My wifi card first establishes a connection with an access point . the access point has the ssid I set up but it establishes the connection with encryption disabled. The reconnects or at least seems to reconnect in encrypted mode. This is not normal behavior and I'm wondering if I'm connected to a access point serving as a proxy or gateway. Anyone shed some light on this subject. The whole idea behind encryption is to estabish a secure encrypted connection. I am using wpa2. Thanks in advance
How do you know that it's initially associating without encryption? What sniffer or status monitor program are you using to determine this? Any particular hardware?
In a way, you're correct. The initial association with the access point is done without encryption. The access point and client initially exchange radio connection details. However, the next step in the process is to exchange encryption parameters and keys. You can see this exchange with a sniffer as it's done without encryption, because a common encryption protocol and key have not yet been established.
In addition, there are quite a few packets that are sent without encryption. For example, all broadcasts and management frames are sent at the slowest speed (1Mbit/sec for 802.11b and 6Mbits/sec for
802.11g) so that all the other devices on the channel can also decoded the data. This also exposes all MAC address, which are by necessity not encrypted.
Have you tried to connect without encryption? You can't because the access point or wireless router determines the encryption level, not the client. Therefore, if some evil hacker wanted to use your alleged security problem, they would have a problem convincing the access point to function without encryption.