Wireless Security

Scenario: Wireless Security

You have a wireless card in your laptop and connect to several different wireless networks both on and off campus. However, since the data is traveling through the air, everyone else with network cards in their computers can receive what your computer is sending. How do you keep your communication secure over a wireless network?

What you can do

Use a two-pronged strategy (the UIUC VPN server and your computer's applications) to keep your wireless communication secure over any wireless network anywhere in the world.

The UIUC VPN server

The UIUC VPN system provides wireless users with security from eavesdropping attempts by wireless network neighbors. The VPN's method of encryption keeps all communications from your computer secure from your keyboard to the on-campus VPN server.

In addition, you don't have to be using UIUCnet Wireless to benefit from the UIUC VPN system. Any University affiliate using any wireless (or wired) network anywhere in the world can connect to the VPN, authenticate with his or her Network ID, and have a secure connection to campus.

For more information, see VPN for Wireless Users (which explains why the VPN is particularly useful for wireless users) and VPN for Wired Users (which explains why the VPN is particularly useful for users on a remote network outside UIUCnet).

Securing your applications: SSL, SSH, and SFTP

The VPN server, while drastically improving wireless security, isn't enough by itself. You still need a secure laptop, with current updates and antivirus software. And you also need to make sure that the applications you use (such as email and web browsers) are communicating securely too. When you use the VPN in combination with secure software, your network communication is safe all the way from your computer to its destination.

Email security is explained in further detail in the email security scenario.

Web browsers provide a simple way to tell whether communication is being securely encrypted. Make sure the URL begins with https:// and that your web browser shows a closed lock in the border of the browser window. This means that your connection is SSL-encrypted all the way from your computer to the computer you're communicating with. CITES Express Email and NetFiles are two examples of web-based applications that provide SSL encryption on every page.

If you've ever used telnet or FTP to communicate with other computers, SSH and SFTP are secure replacements for the telnet and FTP protocols. Most systems that once supported telnet will now support SSH as well. In fact, many systems will no longer support unencrypted telnet and FTP, now requiring their users to use encrypted SSH and SFTP instead. For example, the Engineering Workstations lab systems have changed to this security policy in recent years.