Your wireless doesn't initiate any security upstream to the internet, only making sure your neighbors aren't watching what you're looking at on the internet. Trivial without any encryption, gradients harder based on your choice of router and/or encryption. Use wpa2 with aes (not tkip) with a complex password, you're good (for now). VPN only encrypts you to a gateway of your choice and NAT's you out their address to the world. Usually work or other admin function, but others use these to hide where they bittorrent movies from so media cartel ambulance chasers go fish in a foreign country and service that doesn't keep your origin IP logs (in theory). If you vpn to something, and connect to a website unencrypted, someone can still see what is contained in your packets to be able to reassemble them if when they hit government black box collectors off optical taps at all your favorite ISP's. Tor is *like* this, but egressing and NAT'ing you out any number of random gateways that people donate bandwidth (and liability) to. Tor and vpn's are more about hiding your IP identity, which with a court order is trivial to get your ISP to tell them who you are (almost trivial it seems even without these days). If you want to secure data, you need end to end encryption, so make sure everything you connect to uses some kind of ssl, tls, encryption, etc - no router will save you. Https on web pages, ssh on admin sessions, etc (look for "https everywhere" plugins for your browser). Sadly there are still a lot of crappy applications that talk to the internet that do NOT use encryption on their socket connections to send data. Figure out which, and banish them from your routines/usage. -mb On 10/31/2014 06:46 PM, Bob Holtzman wrote: > On Wed, Oct 22, 2014 at 09:13:10PM -0700, Stephen Partington wrote: >> well you might want to turn it on. because you are now an open AP >> >> http://en.wikipedia.org/wiki/Wireless_security > Extremely sorry to be so late getting back on this. Life intrudes. > > Interesting link. Unfortunately it deals exclusively with wireless > security. Did I miss something? > > My initial impression was that the router's encryption covered all > signals passing thru it, wired and wireless. I now think that it only > covers b'cast signals, leaving the wired network unprotected. Yes/no? > Been scouring the i'net but find nothing about activating security for > wired connections short of using ssh or maybe vpn. > > Any help, clarifications, pointers, etc? > --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org To subscribe, unsubscribe, or to change your mail settings: http://lists.phxlinux.org/mailman/listinfo/plug-discuss