Inside Iowa State
Inside ArchivesSubmit newsSend news for Inside to inside@iastate.edu, or call (515) 294-7065. See publication dates, deadlines. About InsideInside Iowa State, a newspaper for faculty and staff, is published by the Office of University Relations. |
Nov. 18, 2005 How to foil wireless snoopsby Samantha Beres There you are -- cup of steeping black tea, tucked away at the corner table in a coffee shop, all ready to do a little work. The place has wireless Internet access, so no problem. Just log in to the Iowa State Web site to grab some documents from the network. But wait a minute. All the other people in the coffee shop are wireless. Could the guy in the next booth intercept your messages and eavesdrop? Or, could anyone see what you are sending over the air waves? 
Tom Kula (foreground), a systems support specialist with IT Services, works 'securely' on a laptop computer in Lagomarcino Hall's Courtyard Cafe, one of dozens of interior areas on campus with access to wireless.Photo by Bob Elbert. Not if you're encrypted. Encryption software protects the privacy of information sent over a network by "scrambling" it. Encryption works two ways. Servers may be set up to be "secure," or you can set up encryption software on your laptop to protect your privacy. Iowa State provides a data encryption tool called Virtual Private Network (VPN). VPN will encrypt all data traveling between your computer and the campus network. (For information on how to use VPN on the ISU network, see http://www.it.iastate.edu/security.) Steve Schallehn, a senior network engineer for Information Technology Services, likens the information you transmit to notes written on postcards. "Someone might see the contents of what you've written if they're looking for it," he said. But no matter where you are, he said, bringing up the VPN connection is like putting all of your letters and postcards in a big manila envelope and sending them through the mail. "If someone was snooping, they could see that I was sending information to Iowa State, but they couldn't see the contents," he said. While most of us may not care if anyone reads our e-mail, this safety extends to file transfers and instances in which users are talking to file servers. https:// indicates encryptedWhen a Web site is encrypted, it's automatically "secure" for all visitors. Web sites that start with "https://" are encrypted. Examples of encrypted sites are AccessPlus and Wells Fargo. Look for a little padlock in the corner of the screen of the Web browser to verify that you're visiting a self-secured site. Again, while snoopers may not be able to see your AccessPlus password or your bank account information, they still would know that you're visiting the site. Not all ISU Web sites are secure. With e-mail software Outlook and Eudora, your password is safe, but the contents of what you write may be visible to other people. Other unsafe situations include Microsoft File Sharing, ftp and telnet. So, could someone spy on you? There is software on the Internet that allows hackers to intercept information, but Schallehn points out the hackers would need to be looking for something pretty specific. "And, while people don't need to be paranoid about it," he said, "people should be concerned about it and protect themselves." |
Got security?Find out how to set up a VPN connection and take other measures to secure your computer on Information Technology's "security" web site. Wireless zonesAll major buildings on campus have wireless areas. |
Ames, Iowa 50011, (515) 294-4111. Published by: University Relations, online@iastate.edu.
Copyright © 1995-2005, Iowa State University of Science and Technology. All rights reserved.