LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking > Linux - Wireless Networking
User Name
Password
Linux - Wireless Networking This forum is for the discussion of wireless networking in Linux.

Notices


Reply
  Search this Thread
Old 03-17-2006, 07:05 AM   #1
zba78
Member
 
Registered: Oct 2004
Location: Birmingham, England
Distribution: OpenSuSE 10.2
Posts: 50

Rep: Reputation: 15
General wireless security question


With regards to a wireless network it’s clear that WPA offers a more secure method of encryption then WEP.

But I was wondering that if you were using WEP and you connected to a secure site (for example paypal or an internet banking site) then would the 128-bit ssl connection be secure enough so that ‘onlookers’ would not be able to read the packets sent from my laptop to my wireless router?

i.e. what I’m asking (in a nutshell) is would the presence of the 128-bit ssl encryption make the flaws of WEP irrelevant?
 
Old 03-17-2006, 08:04 AM   #2
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,803
Blog Entries: 1

Rep: Reputation: 422Reputation: 422Reputation: 422Reputation: 422Reputation: 422
I believe that the two are independant of each other. In other words, the flaws in WEP remain even across an SSL connection. Now if someone does manage to crack the WEP key, they are still going to see the SSL traffic as encrypted.

If you're worried about people snooping on your WEP encrypted wireless network, there are a few extra obstacle you can throw up to make it more difficult:
- Most access points allow you to issue IP addresses only to pre-approved MAC addresses. While MAC addresses are trivial to spoof, it is one more thing a cracker has to solve.

- Regularly change your WEP key. Yes, its a pain but again it raises the amount of trouble that a cracker has to deal with to gain access.

-Make sure all computers on your LAN have a good firewall in place and all your OSs are patched.
 
Old 03-17-2006, 09:41 AM   #3
zba78
Member
 
Registered: Oct 2004
Location: Birmingham, England
Distribution: OpenSuSE 10.2
Posts: 50

Original Poster
Rep: Reputation: 15
Right, so if someone manages to get hold of my 'packets' by cracking the WEP key, they would be able to 'SEE' the data I'm sending regardless of the fact that I'm connected via ssl?
 
Old 03-17-2006, 04:33 PM   #4
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,803
Blog Entries: 1

Rep: Reputation: 422Reputation: 422Reputation: 422Reputation: 422Reputation: 422
No, that's not it. If someone were able to crack your WEP, they would see the SSL encrypted packets. Just cracking the WEP security should have no impact on the SSL encryption. The two are independant of each other.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
General wireless netwrok question. SeT Linux - Wireless Networking 2 02-03-2006 02:39 PM
general security une Linux - Security 3 05-02-2005 09:08 AM
General Security ajbrouwe Linux - Security 3 07-14-2004 04:02 PM
Wireless lan and hub kinda general question Belize Linux - Wireless Networking 3 06-03-2004 10:15 PM
Security in general NSKL Linux - Security 1 11-02-2002 02:02 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking > Linux - Wireless Networking

All times are GMT -5. The time now is 12:42 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration