security vs hubbing vs snooping

Most folks think about others breaking into their WiFi network, vs what others can snoop from your network. The solutions are MAC filtering or WEP or WPA. Even though they all will limit traffic going IN, only the encryption protocols will protect it from local snooping. This is a good reason to run VPN across Wifi.

I was curious what I might see using my ethernet protocol analyzer software with my Wifi connection. It appears the transmitted traffic is just like a hub. I can see the network traffic being transmitted from my neighbor's non-wep AP.... So, just remember that when using a public AP, anyone can see what traffic is being sent from the AP back to your laptop.

Reply to
Phil Schuman
Loading thread data ...

On your own WLAN, a VPN is probably overkill. But on a public WLAN, it's a great solution. Just establish a VPN to anywhere that will forward requests onto the Internet, such as your workplace (with permission) or your home. At home you could use a VPN router (e.g., Linksys WRV54G), or a VPN server behind the router.

Actually, before WPA was released, on their own internal network Intel was using VPNs in addition to WEP since WEP's weaknesses were well known.

The other point to make is to distinguish which information is at risk when you use an unencrypted WLAN. Counterintuitively, your e-commerce transactions are safe, while your emails are at risk. E-commerce sites use SSL (you shouldn't be doing business with any site that doesn't), so your credit card numbers are safe as long as you check that SSL is in use and that the security certificate is in order. Email, OTOH, normally sends everything in cleartext, including your userid and password.

Ron Bandes, CCNP, CTT+, etc.

Reply to
Ron Bandes

and of course, the issue depends upon if the "plain text" is echoed from the server - again - I could only see the "transmitted" traffic from the AP, or what is "received" by the other users laptops..... not the traffic being sent from their laptops to the AP -

hmmmm - I wonder what if I setup my wireless card for ad-hoc mode and then what might I see ?

Reply to
Phil Schuman

That doesn't really make sense to me. You should be able to receive the frames from any station within range of your computer. Even if some stations are out of range, in an Infrastructure-mode Basic Service Set, the AP repeats the stations' frames since the stations may be out of range of each other. So unless you are eavesdropping on an Ad-hoc network, if you can hear the frames that are originated by the AP, then you can also hear the frames from the stations as they are repeated by the AP.

Ron Bandes, CCNP, CTT+, etc.

Reply to
Ron Bandes

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.