Chapter 3: Planning Your Virtual
Private Network (VPN)
Why do I need a VPN?
Computer networking provides a flexibility not available when using an archaic, paper-based system. With
this flexibility, however, comes an increased risk in security. This is why firewalls were first introduced.
Firewalls help to protect data inside of a local network. But what do you do once information is sent
outside of your local network, when e-mails are sent to their destination, or when you have to connect to
your company's network when you are out on the road? How is your data protected?
That is when a VPN can help. VPNs are called Virtual Private Networks because they secure data moving
outside of your network as if it were still within that network.
When data is sent out across the Internet from your computer, it is always open to attacks. You may already
have a firewall, which will help protect data moving around or held within your network from being
corrupted or intercepted by entities outside of your network, but once data moves outside of your
network—when you send data to someone via e-mail or communicate with an individual over the
Internet—the firewall will no longer protect that data.
At this point, your data becomes open to hackers using a variety of methods to steal not only the data you
are transmitting but also your network login and security data. Some of the most common methods are as
follows:
1) MAC Address Spoofing
Packets transmitted over a network, either your local network or the Internet, are preceded by a packet
header. These packet headers contain both the source and destination information for that packet to transmit
efficiently. A hacker can use this information to spoof (or fake) a MAC address allowed on the network.
With this spoofed MAC address, the hacker can also intercept information meant for another user.
2) Data Sniffing
Data “sniffing” is a method used by hackers to obtain network data as it travels through unsecured
networks, such as the Internet. Tools for just this kind of activity, such as protocol analyzers and network
diagnostic tools, are often built into operating systems and allow the data to be viewed in clear text.
3) Man in the middle attacks
Once the hacker has either sniffed or spoofed enough information, he can now perform a “man in the
middle” attack. This attack is performed, when data is being transmitted from one network to another, by
rerouting the
vpn (virtual private network): a security measure to protect data as it leaves one network and goes to
another over the Internet
Summary of Contents for Linksys WRVS4400N
Page 21: ......
Page 24: ......
Page 28: ...Configuring the Wireless N Router for directions on how to set up the Wireless N Router ...
Page 53: ......