Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Wi-Fi protection using HTTPS or VPN

Posted on 2012-04-02
4
Medium Priority
?
424 Views
Last Modified: 2012-04-02
If am using an unsecured Wi-Fi (no WPA2, etc) and there is no trust for the wireless access point, does say using HTTPS really help to protect the transmission between  my client and a web server?  I am considering a hypotheical in which the wireless access point may be monitored.  So if an attacker has access to the frames, does SSL still protect my transmission?

Or would the best thing be to use VPN?  I understand some VPN options are SSL but some are PPTP, etc. I am trying to determine.



Thanks
0
Comment
Question by:banjo1960
4 Comments
 

Assisted Solution

by:notadog
notadog earned 1000 total points
ID: 37796956
HTTPS is better than nothing without question. If your certs are set up properly then you have a secure end-to-end connection between your machine and the https server - someone on the access point can see your traffic go by but can't read it.

As you point out, a lot of VPNs use SSL to encrypt the traffic so if you can't trust a secured session between your computer and a remote SSL server you can't trust a SSL-based VPN either. The case for PPTP is very similar. At least while using a VPN, though, the traffic originates from your trusted / monitored network, not from the access point, so if your destination server isn't set up properly (say, they don't encrypt parts of the site because it slows things down too much), that unencrypted traffic isn't seen at the access point.
0
 
LVL 17

Expert Comment

by:Anuroopsundd
ID: 37796958
There is some confusion here in the question so i am listing few things here.
Wireless authentication are different then VPN.
you can tighten secuirty of wireless by having WPA2 with MAC address authentication and certificates.
VPN is a solution to connect to remote site for secure channel.
Website can  be configured with SSL for secure channel between Client and the server.
0
 
LVL 5

Accepted Solution

by:
andrew1812 earned 1000 total points
ID: 37796972
If you use HTTPS , the data corresponding to your HTTPS communication would be encrypted. Even if an attacker capture the frames, data cannot be read as it would be encrypted data inside the frames. But the problem is this is applicable only for HTTPS communication. If you use other protocols apart from HTTPS like FTP, Telnet, the data would not be encrypted and can be eavesdropped.  

If you use a VPN , the entire packet would be encrypted , irrespective of the application layer protocol you use. So in your sceanrio where you do not have any security on the AP , a VPN would be a better option compared with HTTPS. ( PPTP)
0
 
LVL 1

Author Closing Comment

by:banjo1960
ID: 37797959
Thanks for the information.
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
In 2017, ransomware will become so virulent and widespread that if you aren’t a victim yourself, you will know someone who is.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses
Course of the Month13 days, 9 hours left to enroll

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question