Sign In
Create Account
Follow Us on Twitter
Subscribe on Youtube
I was curious as to the benefits of SSL security... I mean... Why bother? Is it not true that if given the option people would resort to keystroke recorders over cracking an encryption?
I mean... networks are fairly secure these days... is packet sniffing and interception even a reality these days? I would appreciate if anybody could lend me a few buzzwords so I could do a little research of my own as to how to secure my network traffic without resorting to SSL...
Thanks if anyone can help...
10 replies to this topic
Back to top|
|
|
#2
Posted 30 July 2008 - 06:10 AM
Xav
-
- Members
-
- 13,118 posts
Writes binary right handed and hex left handed
#3
Posted 30 July 2008 - 02:02 PM
MeTh0Dz
-
- Members
-
- 2,119 posts
Writes binary right handed and hex left handed
I would never send any type of critical data over any network without first encrypting.
And what do you mean is packet sniffing and intercepting a reality? Of course it is, wardriving is now more popular than ever and all it takes is arp poisoning to steal packets in a LAN.
I could go on about this, but I hope you got the idea.
And what do you mean is packet sniffing and intercepting a reality? Of course it is, wardriving is now more popular than ever and all it takes is arp poisoning to steal packets in a LAN.
I could go on about this, but I hope you got the idea.
#4
Posted 30 July 2008 - 03:15 PM
TkTech
-
- Moderators
-
- 1,396 posts
The Crazy One
Only way I really trust sending critical traffic is with a rotating 256-bit encryption key.
Its significantly easier to simply intercept someones traffic then to invade a system and install a keylogger. Something like wireshark which contains hundreds of signatures can tell you what protocol/application is being used and trace the conversation.
Uh. No comment.
Its significantly easier to simply intercept someones traffic then to invade a system and install a keylogger. Something like wireshark which contains hundreds of signatures can tell you what protocol/application is being used and trace the conversation.
Quote
I mean... networks are fairly secure these days... is packet sniffing and interception even a reality these days?
Uh. No comment.
#5
Posted 12 August 2008 - 01:31 PM
municipol
-
- Members
-
- 3 posts
Newbie
SSL won't do too much to help your data. If you're the kind to always go that extra mile or install that extra plugin, you'd probably want to use SSL. But for logins and stuff, ssl probably isn't you best choice.
#6
Posted 12 August 2008 - 04:24 PM
MeTh0Dz
-
- Members
-
- 2,119 posts
Writes binary right handed and hex left handed
SSL won't do much. lol alright
#7
Posted 15 August 2008 - 06:34 PM
morefood2001
-
- Members
-
- 1,720 posts
Speaks fluent binary
SSL to me is another tool as well that adds an additional layer of security to .
I do believe it will protect your data long enough to where you would have different information. I rarely give out any information that doesn't change on an annual basis (eg: social security number). I only give out credit card information when I buy something using paypal.
Our professor in a CS class I took explained how ssl works, and to sum it up, basically there are 2 keys. A public key and a private key. The public key is given to everyone and everyone will use that to encrypt the data. The private key is generated for your use only. When you receive data you use this key to decrypt the data. I forget the exact formula, but the algorithm used is very hard to reverse. I think our prof said it would take a year for the most powerful super computer to get the data back in the best case. This is why I trust ssl for information that changes on an annual basis. This was back in December of 2007, so I am not sure if this is still true.
I do believe it will protect your data long enough to where you would have different information. I rarely give out any information that doesn't change on an annual basis (eg: social security number). I only give out credit card information when I buy something using paypal.
Our professor in a CS class I took explained how ssl works, and to sum it up, basically there are 2 keys. A public key and a private key. The public key is given to everyone and everyone will use that to encrypt the data. The private key is generated for your use only. When you receive data you use this key to decrypt the data. I forget the exact formula, but the algorithm used is very hard to reverse. I think our prof said it would take a year for the most powerful super computer to get the data back in the best case. This is why I trust ssl for information that changes on an annual basis. This was back in December of 2007, so I am not sure if this is still true.
#8
Posted 20 August 2008 - 07:57 AM
Doe1974
-
- Members
-
- 9 posts
Newbie
Security is provided by layers. The fact that someone is able to use a keylogger is not enough to stop using SSL. SSL is designed to encrypt the info before leaving your machine.
---------------------------------------
Doe1974
System Analyst and Web Programmer
Specialist in ecommerce stores developed with Free Comersus Cart and blog sites developed with Free Wordpress
Support Open Source!!!
---------------------------------------
Doe1974
System Analyst and Web Programmer
Specialist in ecommerce stores developed with Free Comersus Cart and blog sites developed with Free Wordpress
Support Open Source!!!
#9
Posted 20 August 2008 - 10:23 AM
sohel003
-
- Members
-
- 3 posts
Newbie
I mean... networks are fairly secure these days... is packet sniffing and interception even a reality these days? I would appreciate if anybody could lend me a few buzzwords so I could do a little research of my own as to how to secure my network traffic without resorting
Free Porno Movie Clips adult dvds
#10
Posted 20 August 2008 - 11:48 AM
MeTh0Dz
-
- Members
-
- 2,119 posts
Writes binary right handed and hex left handed
Dude you obviously don't know **** about networks, I could walk into your company setup my laptop and start ******* with your network all day. Networks are far from being secure, when I use a DNS zone transfer or I start ARP poisoning you how do you plan to stop it? And then for all the noob administrators out there who run DHCP, yeah life just became a whole lot worse for you when I walked into your place of business.
How can you question the reality of packet sniffing and interception?
Don't try to say something is secure when you don't even understand it.
How can you question the reality of packet sniffing and interception?
Don't try to say something is secure when you don't even understand it.
#11
Posted 20 August 2008 - 05:11 PM
morefood2001
-
- Members
-
- 1,720 posts
Speaks fluent binary
MeTh0Dz|Reb0rn said:
Don't try to say something is secure when you don't even understand it.
I have a cisco network certification, and I still don't know a heck of a lot about networking lol
Building a "secure" network takes a lot of time, trial and error, and lots of money. And the moment you think your network is somewhat "secure", it becomes the subject of an attack. Its just a game of cat and mouse.
Network administration is definitely not for a newbie, there is a lot more to networking than just plugging an Ethernet cord into a router, and running a server (which is an entirely different topic). If you don't understand the OSI model, you have a lot to learn :P
