, any device can connect to the access point. In the case of protected access, only the device that transmits correct password access.

There are three types (standards) of WiFi network protection:

• WEP (Wired Equivalent Privacy). The very first standard of protection. Today it actually does not provide protection, since it can be hacked very easily due to the weakness of the protection mechanisms.
• WPA (Wi-Fi Protected Access). Chronologically the second standard of protection. At the time of creation and commissioning, it provided effective WiFi protection networks. But at the end of the 2000s, hacking opportunities were found WPA security through vulnerabilities in protection mechanisms.
• WPA2 (Wi-Fi Protected Access). The latest protection standard. Provides reliable protection when certain rules are followed. To date, there are only two known ways to break WPA2 security. Dictionary password brute force and a workaround using the WPS service.

Thus, to ensure the security of your WiFi network, you must select the WPA2 security type. However, not all client devices can support it. For example, Windows XP SP2 only supports WPA.

In addition to choosing the WPA2 standard, additional conditions are required:

Use AES encryption method.

The password to access the WiFi network must be composed as follows:

1. Use letters and numbers in the password. A random set of letters and numbers. Or a very rare word or phrase that is meaningful only to you.
2. Not use simple passwords like name + date of birth, or some word + a few numbers, for example lena1991 or dom12345.
3. If you need to use only a digital password, then its length must be at least 10 characters. Because an eight-character digital password is selected using brute force methods. real time(from several hours to several days, depending on the power of the computer).

If you use complex passwords, in accordance with these rules, your WiFi network cannot be hacked by guessing a password using a dictionary. For example, for a password like 5Fb9pE2a(random alphanumeric), maximum possible 218340105584896 combinations. Today it is almost impossible to select. Even if a computer were to compare 1,000,000 (million) words per second, it would take almost 7 years to iterate over all the values.

WPS (Wi-Fi Protected Setup)

If the access point has the WPS (Wi-Fi Protected Setup) function, you need to disable it. If this feature is required, you must ensure that its version is updated to the following capabilities:

1. Using all 8 PIN code characters instead of 4, as was the case in the beginning.
2. Enable a delay after several attempts to send an incorrect PIN code from the client.

An additional option to improve WPS security is to use an alphanumeric PIN code.

Public WiFi Security

Today it is fashionable to use the Internet via WiFi networks in public places - cafes, restaurants, shopping centers and so on. It is important to understand that using such networks may lead to theft of your personal data. If you access the Internet through such a network and then log in to a website, your data (username and password) may be intercepted by another person who is connected to the same WiFi network. After all, on any device that has passed authorization and is connected to the access point, you can intercept network traffic from all other devices on this network. And the peculiarity of public WiFi networks is that anyone can connect to it, including an attacker, and not only to open network, but also to protected.

What can you do to protect your data when connecting to the Internet via public WiFi net? There is only one option - to use the HTTPS protocol. This protocol establishes an encrypted connection between the client (browser) and the site. But not all sites support HTTPS protocol. Addresses on a site that supports the HTTPS protocol begin with the https:// prefix. If the addresses on a site have the http:// prefix, this means that the site does not support HTTPS or does not use it.

Some sites do not use HTTPS by default, but have this protocol and can be used if you explicitly (manually) specify the https:// prefix.

As for other cases of using the Internet - chats, Skype, etc., you can use free or paid VPN servers to protect this data. That is, first connect to VPN server, and only then use chat or an open site.

WiFi Password Protection

In the second and third parts of this article, I wrote that in the case of using the WPA2 security standard, one of the ways WiFi hacking network is to select a password using a dictionary. But there is another opportunity for an attacker to obtain the password to your WiFi network. If you store your password on a sticky note glued to the monitor, this makes it possible for a stranger to see this password. And your password can be stolen from a computer connected to your WiFi network. This can be done by an outsider if your computers are not protected from access by outsiders. This can be done using malware. In addition, the password can be stolen from a device that is taken outside the office (house, apartment) - from a smartphone, tablet.

So if you need reliable protection your WiFi network, you must take steps to securely store your password. Protect it from access by unauthorized persons.

If you found this article useful or simply liked it, then do not hesitate to financially support the author. This is easy to do by throwing money at Yandex Wallet No. 410011416229354. Or on the phone +7 918-16-26-331 .

Even a small amount can help write new articles :)