I have a pc that is behind a wireless router which in turn is connected to a cable modem. I would like to secure the connection between the pc and the router to prevent packet sniffing and would like to use vpn to secure this connection.
The router does support vpn connections and I have generated an RSA key. I'm just not sure of the steps that need to be implemented on the pc and would appreciate some help or if someone could direct me to a tutorial on this topic.
Is the data so sensitive that WPA/WPA2 is insufficient in itself?
So why not just use WPA for the wireless link?
As for the VPN setup, that's not a wireless question, it's more of a general networking question. That and it will vary quite a bit depending on what brand/model router is being used.
snipped-for-privacy@gmail.com hath wroth:
Maker, model, operating system, wireless card, etc???
Maker, model number, hardware version, firmware version????
Maker, model number, ISP name, speed of service????
WPA2 isn't secure enough? Are you running an open wireless system for the neighbors to use and a VPN is your way of repairing the inevitable security holes?
Does it terminate the VPN connection? Or does it merely support "VPN passthru? What type of VPN (PPTP, IPSec, SSL, etc)? Are you using a
3rd part VPN client manager?
The RSA key is for authentication, not authorization. That's a nice feature to insure that nobody has spoofed or stolen your connection, but is not necessary for the basic operation. All VPN clients can use something local to provide authentication, such as the MAC address, IP address, machine serial numbers, or X.509 certificate?
Tutorial? First you supply:
...
Do WEP/WPA/WPA2 encrypt each packet? - so that if you were to sniff the rf as it were you would not be able to see data in the raw; over and above any authenification etc. - without the key or a hack. In that case, without using external (server & client VPN) software a wifi link is probably more secure than then wired. [Now to just make it work reliably ...]
Says the one on wired lan with the wifi currently switched off..
"William4" hath wroth:
No. Only the payload data packets are encrypted. Management packets are sent unencrypted. Therefore, MAC addresses are easily visible, but IP addresses are encrypted.
I prefer my data cooked, not raw. With a sniffer, all you see with a sniffer are the encrypted data packets and the unencrypted management packets.
Ummm... it's called authentication. The key exchange mechanism varies with the type of encryption. You can find the details on how they work with Google. The problem with WEP is primarily that the key exchange mechanism is seriously flawed. That was fixed with WPA. WPA can be cracked with a trivial (less than
8 characters) key, using brute force (trial and error) so use a long random key. WPA2 added additional security in the form of a different authentication mechanism and a more complex encryption mechanism.True. I've found it much easier to just plug into a wired ethernet switch (if available), than to sniff and decrypt wireless packets. Why bang on the locked front door, when you can go around back and crawl through a wide open window?
With a VPN, only the packets going between the VPN client and VPN server (or VPN termination) are encrypted and secure. If you subscribe to an online VPN service, such as:
it's only secure between the VPN endpoints. The traffic between the VPN server and the rest of the internet are unencrypted.
It's rather difficult to sniff packets on equipment that's turned off.
Disclaimer: I are not a security expert.
- that was me.
But good stuff nonetheless, taa.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.