encrypting local network

[Flx 76]

Hi,

As it says in the title of this post how many of you out there have encrypted the local network traffic for example (in your home or apartment) and by what means?!? Means such as using IPSec PFS ESP,tunneling and your own created OpenVPN security certificate(similar to stunnel.crt). I know there are lots of docs,websites explaining this topic.

I would like an answer from AirVPN community if any of you have already done this?

Regards,

Flx

[zhang888 1066]

You have to clarify which kind of network and from which kind of attacks. For WiFi, use WPA2.

For LAN, you can use IPSec, but what is the threat model here, that somebody who is inside your house

already will be able to connect a device to one of the physical LAN ports? That's kind of a bigger issue itself.

[Flx 76]

You have to clarify which kind of network and from which kind of attacks. For WiFi, use WPA2.

Agreed.

For LAN, you can use IPSec

Correct. Kerberos or certificates are also a possibility/choice.

 

but what is the threat model here, that somebody who is inside your house

already will be able to connect a device to one of the physical LAN ports? That's kind of a bigger issue itself.

That's a big If they can or know how to by-pass the network hardware firewall. Drops any new connected device, unlike the choice of Allow New Connected device(s).

It's true of what you say...no server/system/network/device is fool proof 100%.