Beloit College
Banner Image

Student Symposium is taking place tomorrow, April 17. Click here for details, schedule.

Encryption How-To

Websites in General

Click here for a printable version of this document.

Using Encrypted Connections

SSL (Secure Socket Layer)
(Important for web and email SSL uses encryption to secure your network connection to other servers on the network for web or email. Normally, when you connect from your computer to another server on the network (or internet) your connection passes data back and forth in plain text. This is very easy for others to capture and view. SSL allows you to encrypt the data so that others cannot view it. This is particularly important when doing anything of a confidential nature (i.e anything that involves a password, email connections, financial transactions, etc). Using SSL is very easy. For safe connections to many Internet sites, simply type http <https:///>*s* :// <https:///> and the address.

SSH Secure Shell and SFTP
This is a program to allow secure network services over an insecure network. SSH and SFTP basically replace insecure terminal applications (such as Telnet and FTP) enabling you to securely long in to remote host servers. It is now required for most Beloit College servers. Regular telnet connections transmit your password in plain text so your password is not encrypted or protected at all! This makes it possible for others to invade your network and capture your password or other network content. Using SSH or SFTP, your password is protected and never transmitted without strong encryption. Most students do not need to utilize a terminal connection any more. But those that program or do administrative work on web pages should use SSH or SFTP or a program that supports those protocols.* Note*: The latest versions of Dreamweaver now support SFTP.

If you are Windows user and would like to install the SSH secure shell, you may download the file from the ISR Software Archives at the software page.

After installing SSH2, remember to import the license key using the *Help - Import License File... * menu.

Mac users can use Fetch or Fugu for SSL connections. Please contact ISR if you need help downloading or configuring either software.

Email Clients

Email is inherently insecure. Once an email message leaves the Beloit College server, it is sent in raw text and can be easily spied upon by hackers. That means one should be very careful about sending any message with confidential information in it. Even if you encrypt your side, the content will likely arrive unencrypted at the recipient end. Having stated that, Beloit College provides SSL (TLS) encryption for sending and receiving from our pop and smtp servers. The primary purpose is to protect your password over the network and Internet. It does not protect your data while is being sent from or received to the college email server. However, it will secure your data form your email client to the college email server. ISR highly recommends that if you use an email pop3 client such as Outlook, Thunderbird, etc, you should configure it securely. See the Configuring Email Clients how-to for the appropriate configuration and always be careful about sending sensitive information via email.

Webmail SSL Encryption
In order to maintain Webmail privacy including your password, you simply need to type in an 's' after http in the URL; i.e; As long as an 's' appears after the http in an URL address field of your browser, your email connection will remain encrypted and secure from others to see.

Alternatively, you can simply click on the "Secure" link on the login page of Webmail and it will automatically put you in secure (encrypted) mode.

SSL Outlook Setting
How-to for Outlook 6 or higher of retrieving email via SSL POP.
SSL (secure socket link) allows applications to exchange data over the network in an encrypted format.

Outlook users must use port 995.

Go to Tools - Accounts and select Properties for your Beloit account -

Click on the Advanced near the top.

Click on the box "This server requires a secure connection SSL". The pop3 port for incoming mail should change from 110 to 995.

Click Apply and exit out.

NOTE:This encrypts the password exchange and the retrieval of email. IT does NOT encypt sending of email. Currently SSL is not supported for sending email.

Websites in General

Internet SSL Encryption
Most sites that have you give confidential information, such as passwords, credit card numbers, etc., will use SSL encryption automatically. You can tell that your data is being encrypted by looking at the URL. If there is an s after the http, e.g., you will know that it is SSL encrypted and protected. Normally you will be notified of this by your browser before entering an SSL protected site, as well as being warned when you exit an SSL protected site.

For Internet servers that support SSL, you can maintain your privacy by adding an 's' after http in the URL; for example: As long as an 's' appears after the http in an URL address field of your browser, your web connection will remain encrypted and secure from others to see.

If you are using a wireless(802.11b or 802.11g) connection to the Internet, it is an even better idea idea to use SSL encryption whenever possiable. If you are going to use a wireless Internet connection, remember that everything that you send and recieve can and may be spied upon by others.

When Not to Use SSL
SSL Encryption adds a lot of overhead to your network traffic. When it is not necessary it can slow down your network performance. This is why many sites do not support SSL until you begin entering sensitive information. Hence, you do not need to use SSL for normal web browsing and other non-private network usage.