Jump to content
LCVG

Wireless Encryption


Baiter
 Share

Recommended Posts

I picked up an 802.11b router so that I could use my IBook anywhere in the house, now I'm considering setting it up on my desktop to hide an unsitely wire.

 

Here's what I can't figure out... If I'm using the internet, everything is going out unencrypted anyway, so my isp can read everything, who cares if the same info goes out over wireless?

Also any secure info I'd use ssl for, so the data would be encrypted at the source(my pc) before it even hit the network card.

 

I'd also be using a vpn, but it seems to be the same situation as ssl, info's encrypted long before it hit's the airwaves/NIC. :? If someone could give me some insite I'd really appreciate it, compromising my vpn could be devastating, and I also do banking online, so security is extremely important to me.

Link to comment
Share on other sites

I believe that WEP -- together with turning off broadcast SSID -- lessens the possibility of a neighbor or some other wardriver stealing your bandwidth.

 

You can run PHLAK, a linux distro, that comes with a neat app ("achillies," I think) for investigating wireless (and wired) network use if you think something funny is going on. I think it's set up as a bootable CD -- so you don't need to partition and dual boot to try it out if you don't have a dedicated linux box.

 

-j

Link to comment
Share on other sites

When using SSL, wep may be redundant.

 

But for non-SSL requests (like most POP email logins, file/folder sharing on your home network) WEP helps to keep people from sniffing your sensitive data.

 

If I'm using the internet, everything is going out unencrypted anyway, so my isp can read everything, who cares if the same info goes out over wireless?

 

The difference is that it is difficult to sniff traffic that goes only to your ISP -> Internet -> Host. Sure it can be done, but with wireless it is much easier. Anyone within 1000ft or so of your computer will be able to see every packet it is sending/recieving. "Action at a distance" is a powerful tool for eavsdroppers.

 

A good analogy would be corded vs cordless phones. It is possible that someone has bugged your line and can hear your conversations when you use a corded phone, but it is unlikely and requires some expertise. If you use cordless phone, anyone in your neighboorhood with a police scanner can listen in (newer cordless phones use encryption to avoid this).

 

The best setup for your wireless network is:

1) enable WEP in "Open System" mode

2) disable SSID Broadcast

3) Set the SSID name to something difficult to guess. ("Linksys", "default" etc are bad choices)

4) Enable MAC address filtering...so you can specify exactly which hosts are allowed to use the network. (This doesnt prevent snooping, but will keep people from being able to use your access point)

 

Jeff

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...