?
Solved

WiFi Security Questions

Posted on 2014-02-09
7
Medium Priority
?
353 Views
Last Modified: 2014-04-01
1. If I connect to an unsecured public WiFi, and someone is capturing packets, will he be able to capture and read all my unecrypted data?
2. If it's secured by WPA, does that prevent him from capturing data?
3. Is cellphone data secure?

Thanks!
0
Comment
Question by:epichero22
7 Comments
 
LVL 35

Accepted Solution

by:
Dan Craciun earned 500 total points
ID: 39845859
1. Yes
2. No. He will still be able to capture the data, but he will need to decrypt it. The packets still travel on the same medium (air) even when encrypted.
3. From who?
0
 
LVL 6

Expert Comment

by:Jelcin
ID: 39845884
2. If he / she has the WPA key and is in the same wlan then he is able to capture the packets without having to decrypt it.
3. Cell phone data in general is secure but of course it can be captured for example by NSA :)
0
 
LVL 17

Expert Comment

by:Kent Dyer
ID: 39845917
If you Google PCWorld's 5 Wi-Fi Security Myths you need to abandon now will help you understand this.  For the encryption (WPA/WPA-2), you need a PSK (Pre-Shared) key to get on your WPA or WPA-2..  Do stay away from WEP as it is pretty easily cracked.
0
Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

 
LVL 44

Assisted Solution

by:Darr247
Darr247 earned 500 total points
ID: 39846108
> 2. If he / she has the WPA key and is in the same wlan then he is
able to capture the packets without having to decrypt it.

That's not accurate. If it's WPA2/AES they would both have different encryption vectors, set when their sessions were negotiated, using different NONCE values.  The data are not encrypted using only the 8 to 63 character passphrase.
0
 
LVL 47

Assisted Solution

by:Craig Beck
Craig Beck earned 1000 total points
ID: 39848699
+1 for Darr's comment.

The data is encrypted on a per-session basis between client and AP and the session-key is unique per client.  The data is only decrypted by the AP or client.

If clients connected to the same AP are exchanging data it is decrypted at the AP then re-encrypted with the particular receiving client's session details before it gets to him.

If the data leaves the AP on the wired-side it is decrypted before it goes on the wire, but then the data isn't sniffable by a wireless client.

That's not to say that it's completely secure though.  Once you have the PSK you can grab some over-the-air packets and attempt to decrypt them using the information you already have and a dictionary, for example.
0
 
LVL 11

Author Comment

by:epichero22
ID: 39905054
What about networks that have no security, but you need to login through a webpage before it lets you browse?  Can someone else still see what I'm sending / receiving?
0
 
LVL 47

Assisted Solution

by:Craig Beck
Craig Beck earned 1000 total points
ID: 39905095
Yes.  The traffic over-the-air is completely unencrypted after the initial login (usually via HTTPS).

You could use a VPN service to encrypt your traffic using IPSec if you use an open hotspot.
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How does someone stay on the right and legal side of the hacking world?
In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question