Network Security and Encryption

Importance of Encryption

• Encrypting network traffic is essential to protect data sent over both wired and wireless networks.
• Historically, not all protocols were designed with encryption in mind, leading to potential security vulnerabilities.

Insecure Protocols

• Common protocols that traditionally do not encrypt data:
  • Telnet
  • FTP
  • SMTP
  • IMAP
• These protocols send information in clear text, making them susceptible to interception.
• Example: Def Con's "Wall of Sheep" highlights insecure protocol usage by displaying usernames, partial passwords, IP addresses, and protocols.

Secure Protocols

• Use secure protocols that encrypt data:
  • SSH instead of Telnet for remote device access.
  • HTTPS instead of HTTP for web browsing.
  • IMAPS instead of IMAP for email.
  • SFTP instead of FTP for file transfers.

Identifying Secure vs. Insecure Traffic

• Traffic can sometimes be identified by port numbers:
  • Port 80: HTTP (insecure)
  • Port 443: HTTPS (secure)
• Port usage does not guarantee encryption; check server security settings and perform packet captures to ensure encryption.

Network Encryption Techniques

• Wireless Networks:
  • Open access points do not encrypt traffic.
  • Configure access points with encryption protocols like WPA3 to secure wireless data.
• Virtual Private Networks (VPNs):
  • Create encrypted tunnels between devices and networks.
  • VPN concentrators decrypt data on the server side.
  • May require additional software or third-party services.