No announcement yet.

What is the best way?

  • Filter
  • Time
  • Show
Clear All
new posts

  • What is the best way?

    What is the best way to to secure a wireless connection from being intercepted? Is it better just to use a different connection?
    Oh it's fun and games to watch people burn up. It's not fun, however, to have to clean their burnt sticky bodies off the road while being handcuffed.

  • #2
    Have you tried the nice little handy dandy search tab to help aid you in your answer?
    "It is difficult not to wonder whether that combination of elements which produces a machine for labor does not create also a soul of sorts, a dull resentful metallic will, which can rebel at times". Pearl S. Buck


    • #3
      I read that part, on computer security and I read that other stuff, but I'm talking about in general here. What is the best way to go?
      Oh it's fun and games to watch people burn up. It's not fun, however, to have to clean their burnt sticky bodies off the road while being handcuffed.


      • #4

        NIST Security Checklists. Have Fun.

        I return whatever i wish . Its called FREEDOWM OF RANDOMNESS IN A HECK . CLUSTERED DEFEATED CORn FORUM . Welcome to me


        • #5
          Securing a connection

          Some more background re 'securing 'a WLAN

          As pointed out by the previous posts, there is a wealth of info our their pointing to mechanisms for securing a network connection. Wireless or otherwise.

          The problem effectively comes down to three issues

          1) Authentication - How do does the network know who is connecting to it, or vice versa.

          2) Encryption - How can you obscure the information being transferred across a medium where others have visibility of the data transmitted over that medium.

          3) Resilience - How tolerant is the network connection to denial of service from attackers.

          There are many solutions to these problems all with pro's and con's relating to cost, flexibility, and effectiveness, thus the extent you need to go to in protecting your data and the continuation of the connections depends upon what you are trying to protect and what effects denial of the connection will have .

          Firstly resilience WLAN specifically the 802.11 family is a politeness based protocol, if a client or AP detects the physical medium (in this case Radio) is in use it will not transmit, this means by its very nature regardless of any security mechanisms you employ somebody can take your system off the air via transmitting a continuous signal (i.e. not necessarily a WLAN one) on the same channel as your system. The upshot of this is you should never use WLAN for critical systems (i.e. planes start fall out of the sky if the link stops).

          Encryption, there are many ways to encrypt data, WiFI has touted AES based upon the Rijndael cipher as the current best practice for native standards based encryption over WiFI, However added security may be provided by use of a software based VPN in addition to the native WiFI link encryption. When securing higher security info there are also hardware standards based solutions (not specifically for WiFI) that could be used in a point to point scenario for instance (Thales Datacryptor which is FIPS and CAPS compliant tho this type of solution probably a bit overboard for most applications)

          Authentication, You can have the best Encryption in the world, but its all for nothing unless you can identify the users to the system and vice versa.
          It would be quite possible to use AES encryption but use an authentication method that consisted of the question "Are you a hacker Yes/No?", thus the encryption is ok but anybody would be able to get onto your network and use a varied selection of standard attacks (ARP poisoning etc etc etc) to route data destined for other wireless users to themselves without ever having to break the encryption of the wireless link.
          The level of Authentication you need again depends on the level of sensitivity of the network you are trying to protect. Certainly use of password based or shared static key authentication is fairly easy to break and susceptible to social engineering attacks. You could opt for a Radius PKI approach using digital certificates, or better a mixture of knowledge and physical authentication (i.e. Like needing your bank card and pin number to get money from a cash machine you need something and some knowledge to authenticate yourself) like systems provided by RSA etc.

          So basicaly the answer is, it depends.


          • #6
            Only the 2nd Post?

            Originally posted by evad123
            Some more background re 'securing 'a WLAN
            That is one of the best forum answers I have ever read. Hard to believe you are new to Defcon! Nice work
            In a world without walls and fences, who needs Windows and Gates?