Can existing wireless networking encryption really protect a network?

Can existing wireless networking encryption really protect a network? I've heard a lot about securing a network from the inside-out, assuming that people will have access no matter what. Obviously some simple measures can be put in place to deter casual passers-by, but if someone really wants in, can they be stopped?
Asked by: Guest \| Views: 260

Total answers/comments: 2

Comments display order:

Guest [Entry]

"This is a really big topic with a tremendous number of levels. The easiest / simplest solution is to use a VPN or SSL tunnel to encrypt traffic going over wifi (regardless of wep/wpa). The easiest way I can think of to do that is to use the free putty terminal client to set up an SSH tunnel/proxy to some system connected to the internet via a land-line (e.g. a linux machine connected to your router via ethernet).

Beyond that there are many other things you can / should do, such as using vlans or DMZs to keep a boundary between your LAN and your Wireless-LAN, and other common sense security measures such as ensuring all your systems are protected by user accounts with strong passwords, etc."

Guest [Entry]

This is why you need to practice Defense in Depth security. Secure the access point(s) as best you can. Secure the inter-connecting components (bridges and routers) if you have them. Lock down PCs with firewalls, update software, educate yourself and other people using your home network. Use secure protocols. Use encryption, even between systems on your internal network. Secure your software as best you can, for example use Firefox extensions such as NoScript (many, if not most browser exploits are actually javascript exploits, and almost all 'drive-by' downloads are).