Think your wireless encryption is secure? [updated]

Posted on July 23rd, 2010 Dan

$17/ 20 min to crack WPA, the current standard for wireless encryption, and WEP is so weak you don’t even need a distributed cracker.

Just thought I’d share this reminder with you that for sending anything sensitive over wireless, always make sure you’re connecting to secure services using application level encryption (SSH, SSL, TLS, etc) in addition to the weaker wireless encryption.

Some older services and applications may want you to transmit sensitive data unencrypted and not support encryption natively.  If for some reason you have to work with one of these applications, you can secure the TCP connection using an SSH tunnel.

SSH (Secure Shell) tunnels can be used to secure any service as long as the client can connect to a Secure Shell on the remote network.

I recently wrote a shell script to automatically tunnel an insecure VNC remote desktop connection through SSH, and launch my remote desktop viewer, which then connects locally to the SSH tunnel instead of directly to the remote VNC service.

My local SSH client establishes the secure tunnel to the remote SSH server (residing somewhere on the application server’s side of the Internet, or on the app server itself).  The remote SSH server then forwards the insecure traffic to the proper remote TCP port- SMTP, POP3, FTP, Telnet, or whatever insecure service you want to use.

Thus the data connection is entirely encrypted, and this is transparent to the application so no plugins are required. Simply create the SSH tunnel, connect your application to localhost instead of the remote host, and SSH routes the traffic securely thru the tunnel.

To create an SSH tunnel in a Unix shell script (my VNC example here) you would do something like:

ssh -fgCN -i $identity -L 5902:$tunnelhost:5900 $rmtuser@$tunnelhost &

Where $identity is the public key identity file (generally ~/.ssh/id_dsa), $tunnelhost is the remote SSH server, and $rmtuser is the remote username.  5902 is the local port to connect to and 5900 is the remote service port.

The & forks it into the background and, then you can then connect your VNC client to TCP port 5902 on localhost.

This is an incredibly powerful tool to protect your privacy.  Research “SSH tunneling” if you’re interested in learning more.

SSH is a network terminal server system like Telnet, except with encryption options, public key login, tunneling, and other fun stuff.  This is just scratching the surface of what can be done with it.



Comments are closed.