security vs hubbing vs snooping
Last response: in Wireless Networking
Archived from groups: alt.internet.wireless (More info?)
Most folks think about others breaking into their WiFi network,
vs what others can snoop from your network.
The solutions are MAC filtering or WEP or WPA.
Even though they all will limit traffic going IN,
only the encryption protocols will protect it from local snooping.
This is a good reason to run VPN across Wifi.
I was curious what I might see using my ethernet protocol analyzer software
with my Wifi connection. It appears the transmitted traffic is just like a
hub.
I can see the network traffic being transmitted from my neighbor's non-wep
AP....
So, just remember that when using a public AP,
anyone can see what traffic is being sent from the AP back to your laptop.
Most folks think about others breaking into their WiFi network,
vs what others can snoop from your network.
The solutions are MAC filtering or WEP or WPA.
Even though they all will limit traffic going IN,
only the encryption protocols will protect it from local snooping.
This is a good reason to run VPN across Wifi.
I was curious what I might see using my ethernet protocol analyzer software
with my Wifi connection. It appears the transmitted traffic is just like a
hub.
I can see the network traffic being transmitted from my neighbor's non-wep
AP....
So, just remember that when using a public AP,
anyone can see what traffic is being sent from the AP back to your laptop.
More about : security hubbing snooping
Archived from groups: alt.internet.wireless (More info?)
"Phil Schuman" <pschuman_nospam_me@interserv.com> wrote in message
news:aC5Cd.4737$t6.4567@newssvr31.news.prodigy.com...
> Most folks think about others breaking into their WiFi network,
> vs what others can snoop from your network.
> The solutions are MAC filtering or WEP or WPA.
> Even though they all will limit traffic going IN,
> only the encryption protocols will protect it from local snooping.
> This is a good reason to run VPN across Wifi.
>
> I was curious what I might see using my ethernet protocol analyzer
> software
> with my Wifi connection. It appears the transmitted traffic is just like
> a
> hub.
> I can see the network traffic being transmitted from my neighbor's non-wep
> AP....
> So, just remember that when using a public AP,
> anyone can see what traffic is being sent from the AP back to your laptop.
On your own WLAN, a VPN is probably overkill. But on a public WLAN, it's a
great solution. Just establish a VPN to anywhere that will forward requests
onto the Internet, such as your workplace (with permission) or your home.
At home you could use a VPN router (e.g., Linksys WRV54G), or a VPN server
behind the router.
Actually, before WPA was released, on their own internal network Intel was
using VPNs in addition to WEP since WEP's weaknesses were well known.
The other point to make is to distinguish which information is at risk when
you use an unencrypted WLAN. Counterintuitively, your e-commerce
transactions are safe, while your emails are at risk. E-commerce sites use
SSL (you shouldn't be doing business with any site that doesn't), so your
credit card numbers are safe as long as you check that SSL is in use and
that the security certificate is in order. Email, OTOH, normally sends
everything in cleartext, including your userid and password.
Ron Bandes, CCNP, CTT+, etc.
"Phil Schuman" <pschuman_nospam_me@interserv.com> wrote in message
news:aC5Cd.4737$t6.4567@newssvr31.news.prodigy.com...
> Most folks think about others breaking into their WiFi network,
> vs what others can snoop from your network.
> The solutions are MAC filtering or WEP or WPA.
> Even though they all will limit traffic going IN,
> only the encryption protocols will protect it from local snooping.
> This is a good reason to run VPN across Wifi.
>
> I was curious what I might see using my ethernet protocol analyzer
> software
> with my Wifi connection. It appears the transmitted traffic is just like
> a
> hub.
> I can see the network traffic being transmitted from my neighbor's non-wep
> AP....
> So, just remember that when using a public AP,
> anyone can see what traffic is being sent from the AP back to your laptop.
On your own WLAN, a VPN is probably overkill. But on a public WLAN, it's a
great solution. Just establish a VPN to anywhere that will forward requests
onto the Internet, such as your workplace (with permission) or your home.
At home you could use a VPN router (e.g., Linksys WRV54G), or a VPN server
behind the router.
Actually, before WPA was released, on their own internal network Intel was
using VPNs in addition to WEP since WEP's weaknesses were well known.
The other point to make is to distinguish which information is at risk when
you use an unencrypted WLAN. Counterintuitively, your e-commerce
transactions are safe, while your emails are at risk. E-commerce sites use
SSL (you shouldn't be doing business with any site that doesn't), so your
credit card numbers are safe as long as you check that SSL is in use and
that the security certificate is in order. Email, OTOH, normally sends
everything in cleartext, including your userid and password.
Ron Bandes, CCNP, CTT+, etc.
Archived from groups: alt.internet.wireless (More info?)
"Ron Bandes" <RunderscoreBandes @yah00.com> wrote in message
news:5PhCd.33905$bV1.16851@fe10.lga...
> "Phil Schuman" <pschuman_nospam_me@interserv.com> wrote in message
> news:aC5Cd.4737$t6.4567@newssvr31.news.prodigy.com...
> > Most folks think about others breaking into their WiFi network,
> > vs what others can snoop from your network.
> > The solutions are MAC filtering or WEP or WPA.
> > Even though they all will limit traffic going IN,
> > only the encryption protocols will protect it from local snooping.
> > This is a good reason to run VPN across Wifi.
> >
> > I was curious what I might see using my ethernet protocol analyzer
> > software
> > with my Wifi connection. It appears the transmitted traffic is just
like
> > a
> > hub.
> > I can see the network traffic being transmitted from my neighbor's
non-wep
> > AP....
> > So, just remember that when using a public AP,
> > anyone can see what traffic is being sent from the AP back to your
laptop.
>
> On your own WLAN, a VPN is probably overkill. But on a public WLAN,
it's a
> great solution. Just establish a VPN to anywhere that will forward
requests
> onto the Internet, such as your workplace (with permission) or your
home.
> At home you could use a VPN router (e.g., Linksys WRV54G), or a VPN
server
> behind the router.
>
> Actually, before WPA was released, on their own internal network Intel
was
> using VPNs in addition to WEP since WEP's weaknesses were well known.
>
> The other point to make is to distinguish which information is at risk
when
> you use an unencrypted WLAN. Counterintuitively, your e-commerce
> transactions are safe, while your emails are at risk. E-commerce
sites use
> SSL (you shouldn't be doing business with any site that doesn't), so
your
> credit card numbers are safe as long as you check that SSL is in use
and
> that the security certificate is in order. Email, OTOH, normally
sends
> everything in cleartext, including your userid and password.
>
and of course, the issue depends upon if the "plain text" is echoed from
the server -
again - I could only see the "transmitted" traffic from the AP,
or what is "received" by the other users laptops.....
not the traffic being sent from their laptops to the AP -
hmmmm - I wonder what if I setup my wireless card for ad-hoc mode
and then what might I see ?
"Ron Bandes" <RunderscoreBandes @yah00.com> wrote in message
news:5PhCd.33905$bV1.16851@fe10.lga...
> "Phil Schuman" <pschuman_nospam_me@interserv.com> wrote in message
> news:aC5Cd.4737$t6.4567@newssvr31.news.prodigy.com...
> > Most folks think about others breaking into their WiFi network,
> > vs what others can snoop from your network.
> > The solutions are MAC filtering or WEP or WPA.
> > Even though they all will limit traffic going IN,
> > only the encryption protocols will protect it from local snooping.
> > This is a good reason to run VPN across Wifi.
> >
> > I was curious what I might see using my ethernet protocol analyzer
> > software
> > with my Wifi connection. It appears the transmitted traffic is just
like
> > a
> > hub.
> > I can see the network traffic being transmitted from my neighbor's
non-wep
> > AP....
> > So, just remember that when using a public AP,
> > anyone can see what traffic is being sent from the AP back to your
laptop.
>
> On your own WLAN, a VPN is probably overkill. But on a public WLAN,
it's a
> great solution. Just establish a VPN to anywhere that will forward
requests
> onto the Internet, such as your workplace (with permission) or your
home.
> At home you could use a VPN router (e.g., Linksys WRV54G), or a VPN
server
> behind the router.
>
> Actually, before WPA was released, on their own internal network Intel
was
> using VPNs in addition to WEP since WEP's weaknesses were well known.
>
> The other point to make is to distinguish which information is at risk
when
> you use an unencrypted WLAN. Counterintuitively, your e-commerce
> transactions are safe, while your emails are at risk. E-commerce
sites use
> SSL (you shouldn't be doing business with any site that doesn't), so
your
> credit card numbers are safe as long as you check that SSL is in use
and
> that the security certificate is in order. Email, OTOH, normally
sends
> everything in cleartext, including your userid and password.
>
and of course, the issue depends upon if the "plain text" is echoed from
the server -
again - I could only see the "transmitted" traffic from the AP,
or what is "received" by the other users laptops.....
not the traffic being sent from their laptops to the AP -
hmmmm - I wonder what if I setup my wireless card for ad-hoc mode
and then what might I see ?
Archived from groups: alt.internet.wireless (More info?)
"Phil Schuman" <pschuman_NO_SPAM_ME@interserv.com> wrote in message
news:3QICd.4619$Vj3.3475@newssvr17.news.prodigy.com...
>
> and of course, the issue depends upon if the "plain text" is echoed from
> the server -
> again - I could only see the "transmitted" traffic from the AP,
> or what is "received" by the other users laptops.....
> not the traffic being sent from their laptops to the AP -
>
> hmmmm - I wonder what if I setup my wireless card for ad-hoc mode
> and then what might I see ?
That doesn't really make sense to me. You should be able to receive the
frames from any station within range of your computer. Even if some
stations are out of range, in an Infrastructure-mode Basic Service Set, the
AP repeats the stations' frames since the stations may be out of range of
each other. So unless you are eavesdropping on an Ad-hoc network, if you
can hear the frames that are originated by the AP, then you can also hear
the frames from the stations as they are repeated by the AP.
Ron Bandes, CCNP, CTT+, etc.
"Phil Schuman" <pschuman_NO_SPAM_ME@interserv.com> wrote in message
news:3QICd.4619$Vj3.3475@newssvr17.news.prodigy.com...
>
> and of course, the issue depends upon if the "plain text" is echoed from
> the server -
> again - I could only see the "transmitted" traffic from the AP,
> or what is "received" by the other users laptops.....
> not the traffic being sent from their laptops to the AP -
>
> hmmmm - I wonder what if I setup my wireless card for ad-hoc mode
> and then what might I see ?
That doesn't really make sense to me. You should be able to receive the
frames from any station within range of your computer. Even if some
stations are out of range, in an Infrastructure-mode Basic Service Set, the
AP repeats the stations' frames since the stations may be out of range of
each other. So unless you are eavesdropping on an Ad-hoc network, if you
can hear the frames that are originated by the AP, then you can also hear
the frames from the stations as they are repeated by the AP.
Ron Bandes, CCNP, CTT+, etc.
Related ressources:
- ForumIntel vs AMD
- ForumPaid vs . Free Internet Security Software?
- ForumGaming AMD vs Intel
- ForumGaming AMD vs Intel
- ForumOEM vs Retail XP Pro
- ForumBuilding a PC for video editing (AMD vs Intel)
- ForumNew ASRock X79 Extreme9 build has random lockups/reboots no BSOD.
- ForumGf deleted data on external, how do i get it back?
- ForumGTS 250 Vs . GTS 450 Pros and Cons
- ForumGA-EP45-UD3P RAID 5 Performance (Gigabyte support seems a bit off)
- ForumLong run of ethernet cable vs wireless
- ForumKaspersky vs comodo for 64-bit Windows 7 Security
- ForumSecurity Key vs Network Key
- ForumI actually like Vista!
- ForumAMD's Barcelona to "stink" in ORACLE
- ForumVerizon Modem into Router
- Forumneed help with wireless security (wep, ssid etc)
- Forumrelative security risks for WEP & WPA?
- ForumRecommended security setting
- ForumWiFi Security for Semi-Public locations ?
- More resources
Read discussions in other Wireless Networking categories
!
