Because the 802.11b wireless specification uses the 2.4Ghz frequency range, anyone with basic networking knowledge and a cheap wireless receiver can eavesdrop on your network usage. This means that someone can potentially see your user name and password and whatever else you may be working on. Thus if you are currently using Nomad to access UT's computer network, it is important that you consider securing your wireless connection. OIT has developed the following webpage to provide you with basic security information as well as some tips to help you secure your wireless connection.

Why isn't my connection secure?

Because wireless network access uses radio frequency to broadcast and retrieve data, the data can be viewed by anyone within the signal range of your computer. While the 802.11b wireless specification did originally feature built in security, it was found to be too weak to offer real security. While the original design of UT's wireless network required that you use encryption software (AS2000 client), it was soon realized that the software did not fit the needs of the university community and the decision was made to cease using the AS2000 client.

Since OIT is no longer forcing Nomad users to use the AS client, it is crucial that you take the proper precautions and secure your wireless network connection.

What security options do you have available?

It is recommended that you consider downloading UT's virtual private networking (VPN) software. A VPN is a private data network that maintains privacy through the use of a tunneling protocol and security procedures. Using a virtual private network involves encrypting data before sending it through the public network and decrypting it at the receiving end. UT's VPN allows you to browse the web safely and securely without having to worry that someone might be eavesdropping on your network connection C or stealing your passwords. If you would like to download the VPN click here.

If you choose to not use the VPN, it is important that you use programs that offer built in encryption. Both Netscape Navigator and Internet Explorer offer SSL encryption, but pages are only encrypted if the server that you are connected to supports SSL. Most university related sites that require password verification use SSL, but it is important that you check and make sure that the site does offer encryption. You can tell if a site is encrypted by checking to see if there is a padlock present in the bottom right corner of the browser.

It is also important that you use encryption if you access university resources through telnet. A new protocol that offers built in encryption was developed to replace telnet and can be used to connect to all OIT resources. This protocol, called secure shell or SSH requires an SSH compliant client, but allows you to access university resources with ease and security. If you wish to use SSH, click here for download information.

If you have any questions, don't hesitate to contact the helpdesk via email or by telephone at 974-9800/9900.

Office of Information Technology