You are not logged in.
Pages: 1
Hi
I am a newbe and this is proberbly a stupid question. And it is not directly Arch Linux related.
If I want to connect to my server from my laptop inside my own network (LAN 192.2.168.....) Do I need encryption (ssl, ssh etc,) to be secure?
If I send a password without encryption can someone pick this up or is it only visible inside my LAN? I have read something about loopback, but like I said I am a newbe:-)
Thanks if someone could confirm that I dont have to bother with encrypted connections as long as I am on LAN.
Offline
It's only visible inside your LAN - but SSH is pretty simple to set up, so you may as well do that anyway.
Offline
It's only visible inside your LAN - but SSH is pretty simple to set up, so you may as well do that anyway.
Thanks:-)
I use ssh and it is very easy, but I wish to set up a ftp server that I only use inside my lan, So now I dont need sftp:-))
Offline
It is restricted to your internal network, but you still need to consider how trusted your LAN is.... At home it's probably not a huge issue (unless you live with other geeks), on a work LAN you might be less trusting. Also, if someone compromises 1 machine on your LAN, then they have access to your local LAN traffic.
For all intents and purposes, it should be fine. If you want to get tinfoil hat, go the extra mile
Are you familiar with our Forum Rules, and How To Ask Questions The Smart Way?
BlueHackers // fscanary // resticctl
Offline
It is restricted to your internal network, but you still need to consider how trusted your LAN is.... At home it's probably not a huge issue (unless you live with other geeks), on a work LAN you might be less trusting. Also, if someone compromises 1 machine on your LAN, then they have access to your local LAN traffic.
For all intents and purposes, it should be fine. If you want to get tinfoil hat, go the extra mile
Thanks!
I am only on my home network. ( me and my girlfriend) and my wireless connection is WPA2.
I became a bit paraniod after I "think" I got hacked a few years ago.
After that I started encrypting everything, even though I dont have anything interessting or important;-)
Offline
....even though I dont have anything interessting or important;-)
Your internet connection is the most interesting thing when its used for sending spam or hosting kiddie pr0n
Last edited by fukawi2 (2011-06-07 03:26:15)
Are you familiar with our Forum Rules, and How To Ask Questions The Smart Way?
BlueHackers // fscanary // resticctl
Offline
Also, with a wireless LAN, you might have people on your LAN that you don't even know.
If you run without Encryption, you can pretty much count on it.
If you use WEP, it is somewhere between likely and possible.
WEPWPA and WEP2WPA2 it is unlikely IFF you use a strong passphrase.
If you have a wired LAN, and your cables are not physically secure, you could have uninvited guests as well.
As far as trust of other machines on your net, some operating systems may be more trustworthy than others. Also, remember that a Virtual Machine that is bridged or NATed can still do a lot of damage, so ensure you trust them as well.
Edit: Whoops. Must get more sleep. See post just below. Thanks .:B:.
Last edited by ewaller (2011-06-07 06:36:04)
Nothing is too wonderful to be true, if it be consistent with the laws of nature -- Michael Faraday
Sometimes it is the people no one can imagine anything of who do the things no one can imagine. -- Alan Turing
---
How to Ask Questions the Smart Way
Offline
Also, with a wireless LAN, you might have people on your LAN that you don't even know.
If you run without Encryption, you can pretty much count on it.
If you use WEP, it is somewhere between likely and possible.
WEP and WEP2 it is unlikely IFF you use a strong passphrase.
I assume you mean WPA and WPA2 there .
To the topic starter: If you start asking about security, and you're not on a LAN but on a WLAN, then SSH is not a nice addition but pretty much a requirement (unlike a LAN, which has its physical boundaries, WLAN traffic can easily be sniffed and, given enough time and processing power, decrypted). Either way, as people said before SSH is a breeze to set up and non-encrypted remote login protocols (like telnet) are considered to be pretty much deprecated, if only because the processing power required for the encryption part is absolutely minimal.
I'd suggest you change your topic title so people aren't confused .
Got Leenucks? :: Arch: Power in simplicity :: Get Counted! Registered Linux User #392717 :: Blog thingy
Offline
Pages: 1