Solved

Wi-Fi protection using HTTPS or VPN

Posted on 2012-04-02
4
416 Views
Last Modified: 2012-04-02
If am using an unsecured Wi-Fi (no WPA2, etc) and there is no trust for the wireless access point, does say using HTTPS really help to protect the transmission between  my client and a web server?  I am considering a hypotheical in which the wireless access point may be monitored.  So if an attacker has access to the frames, does SSL still protect my transmission?

Or would the best thing be to use VPN?  I understand some VPN options are SSL but some are PPTP, etc. I am trying to determine.



Thanks
0
Comment
Question by:banjo1960
4 Comments
 

Assisted Solution

by:notadog
notadog earned 250 total points
ID: 37796956
HTTPS is better than nothing without question. If your certs are set up properly then you have a secure end-to-end connection between your machine and the https server - someone on the access point can see your traffic go by but can't read it.

As you point out, a lot of VPNs use SSL to encrypt the traffic so if you can't trust a secured session between your computer and a remote SSL server you can't trust a SSL-based VPN either. The case for PPTP is very similar. At least while using a VPN, though, the traffic originates from your trusted / monitored network, not from the access point, so if your destination server isn't set up properly (say, they don't encrypt parts of the site because it slows things down too much), that unencrypted traffic isn't seen at the access point.
0
 
LVL 17

Expert Comment

by:Anuroopsundd
ID: 37796958
There is some confusion here in the question so i am listing few things here.
Wireless authentication are different then VPN.
you can tighten secuirty of wireless by having WPA2 with MAC address authentication and certificates.
VPN is a solution to connect to remote site for secure channel.
Website can  be configured with SSL for secure channel between Client and the server.
0
 
LVL 5

Accepted Solution

by:
andrew1812 earned 250 total points
ID: 37796972
If you use HTTPS , the data corresponding to your HTTPS communication would be encrypted. Even if an attacker capture the frames, data cannot be read as it would be encrypted data inside the frames. But the problem is this is applicable only for HTTPS communication. If you use other protocols apart from HTTPS like FTP, Telnet, the data would not be encrypted and can be eavesdropped.  

If you use a VPN , the entire packet would be encrypted , irrespective of the application layer protocol you use. So in your sceanrio where you do not have any security on the AP , a VPN would be a better option compared with HTTPS. ( PPTP)
0
 
LVL 1

Author Closing Comment

by:banjo1960
ID: 37797959
Thanks for the information.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

For Sennheiser, comfort, quality and security are high priority areas. This paper addresses the security of Bluetooth technology and the supplementary security that Sennheiser’s Contact Center and Office (CC&O) headsets provide.  
DECT technology has become a popular standard for wireless voice communication. DECT devices are not likely to be affected by other electronic devices and signals because they operate in a separate frequency-band.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now