1. Home
  2. Wireless Networking
  3. Security with Manged Access Point

Security with Manged Access Point

In an apartment building wireless is available with a login provided by the landlord. The tenant selects the connection and is prompted for a username and password and then has Internet access. However, it appears that the connection is not encrypted in that the user is never asked for a WPA or other key and Windows warns about it. I'm not very familiar with this type of managed access and wondering how secure it is. Am I correct in thinking that this probably is unencrypted and vulnerable to sniffing or is it possible that there might be some kind of secure tunnel established after the logon? Thanks.

Reply to
Phil A. Buster
Loading thread data ...

"Phil A. Buster" hath wroth:

If your wireless client manager indicates that the connection is not encrypted, then you are susceptible to sniffing, session hijacking, and impersonation. Whatever you're using for a connection manager should show the current connection status and protocols used.

However, WPA-RADIUS does not ask for an encryption key. The encyption key is supplied by the RADIUS server. You also authenticate with the RADIUS server using a login and password as you described. It is one of the most secure forms of wireless connectivity. Your connection manager should show that you're using WPA-RADIUS or WPA2-RADIUS (also known as WPA-Enterprise) if this is the case.

Even if your sessions are not encrypted, you can setup a VPN tunnel, to a secure server to prevent sniffing. See the FAQ at:

for candidates. These are designed for secure surfing at "public" access points.

Reply to
Jeff Liebermann

Thanks! That's very helpful.

Reply to
Phil A. Buster

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.