Solved

WiFi Security Questions

Posted on 2014-02-09
7
322 Views
Last Modified: 2014-04-01
1. If I connect to an unsecured public WiFi, and someone is capturing packets, will he be able to capture and read all my unecrypted data?
2. If it's secured by WPA, does that prevent him from capturing data?
3. Is cellphone data secure?

Thanks!
0
Comment
Question by:epichero22
7 Comments
 
LVL 34

Accepted Solution

by:
Dan Craciun earned 125 total points
ID: 39845859
1. Yes
2. No. He will still be able to capture the data, but he will need to decrypt it. The packets still travel on the same medium (air) even when encrypted.
3. From who?
0
 
LVL 6

Expert Comment

by:Jelcin
ID: 39845884
2. If he / she has the WPA key and is in the same wlan then he is able to capture the packets without having to decrypt it.
3. Cell phone data in general is secure but of course it can be captured for example by NSA :)
0
 
LVL 17

Expert Comment

by:Kent Dyer
ID: 39845917
If you Google PCWorld's 5 Wi-Fi Security Myths you need to abandon now will help you understand this.  For the encryption (WPA/WPA-2), you need a PSK (Pre-Shared) key to get on your WPA or WPA-2..  Do stay away from WEP as it is pretty easily cracked.
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 
LVL 44

Assisted Solution

by:Darr247
Darr247 earned 125 total points
ID: 39846108
> 2. If he / she has the WPA key and is in the same wlan then he is
able to capture the packets without having to decrypt it.

That's not accurate. If it's WPA2/AES they would both have different encryption vectors, set when their sessions were negotiated, using different NONCE values.  The data are not encrypted using only the 8 to 63 character passphrase.
0
 
LVL 45

Assisted Solution

by:Craig Beck
Craig Beck earned 250 total points
ID: 39848699
+1 for Darr's comment.

The data is encrypted on a per-session basis between client and AP and the session-key is unique per client.  The data is only decrypted by the AP or client.

If clients connected to the same AP are exchanging data it is decrypted at the AP then re-encrypted with the particular receiving client's session details before it gets to him.

If the data leaves the AP on the wired-side it is decrypted before it goes on the wire, but then the data isn't sniffable by a wireless client.

That's not to say that it's completely secure though.  Once you have the PSK you can grab some over-the-air packets and attempt to decrypt them using the information you already have and a dictionary, for example.
0
 
LVL 11

Author Comment

by:epichero22
ID: 39905054
What about networks that have no security, but you need to login through a webpage before it lets you browse?  Can someone else still see what I'm sending / receiving?
0
 
LVL 45

Assisted Solution

by:Craig Beck
Craig Beck earned 250 total points
ID: 39905095
Yes.  The traffic over-the-air is completely unencrypted after the initial login (usually via HTTPS).

You could use a VPN service to encrypt your traffic using IPSec if you use an open hotspot.
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
VPS for routing recomendations 3 65
Limit traffic to specific Cisco port? 12 54
How to read network slash info 7 44
Windows 7 Internet issue 14 54
DECT technology has become a popular standard for wireless voice communication. DECT devices are not likely to be affected by other electronic devices and signals because they operate in a separate frequency-band.
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question