You are not logged in.

#1 2011-06-06 20:20:30

torleif
Member
Registered: 2009-09-27
Posts: 16

lan security

Hi
I am a newbe and this is proberbly a stupid question. And it is not directly Arch Linux related.

If I want to connect to my server from my laptop inside my own network (LAN 192.2.168.....) Do I need encryption (ssl, ssh etc,) to be secure?
If I send a password without encryption can someone pick this up or is it only visible inside my LAN? I have read something about loopback, but like I said I am a newbe:-)

Thanks if someone could confirm that I dont have to bother with encrypted connections as long as I am on LAN.

Offline

#2 2011-06-06 20:29:08

Barrucadu
Member
From: York, England
Registered: 2008-03-30
Posts: 1,158
Website

Re: lan security

It's only visible inside your LAN - but SSH is pretty simple to set up, so you may as well do that anyway.

Offline

#3 2011-06-06 20:34:24

torleif
Member
Registered: 2009-09-27
Posts: 16

Re: lan security

Barrucadu wrote:

It's only visible inside your LAN - but SSH is pretty simple to set up, so you may as well do that anyway.


Thanks:-)
I use ssh and it is very easy, but I wish to set up a ftp server that I only use inside my lan, So now I dont need sftp:-))

Offline

#4 2011-06-06 23:00:55

fukawi2
Ex-Administratorino
From: .vic.au
Registered: 2007-09-28
Posts: 6,217
Website

Re: lan security

It is restricted to your internal network, but you still need to consider how trusted your LAN is.... At home it's probably not a huge issue (unless you live with other geeks), on a work LAN you might be less trusting. Also, if someone compromises 1 machine on your LAN, then they have access to your local LAN traffic.

For all intents and purposes, it should be fine. If you want to get tinfoil hat, go the extra mile wink

Offline

#5 2011-06-06 23:14:39

torleif
Member
Registered: 2009-09-27
Posts: 16

Re: lan security

fukawi2 wrote:

It is restricted to your internal network, but you still need to consider how trusted your LAN is.... At home it's probably not a huge issue (unless you live with other geeks), on a work LAN you might be less trusting. Also, if someone compromises 1 machine on your LAN, then they have access to your local LAN traffic.

For all intents and purposes, it should be fine. If you want to get tinfoil hat, go the extra mile wink


Thanks!
I am only on my home network. ( me and my girlfriend) and my wireless connection is WPA2.
I became a bit paraniod after I "think" I got hacked a few years ago.

After that I started encrypting everything, even though I dont have anything interessting or important;-)

Offline

#6 2011-06-07 03:25:58

fukawi2
Ex-Administratorino
From: .vic.au
Registered: 2007-09-28
Posts: 6,217
Website

Re: lan security

torleif wrote:

....even though I dont have anything interessting or important;-)

Your internet connection is the most interesting thing when its used for sending spam or hosting kiddie pr0n

Last edited by fukawi2 (2011-06-07 03:26:15)

Offline

#7 2011-06-07 04:40:25

ewaller
Administrator
From: Pasadena, CA
Registered: 2009-07-13
Posts: 19,739

Re: lan security

Also, with a wireless LAN, you might have people on your LAN that you don't even know.

If you run without Encryption, you can pretty much count on it.
If you use WEP, it is somewhere between likely and possible.
WEPWPA and WEP2WPA2 it is unlikely IFF you use a strong passphrase.

If you have a wired LAN, and your cables are not physically secure, you could have uninvited guests as well.
As far as trust of other machines on your net, some operating systems may be more trustworthy than others.  Also, remember that a Virtual Machine that is bridged or NATed can still do a lot of damage, so ensure you trust them as well.

Edit: Whoops.  Must get more sleep.  See post just below. Thanks .:B:.

Last edited by ewaller (2011-06-07 06:36:04)


Nothing is too wonderful to be true, if it be consistent with the laws of nature -- Michael Faraday
Sometimes it is the people no one can imagine anything of who do the things no one can imagine. -- Alan Turing
---
How to Ask Questions the Smart Way

Offline

#8 2011-06-07 06:29:51

.:B:.
Forum Fellow
Registered: 2006-11-26
Posts: 5,819
Website

Re: lan security

ewaller wrote:

Also, with a wireless LAN, you might have people on your LAN that you don't even know.

If you run without Encryption, you can pretty much count on it.
If you use WEP, it is somewhere between likely and possible.
WEP and WEP2 it is unlikely IFF you use a strong passphrase.

I assume you mean WPA and WPA2 there wink.

To the topic starter: If you start asking about security, and you're not on a LAN but on a WLAN, then SSH is not a nice addition but pretty much a requirement (unlike a LAN, which has its physical boundaries, WLAN traffic can easily be sniffed and, given enough time and processing power, decrypted). Either way, as people said before SSH is a breeze to set up and non-encrypted remote login protocols (like telnet) are considered to be pretty much deprecated, if only because the processing power required for the encryption part is absolutely minimal.

I'd suggest you change your topic title so people aren't confused wink.


Got Leenucks? :: Arch: Power in simplicity :: Get Counted! Registered Linux User #392717 :: Blog thingy

Offline

Board footer

Powered by FluxBB