Secure connections really secure ?

[trip6]

I am a network engineer... Here is the down low on SSL or Secure Socket Layer encryption. SSL has its own TCP port 443. SSL is commonly used with HTTPS protocol. TCP is a session oriented protocol, meaning that the client and the server establish a session before communication takes place. What SSL does is setup an encryption algorithm for that session based on a security certificate, if you don't have the correct algorithm you cannot transmit data to that session. Can it be hacked yes, just like anything it just takes along time. Security is finite not infinite so all security can be cracked given an appropriate amount of time and the appropraite resources to do so. But it creates enough of a stumbling block that 90% of the people trying to crack it, give up before they can or do not have the resources or knowledge to do so. Think of it as a safe, I can break into a safe but if the walls are 20 foot thick, I may have to risk myself and have significant resources to do so. Hope that makes sense to you... Feel free to ask questions.

[trip6]

An if using wireless, you can also use mac address filter lists to filter clients with only specific mac addresses to gain access to the wireless connection.

But just as any security, mac addresses can be spoofed. That is why security is a layered approach and why others have recommended WPA for wireless too... So mac address list, WPA or EAP or LEAP and your about as secure as you can get on a wireless connection...

To the guy who was referring to AES-256, it is pretty darn secure but was and has been cracked already in penetrative testing by the DOD electronic warfare guys in about a 3 month time frame. The current highest level of security available is rumored to be a 2048-bit tumbling key standard created by the DOD that has yet to be cracked. No one in the public has seen it, and it may not become a public standard ever...

Nuff said...