 |
 |
On Fri, Jul 22, 2005 at 01:05:03PM -0400, Lee Duynslager wrote: > What methods of encryption does the MSUnet wireless provide for? > > I was told that wireless transmission goes on unencrypted, because there is > not centralized authority for keys. > > Is that true? > > If that is the case then I would think that systems connected to these > access points should not be processing sensitive data, as this data could > easily be intercepted. My view is that any sensitive data handling should be done via SSL, whether it is done over the wired or wireless networks, rather than relying on data encryption on portions of the intervening network. With the right tools, there are ways to capture some of the network traffic even on a wired, switched network, so it's best to always use SSL when transfering data between systems. We do this as a matter of course for all of our UNIX server-to-server transfers, backups, etc., and our client-to-server operations as well. I don't know what it takes in the Windows client/server environment to use SSL, e.g. for mounted file systems, but it's worth considering. One alternative would be to run a VPN server with encryption on your file server, and use that for all remote access via wireless and remote access. And yes, to answer your question, we don't provide encryption on the wireless system, outside of the authentication, which is done via SSL (https login page). Doug -- Doug Nelson, Network Manager | [log in to unmask] Academic Computing and Network Services | Ph: (517) 353-2980 Michigan State University | http://www.msu.edu/~nelson/