unencrypted wireless?

Discussion in 'Computer Security' started by theSunbird, Mar 1, 2004.

  1. theSunbird

    theSunbird Guest

    Hi,
    I have a broadband connection, a wireless broadband router/ PCMCIA card in
    my laptop.
    I have the Mac address filters set to stop unauthorised access to my
    connection but am now considering the security of network traffic.
    I tried to use WEP, to no avail, which i put down to different vendors, and
    incompatabilities between them.
    I am happy that my traffic is insecure, since theres nothing of concern on
    it.

    I have limited myself to doing any banking or credit card transactions fro
    mthe PC hard wired to the router.
    Since the banking is HTTPS should this be secure over the wireless too?, as
    I understand it its an encrypted path isn't it?
    Its probably more likely to get sniffed off the Internet than intercepted in
    the air.

    Do you think I'm right in this thought?

    Thanks for any assistance or advice.

    Stevie
    theSunbird, Mar 1, 2004
    #1
    1. Advertising

  2. theSunbird wrote:

    > Since the banking is HTTPS should this be secure over the wireless too?, as
    > I understand it its an encrypted path isn't it?


    I was thinking the same thing the other day concerning SSH from a GPRS
    handheld device. The signal itself is encrypted, right?

    F
    Frank van Meurs, Mar 1, 2004
    #2
    1. Advertising

  3. In <c208oq$2nv$> Frank van Meurs <> writes:

    >I was thinking the same thing the other day concerning SSH from a GPRS
    >handheld device. The signal itself is encrypted, right?


    eyup, but you should make sure you get the intial set of ssh keys during a
    secure connection earlier, rather than relying on the wireless one.

    --
    _____________________________________________________
    Knowledge may be power, but communications is the key

    [to foil spammers, my address has been double rot-13 encoded]
    danny burstein, Mar 1, 2004
    #3
  4. theSunbird <> wrote:
    > I tried to use WEP, to no avail, which i put down to different vendors, and
    > incompatabilities between them.


    That shouldn't be the case as long as you don't enable any vendor-
    specific extensions.

    > I am happy that my traffic is insecure, since theres nothing of concern on
    > it.


    There is also the concern of hijacking your bandwidth.... say if someone
    tapped into your broadband via insecure WiFi to DL child pornography. Far
    fetched? Perhaps.... do you want to take that chance though?

    > Since the banking is HTTPS should this be secure over the wireless too?, as
    > I understand it its an encrypted path isn't it?


    Yes. Just like SSH traffic would be, etc. ~But~ if there is a weakness
    exposed by man-in-the-middle attacks your WiFi insecurity might be a
    great way to get in.

    Even though WEP isn't the best in the world I encourage you to at least
    get it operational...

    You are right though, lots of things can happen on the other side or
    in-between that could be more likely. That doesn't mean you should play
    that into your odds calculations though... safer the better, even the
    safest of people eventually run into an aggravation.

    Cheers, -Ali

    --
    OpenPGP Key: 030E44E6
    --
    Was I helpful?: http://svcs.affero.net/rm.php?r=packetknife
    --
    If a packet hits a pocket on a socket on a port and the bus is
    interrupted at a very last resort and the access of the memory
    makes your floppy disk abort; then, the socket packet pocket
    has an error to report. -- Dr. Seuss
    Ali-Reza Anghaie, Mar 1, 2004
    #4
  5. theSunbird

    Tiger_289 Guest

    On Mon, 01 Mar 2004 11:18:07 -0800, theSunbird wrote:

    > Hi,
    > I have a broadband connection, a wireless broadband router/ PCMCIA card in
    > my laptop.
    >
    > Do you think I'm right in this thought?
    >


    The risks are similar to hooking a computer up directly to the Internet.
    Make sure your have good host security (latest patches, firewall on and
    configured properly, AV if Windows, Windows file and print sharing
    disabled, etc etc) and you should do fine.
    Tiger_289, Mar 2, 2004
    #5
  6. I personally wouldn't do it, because if anyone is sniffing your wireless,
    they could easily pick up your MAC address and spoof/clone it and access
    your network.

    I've had numerous problems with WEP, and it's been cracked anyway, so I'm
    using WPA with AES. I think it only works on XP with SP1, but it's awesome
    and easy to setup.

    --
    Anthony Brant


    "theSunbird" <> wrote in message
    news:b_L0c.13884$9.net...
    > Hi,
    > I have a broadband connection, a wireless broadband router/ PCMCIA card in
    > my laptop.
    > I have the Mac address filters set to stop unauthorised access to my
    > connection but am now considering the security of network traffic.
    > I tried to use WEP, to no avail, which i put down to different vendors,

    and
    > incompatabilities between them.
    > I am happy that my traffic is insecure, since theres nothing of concern on
    > it.
    >
    > I have limited myself to doing any banking or credit card transactions fro
    > mthe PC hard wired to the router.
    > Since the banking is HTTPS should this be secure over the wireless too?,

    as
    > I understand it its an encrypted path isn't it?
    > Its probably more likely to get sniffed off the Internet than intercepted

    in
    > the air.
    >
    > Do you think I'm right in this thought?
    >
    > Thanks for any assistance or advice.
    >
    > Stevie
    >
    >
    >
    >
    Anthony Brant, Mar 2, 2004
    #6
  7. theSunbird

    BullBar Guest

    "theSunbird" <> wrote in message
    news:b_L0c.13884$9.net
    > Hi,
    > I have a broadband connection, a wireless broadband router/ PCMCIA
    > card in my laptop.
    > I have the Mac address filters set to stop unauthorised access to my
    > connection but am now considering the security of network traffic.
    > I tried to use WEP, to no avail, which i put down to different
    > vendors, and incompatabilities between them.
    > I am happy that my traffic is insecure, since theres nothing of
    > concern on it.
    >
    > I have limited myself to doing any banking or credit card
    > transactions fro mthe PC hard wired to the router.
    > Since the banking is HTTPS should this be secure over the wireless
    > too?, as I understand it its an encrypted path isn't it?
    > Its probably more likely to get sniffed off the Internet than
    > intercepted in the air.
    >
    > Do you think I'm right in this thought?
    >
    > Thanks for any assistance or advice.
    >
    > Stevie


    Are you able to restrict the ports accessible to wireless users?

    If so, only allow port 1723 into your network then require wireless
    users to logon via VPN.

    Problem solved, you have plenty of encryption, you have controlled
    access to the network from wireless.


    --

    BullBar
    BullBar, Mar 2, 2004
    #7
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Christian Dornes

    Retrieve unencrypted password

    Christian Dornes, Mar 4, 2004, in forum: Firefox
    Replies:
    5
    Views:
    11,348
    Ed Mullen
    Mar 4, 2004
  2. Kathi
    Replies:
    0
    Views:
    694
    Kathi
    Jul 17, 2006
  3. Replies:
    1
    Views:
    484
    Aaron Leonard
    Jul 28, 2006
  4. Niniel

    WPA encrypted connection reporting as unencrypted

    Niniel, Jan 27, 2009, in forum: Wireless Networking
    Replies:
    3
    Views:
    355
    Jack \(MVP-Networking\).
    Jan 27, 2009
  5. kevin turvey

    truecrypt drive merge with unencrypted drive

    kevin turvey, May 17, 2009, in forum: Computer Support
    Replies:
    1
    Views:
    616
    Just zis Guy, you know?
    May 17, 2009
Loading...

Share This Page