IWETHEY v. 0.3.0 | TODO
1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User
IWETHEY Banner

Welcome to IWETHEY!

IWETHEY Home / IWETHEY Board / Networking Forum / Treat networks as insecure. Use secure protocols.
Post #69,188
by kmself
Picture of kmself
12/16/02 5:14:14 PM
Reply
New Treat networks as insecure. Use secure protocols.

Repeating what others have said, and suggesting that this be your general rule in any event. Networks should be considered hostile. Secure your individual connections.

\r\n\r\n

Note that with WiFi you've got an additional concern over simple snooping. If you want to restrict unauthorized access to the service, you should consider options for doing this. Using authenticating proxies for external access, and firewalling off any protocols you don't explicitly want to support, should turn most of the trick.

\r\n
--\r\n
Karsten M. Self [link|mailto:kmself@ix.netcom.com|kmself@ix.netcom.com]\r\n
[link|http://kmself.home.netcom.com/|http://kmself.home.netcom.com/]\r\n
What part of "gestalt" don't you understand?\r\n
[link|http://twiki.iwethey.org/twiki/bin/view/Main/|TWikIWETHEY] -- an experiment in collective intelligence. Stupidity. Whatever.\r\n
\r\n
   Keep software free.     Oppose the CBDTPA.     Kill S.2048 dead.\r\n[link|http://www.eff.org/alerts/20020322_eff_cbdtpa_alert.html|http://www.eff.org/alerts/20020322_eff_cbdtpa_alert.html]\r\n
Post #69,196
by inthane-chan
Picture of inthane-chan
12/16/02 5:42:52 PM
Reply
New That's pretty much what the idea is, AFAIK.
Shut off every service except for VPN/SSH, use pregenerated key pairs for authentication (4096 bit keys? Longer?) and anybody who jumps on the network gets a connection that goes nowhere. If you have a key, you VPN to 192.168.0.1, and voila! you're internal again.
Gimli's Rules for Surviving in Middle Earth #43: When attempting to destroy an artifact, remember to use somebody else's axe.
     Securing a wireless network (theory) - (inthane-chan) - (4) - Dec. 16, 2002, 11:24:50 AM EST
         vpn or ssh and treat all external networks as insecure -NT - (boxley) - Dec. 16, 2002, 04:06:08 PM EST
         Yes... Treat Wireless... - (folkert) - Dec. 16, 2002, 04:25:54 PM EST
         Treat networks as insecure. Use secure protocols. - (kmself) - (1) - Dec. 16, 2002, 05:14:14 PM EST
             That's pretty much what the idea is, AFAIK. - (inthane-chan) - Dec. 16, 2002, 05:42:52 PM EST

He's using his E.T. powers!
30 ms