Is a wired connection 'more' secure then a wireless?

[jnelsoninjax]

I feel that this is a simple question, but I was recently reading a book and the main character made the comment regarding the fact that the antagonist had a wired cat 5 connection and (the hero) made the comment that CAT5 was easier to 'hack' then wireless, but I really think that it is the other way around, I would think that wireless is much less secure then a wired connection. Am I correct?

[Mindovermaster Global Moderator]

You are running off the same network. As in, you are still connected to the internet through your router/modem. Unless they are hardwired into your router, they can't do squat with it, even though they broke your wifi passphrase.

 

That help?

[adrynalyne]

2 hours ago, Mindovermaster said:

You are running off the same network. As in, you are still connected to the internet through your router/modem. Unless they are hardwired into your router, they can't do squat with it, even though they broke your wifi passphrase.

 

That help?

Only if the purpose was to share incorrect info. Once they are on someone’s network (wired or WiFi), there is for sure a security risk for machines on it. How much depends on the OS and security measures setup. 

2 hours ago, jnelsoninjax said:

I feel that this is a simple question, but I was recently reading a book and the main character made the comment regarding the fact that the antagonist had a wired cat 5 connection and (the hero) made the comment that CAT5 was easier to 'hack' then wireless, but I really think that it is the other way around, I would think that wireless is much less secure then a wired connection. Am I correct?

It’s the other way around unless someone can plug in. 

[Mindovermaster Global Moderator]

7 hours ago, adrynalyne said:

Only if the purpose was to share incorrect info. Once they are on someone’s network (wired or WiFi), there is for sure a security risk for machines on it. How much depends on the OS and security measures setup. 

Well, yeah. Guess I was backwards too...

[hitchcock42]

But if all of your network is wired -- then there is no need for wireless. And the wired network is more secure than one open to wireless attacks.

[adrynalyne]

1 minute ago, hitchcock42 said:

But if all of your network is wired -- then there is no need for wireless. And the wired network is more secure than one open to wireless attacks.

I always wire my mobile devices to my network. 😜

[hitchcock42]

6 minutes ago, adrynalyne said:

I always wire my mobile devices to my network. 😜

I have been to one of two companies that have a wired network and nothing else -- for the above reason. But I think that is pretty rare.

[+DonC Subscriber²]

Wireless connections are encrypted by default on most consumer gateways these days but the same is not true for wired connections.

 

However, by the time the hero of the book has the opportunity to physically plug a CAT5 cable into the gateway then they could just as well turn it upside-down and read the wireless key off the sticker!

[Dick Montage]

Wireless connections are secured using passphrases.  Wired connections are (generally) not.

 

We have undertaken a large project recently to ensure that our WIRED network cannot be exploited by rogue devices.  It's a lot more common than people think.

 

[+BudMan MVC]

And what was this book?

 

And "hack" in what context?  While you might just be able to plug into a switch on a home network... This would not be the case on any enterprise network.. There would be nac/nap in place - and best practice is to disable any port that is not actively being used.  But you can not just unplug users pc and plug in your hacking machine and expect to be on the same vlan that user machine was on because needing to auth in some manner to get on specific vlan.

 

That sort of statement as a blanket statement doesn't make a lot of sense, but with specific context it may or may not be true, etc.

 

Lets not forget physical access, vs sitting out in the parking lot in your car with the possibility to access the wireless network.  With a wired network, atleast in an enterprise you would have to go through some access control just to get to a wire in the first place.  We have to finger print to get into the office, and normal users do not have access to any of the wiring closets, etc.

 

Lets then look at ok hey, I plugged into the wire.. Even if could get access.. The wire I plugged into would only be on the specific vlan that either authed to with creds, or that port is assigned too.. And even then would only see traffic that was broadcast, you don't see "all" traffic, etc..  With wireless if using pairwise pmk, all devices would be using their own encryption keys and even if you could sniff the wireless traffic each clients encryption would be different, other than the group key traffic (broadcast and multicast)..

 

So again in what context?  With wireless I could throw up AP that looks like the company AP and if security features are not in place all clients would send all their traffic through my device, etc.  Without gaining any physical access to the premises.

 

Without any context of this this so called "hack" being done - its like most IT related stuff in movies/books - its not very accurate hehehe.. Only recent show that have seen that did a decent job/attempt at realistic IT in general was mr robot..

 

[Dick Montage]

10 minutes ago, BudMan said:

With a wired network, at least in an enterprise you would have to go through some access control just to get to a wire in the first place. 

Enterprise, damn right you'd hope so.  But smaller operations absolutely overlook the wired - and that's absolutely to their peril.

[jnelsoninjax]

13 minutes ago, BudMan said:

And what was this book?

 

And "hack" in what context?  While you might just be able to plug into a switch on a home network... This would not be the case on any enterprise network.. There would be nac/nap in place - and best practice is to disable any port that is not actively being used.  But you can not just unplug users pc and plug in your hacking machine and expect to be on the same vlan that user machine was on because needing to auth in some manner to get on specific vlan.

 

That sort of statement as a blanket statement doesn't make a lot of sense, but with specific context it may or may not be true, etc.

 

Lets not forget physical access, vs sitting out in the parking lot in your car with the possibility to access the wireless network.  With a wired network, atleast in an enterprise you would have to go through some access control just to get to a wire in the first place.  We have to finger print to get into the office, and normal users do not have access to any of the wiring closets, etc.

 

Lets then look at ok hey, I plugged into the wire.. Even if could get access.. The wire I plugged into would only be on the specific vlan that either authed to with creds, or that port is assigned too.. And even then would only see traffic that was broadcast, you don't see "all" traffic, etc..  With wireless if using pairwise pmk, all devices would be using their own encryption keys and even if you could sniff the wireless traffic each clients encryption would be different, other than the group key traffic (broadcast and multicast)..

 

So again in what context?  With wireless I could throw up AP that looks like the company AP and if security features are not in place all clients would send all their traffic through my device, etc.  Without gaining any physical access to the premises.

 

Without any context of this this so called "hack" being done - its like most IT related stuff in movies/books - its not very accurate hehehe.. Only recent show that have seen that did a decent job/attempt at realistic IT in general was mr robot..

 

I agree with you about books in general, but if you were wondering, just for S&G it is titled "Private Games" by James Patterson and Mark Sullivan, published in February 2012

[+BudMan MVC]

Ah that is the 3rd in the series.. I will give the first one a try.. I like thrillers..