1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Encrypting Wireless Data

Discussion in 'Networking' started by stergios, Apr 6, 2010.

Thread Status:
Not open for further replies.
Advertisement
  1. stergios

    stergios Thread Starter

    Joined:
    Sep 6, 2004
    Messages:
    19
    Hello All.

    I have a wireless access point for providing Internet Access to a specific group of users.

    I gave to those users the SSID and the password for connecting their laptop to the wireless access point.

    Unfortunately, a user installed a sniffer on his laptop and succeeded in stealing the windows usernames and passwords of those users that were accessing the Outlook Web Access web mail system. The OWA service was not secured via a certificate.

    I would like to ask how to prevent this problem from occuring in the future. Should I encrypt the OWA service using certificates? Is there any way to encrypt the wireless data that are transmitted on the air?

    Thank you in advance.

    Stergios
     
  2. Anthony7

    Anthony7

    Joined:
    Apr 7, 2009
    Messages:
    90
    So by password to connect to the AP do you mean WEP or WPA Key/passphrase? Or is this a dinky browser based login.

    WEP and WPA encrypt the wireless data between the end point and the AP, therefore someone should not be able to steal passwords easily. WEP is not recommended anymore as it is terrible security, WPA or WPA2 are the way to go.

    The AP options should have the ability to offer security, not broadcasting the SSID is not good enough for security.

    Sorry I am a little confused as to the setup, but more than likely you can enable WPA security on the access point and this will solve the issue. While not unbreakable it would take a while for a user with a sniffer and cracker to get the passphrase dependent on the amount of traffic.

    If you want unbreakable go with WPA2 for best security, although some older clients do not support WPA2.

    Anthony
     
  3. stergios

    stergios Thread Starter

    Joined:
    Sep 6, 2004
    Messages:
    19
    The WEP key is 128 bit and the hacker knows it because I gave it to him in the first place in order to connect his laptop to wireless network.

    So, If I enable WPA on the access point and the hacker knows the WPA key will he be able to sniff passwords?

    Stergios.
     
  4. Anthony7

    Anthony7

    Joined:
    Apr 7, 2009
    Messages:
    90
    As far as WPA it uses key regeneration after a set amount of packets or time has elapsed. This means that encryption keys are changed out often after the initial key has been entered. In a nutshell this makes it harder for a user to capture and decrypt data.

    A great little article to read would be: http://www.microsoft.com/windowsxp/using/networking/expert/bowman_03july28.mspx

    I would definetly recommend going to WPA as this is a lot harder to break than WEP. Unless you have clients that are really old, their equipment should almost definetly work.

    The hacker might still be able to sniff passwords if he is determined, but unless he needs access don't give him the new key.
     
  5. TerryNet

    TerryNet Moderator

    Joined:
    Mar 23, 2005
    Messages:
    79,817
    First Name:
    Terry
    Whenever using a network not under your control (e.g., in a hotel or Wi-Fi hotspot), since you don't know what crooks may also be on the network, it is wise to transmit no sensitive data or else protect it some way, such as by the use of a VPN.

    The way I read this thread stergios is offering such a (semi-public) hotspot and wants to know if there is a way he can protect users who do not protect themselves. I infer that he has no special powers with which he is able to detect ahead of time which users may turn out to be crooks. If he had such power he would not have allowed the culprit on the network in the first place.

    I was at a motel once that supposedly had such a system (ethernet only). According to them every guest was on a VPN, hence protected from other guests. Their system never worked correctly during the time I was there, so I have no idea how effective it was. I did not detect anybody else using the system, but that may have simply been because they knew it was useless at the time.
     
  6. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/915091

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice