Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
Home
Discussion Groups
General
GeneralPortable MacsHardwareNetworking
Applications
Mac ApplicationsEudoraFirefox / MozillaInternet ExplorerOutlook ExpressMS OfficeEntourageExcelPowerPointWordVirtual PCMedia PlayerOther MS Products
Programming
Mac ProgrammingCodeWarriorPerl
Country Specific
Australian Mac GroupUK Mac Group

Mac Forum / General / General / May 2008


Tip: Looking for answers? Try searching our database.

Wifi Security For Dummies

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
Pete Holland Jr. - 04 May 2008 02:24 GMT
My dad comes to me for help with computers, and today, he came to me
with something completely outside my area of expertise, so I'm hoping
you guys can help me.

It concerns wireless networking.  Keep in mind, I don't know anything
about networks, I keep my computers sandboxed and use removable media
to shuttle information between them.  I have a wifi card for my laptop
at hot spots, but paranoia makes me only check sites that don't
require me to log in (and using my credit card over a wifi network is
a definite no-no).

My dad is planning a huge, long vacation later this year.  He wants to
take his laptop, an Apple G4 iBook equipped with an Airport card, with
for things like online banking.  But he's concerned about computer
security and asked me to see how to keep things safe.

He doesn't have file sharing activated, so I'm not too concerned about
that.  My concern is the actual data transmission.  I have heard a
technique called "sidejacking" is on the rise.  I always wondered
about wireless and, since everything is transmitted, if a receiver can
pick up the signals, analogous to another radio picking up the same
broadcast station.  Based on some of the news I've been reading, my
concern is not only valid, but it is being used -- people can park at,
say, a Starbucks and "listen in" on other computers communicating with
the server, intercepting passwords, credit card numbers, etc.

I just got back from an Apple store, and when I asked the guy at the
Genius Bar about it, he said he had never heard of anyone sidejacking
in 5 years in the business.  So no dice with him.

So, the basic question is, is there a way to secure data transmission
and receiving?  Should he not use anything that doesn't ask for a WPA
password (no going to Panera Bread or Starbucks)?  And, since a
sidejacker can pick up whatever is being sent, what's to keep them
from grabbing the WPA password or https encryptions and cracking them
anyway?  Or, is there a book for a wifi security newbie that will help
clear this stuff up?
Reply to this Message
J.J. O'Shea - 04 May 2008 15:07 GMT
> So, the basic question is, is there a way to secure data transmission
> and receiving?  Should he not use anything that doesn't ask for a WPA
[quoted text clipped - 3 lines]
> anyway?  Or, is there a book for a wifi security newbie that will help
> clear this stuff up?

All encryption can be broken if you want to put in the required effort.
However, while WEP can be broken in a matter of minutes if not seconds, WPA
takes hours if not days, so unless a 'sidejacker' really, really, REALLY
wants in, having WPA protection is good enough. Being 'protected' by WEP is
actually worse than having no protection at all, as it causes hassles for
legitimate users while being nearly transparent to attackers.

I'd start here: <http://en.wikipedia.org/wiki/Wireless_security> Some of the
links are useful; others are, well, shite. This article
<http://www.theregister.co.uk/2007/05/15/wep_crack_interview/> is a good
overview of the state of WEP, and has some good links.

You might want to look at
<http://www.oreillynet.com/pub/a/wireless/2002/04/19/security.html> and
<http://safari.oreilly.com/0321136209>. Warning: this is heavyweight division
stuff. The first page dates from 2002, and so is somewhat outdated. The
second points to a very large, and somewhat expensive, book which goes into
excruciating detail about wireless security. That book was first published in
2003, but has been updated since. Also mentioned on that page is a book on
wireless hacking, which by definition shows how to defend against hack
attempts. Probably the best book for your purposes would be
<http://press.oreilly.com/pub/pr/1912>. Note that O'Reilly books tend to be
members of the heavyweight division in more ways than one. The current
edition was released in February 2008, so it's right up to date.

Signature

email to oshea dot j dot j at gmail dot com.

Reply to this Message
You - 04 May 2008 17:56 GMT
In article
<86d223c4-6472-40e5-81a2-480e08a64671@c58g2000hsc.googlegroups.com>,

> My dad is planning a huge, long vacation later this year.  He wants to
> take his laptop, an Apple G4 iBook equipped with an Airport card, with
> for things like online banking.  But he's concerned about computer
> security and asked me to see how to keep things safe.

Most Banks Websites are using Secure Socket and HPPTS for their
Transaction packets which encrypt in the Laptop and decrypt in the
Web Server with 128 Bit Public/Private Key technology.  Makes
Packet sniffing in realtime, mostly useless for the Sniffers.
I wouldn't worry about the Banking Stuff, but more about general
surfing, and email that is moved in the clear.
Reply to this Message
Pete Holland Jr. - 05 May 2008 04:48 GMT
I just wanted to say thank you for the advice, I appreciate it.  Just
trying to be polite.
Reply to this Message
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.