October 14, 2004
Blog has been moved
This post has been moved to blogspot. No further posts will be made to this location.
I thought that it was secure
Well, just when you think that they have come up with a good solution, it seems that it's not the perfect one after all. It looks like WEP which is used for wireless networks around homes, offices, etc. isn't secure. It's even stated that in the wikipedia article... *sigh*
What does this mean now? Does this mean that whenever I want to do anything like online banking I should be wired and disable my Wi-Fi connection? I'm not totally clear if your network is broken if that means that people can read your ssh / https traffic. I would guess not, but I'm confused about that. Does anyone know?
Posted by jim at October 14, 2004 12:07 AM
Well, if you're doing ssh/https, then there's probably nothing to worry about. I'm pretty sure they are are secure, no matter what transportation medium is being used. What you should be worried about, is when you use insecure protocols over your insecure connection. Like when you use http/ftp/telnet. But nobody uses those for anything important anyway. At least I hope not.
Ya, I hope that if people want secure ftp they will use sftp.
Yep, WEP is insecure. BUT I still think it's better than a completely insecure line. It takes the right tools to crack WEP in real time, and not everyone has these tools.
It's the same as not broadcasting your SSID. *Most* people won't see your network, but wardrivers with the right sniffing tools will be able to see the packets wizzing by and be able to figure out how to connect.
If you really want to use WIFI securely, and not just sites that use https, you can look into using IPSEC between your laptop and the wireless router. If I'm not mistaken my router (WRT54G) supports IPSEC through extensions.
Another good way to protect your wireless network is to only allow wireless connections from specific network cards (white list). Everything else gets denied, but people could probably still sniff your packets (wow, that sounds dirty) if you don't encrypt.
Due to the proliferation of comment spam, Iíve had to close comments on this entry. If you would like to leave comment, please use one of my recent entries. Thank you and sorry for any inconvience caused.