I know full well that there's no such thing as 100% security in any networking environment. The most that wireless encryption does for you is prevent casual attachment and/or snooping. If someone wants in, they'll get in.
Yeah. You can get pretty damn close using RSA/asymmetric key encryption like Colin (MoparManiac) said, but still, there is no such thing as 100% security.
If someone wants in to your wired network, they'll find a way in. It's easier if you're attached to the outside world (read: Internet.)
Definitely. Easier to exploit the router (usually some crappy consumer-level equipment that has been set up and immediately ignored, default password, firmware never updated)
Also, if you can tap the lines, it's fairly easy to sniff wired traffic. Would you notice if your computer said your ethernet cable was disconnected for a second, and then everything worked again? Probably not. It's trivial to find a 10/100mbit hub (must be a dumb hub, no switches need apply) and put it inline with the system targeted in under a second if you're good, and then all you need is EtherReal/Wireshark and a network card that handles promiscuous mode pretty well.
Important/sensitive data is stored offline, so you'd have to break into the house to get at anything I wanted to secure. Then break encryption on that drive. Assuming you snatched the right drive in the first place (you've got fairly good odds of grabbing a dummy drive, and it's about even odds that, assuming you've gotten a useful drive, you're going to grab something with data you can find easily on it.)
hahaha same here, though the dummy drives aren't really intentional, it's just that they happen to be sitting there.
Ok So I have a question here. How does in addition to WPA2, does Mac address filtering help out? I use it, I know that a mac address can be copied, am I being stupid in thinking that in my rather rural setting that I am not a high target here? I am in kodiak and all my neighbors have their own internet and satellite TV (we share a dish).
It's great if no one is around to check what your MAC address is, then they have 2^48 (approximate, minus a lot of non-allocated and non-usable/special purpose addresses) numbers to choose from before they hit yours. If someone can decrypt the traffic you're creating and get your MAC address, it becomes trivial to circumvent. Nothing wrong with defense in depth though.
Asymmetric key encryption algorithms (such as RSA) are probably the only thing going right now that offer significant security unless someone develops a quick way to factor the prime numbers that develop the key.
PGP is pretty secure, but can be pretty crappy to deal with. Have it on my laptop and have heard some horror stories.
X2 on all of that. We just had to upgrade all our laptops here with PGP whole disk encryption, took hours and it's annoying as hell. So far I know of no easy way to break stuff like this, once every few months someone makes an advance in quantum computing and instantly everyone says "this might be used in the distant future to break asymmetric key encryption" but nothing so far. Cyphers are easy to break though, for instance symmetric encryption (and AES/3DES if part of the key is known or the key space is limited) can be broken in a matter of hours with specialized computing hardware (google for "copacobana 3des" for more info.)
MAC filtering is most useful when you're online. If you're not online, and someone spoofs your MAC address, you'll never know (unless you're monitoring logs.) If you are online, and someone spoofs your MAC address, you'll see some apparently very strange behavior.
In all reality, unless you've got something that someone on the outside actively wants, you really only need to be more secure than your neigbors. You don't need to be completely secure.
"I don't have to outrun the bear, I only have to outrun you"... it's true.
