Network Traffic Protection and Encryption

Importance of Encryption

• Protects data sent over wired and wireless networks.
• Many protocols still send data in clear text without encryption (e.g., Telnet, FTP, SMTP, IMAP).

Identifying Unencrypted Traffic

• Capture packets to assess how much traffic is encrypted.
• Headers should be visible, but data should be encrypted.
• Unencrypted data suggests the use of insecure protocols.
  • E.g., DEF CON's "wall of sheep" lists those using insecure protocols.

Recommendations for Secure Protocols

• Replace insecure protocols with secure alternatives:
  • Telnet ➔ SSH (Secure Shell)
  • HTTP ➔ HTTPS
  • IMAP ➔ IMAPS (secure)
  • FTP ➔ SFTP (Secure FTP)

Port Numbers and Security

• Port numbers can indicate security:
  • Port 80 ➔ Likely HTTP (insecure)
  • Port 443 ➔ Likely HTTPS (secure)
• Not a guarantee of encryption—check server settings.
• Perform packet captures to verify encryption.

Encrypting Network Traffic

• Use encryption methods to secure all network traffic:
  • WPA3: Encrypts wireless network traffic on an access point.
  • VPN (Virtual Private Network):
    • Creates an encrypted tunnel between your device and a VPN concentrator.
    • Requires additional software and potentially purchasing VPN service.

Summary

• Always strive to use secure protocols for network communication.
• Ensure network configurations, like wireless access points, are set to use strong encryption methods.
• Consider employing network-level encryption like VPNs for comprehensive data protection.