Solved

Explaination of secure access with SSL and VPN

Posted on 2006-10-26
6
279 Views
Last Modified: 2010-04-11
So let's say you are at an airport, no encryption on the wireless link, but you use a VPN client such as Cisco, or connect to web sites using SSL. Does this  mean you are secure?/ And you can disregard the WEP or WAP security from the wifi device?  If someone is sniffing, is it all encrypted?
0
Comment
Question by:shankshank
6 Comments
 
LVL 3

Assisted Solution

by:mahe2000
mahe2000 earned 100 total points
ID: 17813938
it is secure if you are using ssl or ipsec (vpn) the traffic is encrypted and nobody can see it (or at least it is very very very difficult (almost impossible) that somebody can decrypt it)
0
 
LVL 5

Author Comment

by:shankshank
ID: 17813950
and adding wep or wap into mix is another layer of higher security?
0
 
LVL 3

Expert Comment

by:mahe2000
ID: 17814279
it is not extremely significant once you use IPSec, a little more for SSL, if you can choose use WAP and if you can add it 802.1x features.
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 3

Accepted Solution

by:
bsautter33 earned 250 total points
ID: 17814732
There's a wiki for this at:
http://en.wikipedia.org/wiki/Virtual_Private_Network

Think of your communications over the internet (or wifi) as cars going through a mountain tunnel. If you don't shore up the tunnel with braces, it's going to collapse and rocks will get into your tunnel. But if the tunnel is properly secured, cars going through it will be safe.

Likewise you can make a VPN connection from your laptop through most anything (wifi, internet, lan, ...), but in it's raw form, it's an unsecured tunnel. If it's not secured properly, people can get in. If you use ipsec or SSL it will protect your communications by making a hardened, resistant tunnel. No matter where it goes, or over what computer it passes, it's going to be very difficult to break.

Now WEP or WAP creates a (somewhat) secure tunnel between you and the wifi device. But once hitting the internet, your tunnel is wide open. Should you disregard WEP or WAP on wifi? Yes, if you have setup some form of encryption on your VPN, you're just making a secured tunnel within a secured tunnel. True, nothing will even get through, but it's overly redundant.
0
 
LVL 38

Assisted Solution

by:Rich Rumble
Rich Rumble earned 150 total points
ID: 17815977
WEP and WPA are an added bonus to SSL and or Encrypted VPN tunnel, your very safe even without WEP/WPA. If your VPN uses a split-tunnel, internet traffic, like google.com, IM, hotmail etc... will go over the wep/wpa wifi access point, and internal traffic like company exchange email, or connecting to a shared drive/printer on the corporate lan, that traffic will go over the VPN tunnel. If you connect to an SSL site on the internet, and are split tunneling your secured by SSL.
-rich
0
 
LVL 5

Author Comment

by:shankshank
ID: 17889438
Thanks for the input guys.

Yeah as a system admin I wanted to make sure that when I'm say in an airport and login with my domain admin user account on a open unencrypted Wifi access point, that no one could sniff what I am doing since I am browsing SSL 128bit secured sites.


Thanks again!
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
By this time the large percentage of day-to-day transactions have shifted to mobile banking; here are some overriding areas QAs must investigate while testing mobile banking apps.  
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now