{"id":989103,"date":"2025-09-20T20:43:53","date_gmt":"2025-09-20T20:43:53","guid":{"rendered":"https:\/\/gpss.ro\/ghid-securitate\/securitatea-retelelor-wifi-domestice-si-de-birou-2\/"},"modified":"2025-09-20T22:38:25","modified_gmt":"2025-09-20T22:38:25","slug":"securitatea-retelelor-wifi-domestice-si-de-birou-2","status":"publish","type":"security_advisory","link":"https:\/\/delve.ro\/ro\/security-guide\/securitatea-retelelor-wifi-domestice-si-de-birou-2\/","title":{"rendered":"Securitatea re\u021belelor WiFi domestice \u0219i de birou"},"content":{"rendered":"<p># Securitatea re\u021belelor WiFi domestice \u0219i de birou<\/p>\n<p>## De ce este important WiFi securizat?<\/p>\n<p>O re\u021bea WiFi nesecurizat\u0103 permite:<br \/>\n&#8211; Furtul datelor transmise<br \/>\n&#8211; Accesul la dispozitivele tale<br \/>\n&#8211; Folosirea internetului t\u0103u pentru activit\u0103\u021bi ilegale<br \/>\n&#8211; Atacuri Man-in-the-Middle<br \/>\n&#8211; Compromiterea \u00eentregii re\u021bele<\/p>\n<p>## Configurare router &#8211; Ghid complet<\/p>\n<p>### \ud83d\udd10 Primul pas: Accesarea router-ului<\/p>\n<p>1. **G\u0103se\u0219te IP-ul router-ului:**<br \/>\n&#8211; Windows: `ipconfig` \u2192 Default Gateway<br \/>\n&#8211; Mac\/Linux: `netstat -nr | grep default`<br \/>\n&#8211; Comun: 192.168.1.1 sau 192.168.0.1<\/p>\n<p>2. **Login \u00een interfa\u021ba admin:**<br \/>\n&#8211; Browser: http:\/\/[IP-router]<br \/>\n&#8211; User\/parol\u0103 pe eticheta router-ului<br \/>\n&#8211; SCHIMB\u0102 imediat creden\u021bialele default!<\/p>\n<p>### \ud83d\udee1\ufe0f Set\u0103ri esen\u021biale de securitate<\/p>\n<p>#### 1. Schimb\u0103 creden\u021bialele admin<br \/>\n&#8211; Username nou (nu &#8216;admin&#8217;)<br \/>\n&#8211; Parol\u0103 complex\u0103 (min. 15 caractere)<br \/>\n&#8211; Salveaz\u0103 \u00een manager de parole<\/p>\n<p>#### 2. Actualizeaz\u0103 firmware<br \/>\n&#8211; Verific\u0103 lunar pentru updates<br \/>\n&#8211; Activeaz\u0103 actualiz\u0103ri automate dac\u0103 disponibil<br \/>\n&#8211; Backup set\u0103ri \u00eenainte de update<\/p>\n<p>#### 3. Configurare WiFi securizat<br \/>\n&#8211; Protocol: WPA3 (sau WPA2 dac\u0103 WPA3 nu e disponibil)<br \/>\n&#8211; Criptare: AES<br \/>\n&#8211; Parol\u0103: Min. 15 caractere, complex<br \/>\n&#8211; SSID: Nu folosi informa\u021bii personale<\/p>\n<p>## Set\u0103ri avansate de securitate<\/p>\n<p>### \ud83d\udce1 SSID \u0219i Broadcasting<\/p>\n<p>#### Schimb\u0103 numele re\u021belei (SSID):<br \/>\n&#8211; \u274c NU folosi: nume personal, adres\u0103, model router<br \/>\n&#8211; \u2705 Folose\u0219te: nume neutru, creativ<br \/>\n&#8211; Exemplu: &#8216;PrettyFlyForAWiFi&#8217;, &#8216;TellMyWiFiLoveHer&#8217;<\/p>\n<p>#### SSID Broadcasting:<br \/>\n&#8211; **P\u0103streaz\u0103 activat** pentru utilizare normal\u0103<br \/>\n&#8211; Ascunderea SSID nu ofer\u0103 securitate real\u0103<br \/>\n&#8211; Poate cauza probleme de conectare<\/p>\n<p>### \ud83d\udd12 Tipuri de criptare<\/p>\n<p>#### WPA3 (Recomandat &#8211; 2018+)<br \/>\n&#8211; Cea mai nou\u0103 \u0219i sigur\u0103<br \/>\n&#8211; Protec\u021bie \u00eempotriva atacurilor offline<br \/>\n&#8211; Forward secrecy<br \/>\n&#8211; Necesit\u0103 dispozitive compatibile<\/p>\n<p>#### WPA2 (Minim acceptabil)<br \/>\n&#8211; Standard pentru dispozitive mai vechi<br \/>\n&#8211; Folose\u0219te doar cu AES<br \/>\n&#8211; Vulnerabil la KRACK (patchuit \u00een firmware nou)<\/p>\n<p>#### \u274c EVIT\u0102:<br \/>\n&#8211; WEP &#8211; Spart \u00een minute<br \/>\n&#8211; WPA cu TKIP &#8211; \u00cenvechit<br \/>\n&#8211; Re\u021bea deschis\u0103 &#8211; Zero securitate<\/p>\n<p>## Segregarea re\u021belei<\/p>\n<p>### \ud83c\udfe0 Re\u021bea principal\u0103<br \/>\nPentru dispozitive de \u00eencredere:<br \/>\n&#8211; Computere de lucru<br \/>\n&#8211; Telefoane personale<br \/>\n&#8211; Smart TV trusted<\/p>\n<p>### \ud83d\udc65 Re\u021bea Guest<br \/>\nPentru vizitatori \u0219i IoT:<br \/>\n&#8211; Izolat\u0103 de re\u021beaua principal\u0103<br \/>\n&#8211; Bandwidth limitat<br \/>\n&#8211; Acces temporar<br \/>\n&#8211; Parol\u0103 schimbat\u0103 regular<\/p>\n<p>### \ud83e\udd16 Re\u021bea IoT<br \/>\nPentru dispozitive smart:<br \/>\n&#8211; Izolat\u0103 complet<br \/>\n&#8211; F\u0103r\u0103 acces la re\u021beaua principal\u0103<br \/>\n&#8211; Monitorizare trafic<br \/>\n&#8211; Updates frecvente<\/p>\n<p>## Monitorizare \u0219i mentenan\u021b\u0103<\/p>\n<p>### \ud83d\udcca Ce s\u0103 monitorizezi:<\/p>\n<p>#### Dispozitive conectate:<br \/>\n&#8211; Verific\u0103 zilnic pentru intru\u0219i<br \/>\n&#8211; Noteaz\u0103 toate dispozitivele legitime<br \/>\n&#8211; Investigheaz\u0103 MAC-uri necunoscute<\/p>\n<p>#### Utilizare bandwidth:<br \/>\n&#8211; Identific\u0103 utilizare anormal\u0103<br \/>\n&#8211; Detecteaz\u0103 malware\/botnets<br \/>\n&#8211; Optimizeaz\u0103 QoS<\/p>\n<p>## WiFi public &#8211; Cum s\u0103 te protejezi<\/p>\n<p>### \u2615 La cafenea\/restaurant:<\/p>\n<p>#### \u26a0\ufe0f Pericole:<br \/>\n&#8211; Re\u021bele false (Evil Twin)<br \/>\n&#8211; Sniffing trafic<br \/>\n&#8211; Man-in-the-Middle<br \/>\n&#8211; Session hijacking<\/p>\n<p>#### \ud83d\udee1\ufe0f Protec\u021bie:<br \/>\n1. **Folose\u0219te VPN \u00ceNTOTDEAUNA**<br \/>\n2. **HTTPS only browsing**<br \/>\n3. **Nu online banking**<br \/>\n4. **Dezactiveaz\u0103 sharing**<br \/>\n5. **Forget network dup\u0103**<\/p>\n<p>## Checklist lunar WiFi security<\/p>\n<p>&#8211; [ ] Verific\u0103 firmware updates<br \/>\n&#8211; [ ] Review dispozitive conectate<br \/>\n&#8211; [ ] Schimb\u0103 parola guest network<br \/>\n&#8211; [ ] Verific\u0103 logs pentru anomalii<br \/>\n&#8211; [ ] Test viteza \u0219i coverage<br \/>\n&#8211; [ ] Backup configura\u021bie router<br \/>\n&#8211; [ ] Review \u0219i update ACL<br \/>\n&#8211; [ ] Verific\u0103 certificate SSL<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Configurarea sigur\u0103 a re\u021belelor wireless pentru acas\u0103 \u0219i birou.<\/p>","protected":false},"featured_media":988583,"template":"","meta":[],"advisory_audience":[],"advisory_topic":[],"advisory_source":[],"advisory_severity":[],"advisory_region":[],"news_source":[],"class_list":["post-989103","security_advisory","type-security_advisory","status-publish","has-post-thumbnail","hentry"],"_links":{"self":[{"href":"https:\/\/delve.ro\/ro\/wp-json\/wp\/v2\/security_advisory\/989103","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/delve.ro\/ro\/wp-json\/wp\/v2\/security_advisory"}],"about":[{"href":"https:\/\/delve.ro\/ro\/wp-json\/wp\/v2\/types\/security_advisory"}],"version-history":[{"count":1,"href":"https:\/\/delve.ro\/ro\/wp-json\/wp\/v2\/security_advisory\/989103\/revisions"}],"predecessor-version":[{"id":989120,"href":"https:\/\/delve.ro\/ro\/wp-json\/wp\/v2\/security_advisory\/989103\/revisions\/989120"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/delve.ro\/ro\/wp-json\/wp\/v2\/media\/988583"}],"wp:attachment":[{"href":"https:\/\/delve.ro\/ro\/wp-json\/wp\/v2\/media?parent=989103"}],"wp:term":[{"taxonomy":"advisory_audience","embeddable":true,"href":"https:\/\/delve.ro\/ro\/wp-json\/wp\/v2\/advisory_audience?post=989103"},{"taxonomy":"advisory_topic","embeddable":true,"href":"https:\/\/delve.ro\/ro\/wp-json\/wp\/v2\/advisory_topic?post=989103"},{"taxonomy":"advisory_source","embeddable":true,"href":"https:\/\/delve.ro\/ro\/wp-json\/wp\/v2\/advisory_source?post=989103"},{"taxonomy":"advisory_severity","embeddable":true,"href":"https:\/\/delve.ro\/ro\/wp-json\/wp\/v2\/advisory_severity?post=989103"},{"taxonomy":"advisory_region","embeddable":true,"href":"https:\/\/delve.ro\/ro\/wp-json\/wp\/v2\/advisory_region?post=989103"},{"taxonomy":"news_source","embeddable":true,"href":"https:\/\/delve.ro\/ro\/wp-json\/wp\/v2\/news_source?post=989103"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}