Re: VPN over wireless
- From: Jeff Liebermann <jeffl@xxxxxxxxxx>
- Date: Tue, 26 Feb 2008 09:12:39 -0800
"William4" <w4@xxxxxxxx> hath wroth:
The RSA key is for authentication, not authorization. That's a nice
feature to insure that nobody has spoofed or stolen your connection,
but is not necessary for the basic operation. All VPN clients can use
something local to provide authentication, such as the MAC address, IP
address, machine serial numbers, or X.509 certificate?
Do WEP/WPA/WPA2 encrypt each packet?
No. Only the payload data packets are encrypted. Management packets
are sent unencrypted. Therefore, MAC addresses are easily visible,
but IP addresses are encrypted.
- so that if you were to sniff the rf
as it were you would not be able to see data in the raw;
I prefer my data cooked, not raw. With a sniffer, all you see with a
sniffer are the encrypted data packets and the unencrypted management
over and above any
authenification etc. - without the key or a hack.
Ummm... it's called authentication.
The key exchange mechanism varies with the type of encryption. You
can find the details on how they work with Google. The problem with
WEP is primarily that the key exchange mechanism is seriously flawed.
That was fixed with WPA. WPA can be cracked with a trivial (less than
8 characters) key, using brute force (trial and error) so use a long
random key. WPA2 added additional security in the form of a different
authentication mechanism and a more complex encryption mechanism.
In that case, without using external (server & client VPN) software a wifi
link is probably more secure than then wired. [Now to just make it work
True. I've found it much easier to just plug into a wired ethernet
switch (if available), than to sniff and decrypt wireless packets. Why
bang on the locked front door, when you can go around back and crawl
through a wide open window?
With a VPN, only the packets going between the VPN client and VPN
server (or VPN termination) are encrypted and secure. If you
subscribe to an online VPN service, such as:
it's only secure between the VPN endpoints. The traffic between the
VPN server and the rest of the internet are unencrypted.
Says the one on wired lan with the wifi currently switched off..
It's rather difficult to sniff packets on equipment that's turned off.
Disclaimer: I are not a security expert.
Jeff Liebermann jeffl@xxxxxxxxxx
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558
- Re: VPN over wireless
- From: William4
- Re: VPN over wireless
- Prev by Date: Re: wireless specs
- Next by Date: Re: wireless specs
- Previous by thread: Re: VPN over wireless
- Next by thread: Re: VPN over wireless