Encrypting Wireless Data

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

stergios

Thread Starter
Joined
Sep 6, 2004
Messages
19
Hello All.

I have a wireless access point for providing Internet Access to a specific group of users.

I gave to those users the SSID and the password for connecting their laptop to the wireless access point.

Unfortunately, a user installed a sniffer on his laptop and succeeded in stealing the windows usernames and passwords of those users that were accessing the Outlook Web Access web mail system. The OWA service was not secured via a certificate.

I would like to ask how to prevent this problem from occuring in the future. Should I encrypt the OWA service using certificates? Is there any way to encrypt the wireless data that are transmitted on the air?

Thank you in advance.

Stergios
 
Joined
Apr 7, 2009
Messages
90
So by password to connect to the AP do you mean WEP or WPA Key/passphrase? Or is this a dinky browser based login.

WEP and WPA encrypt the wireless data between the end point and the AP, therefore someone should not be able to steal passwords easily. WEP is not recommended anymore as it is terrible security, WPA or WPA2 are the way to go.

The AP options should have the ability to offer security, not broadcasting the SSID is not good enough for security.

Sorry I am a little confused as to the setup, but more than likely you can enable WPA security on the access point and this will solve the issue. While not unbreakable it would take a while for a user with a sniffer and cracker to get the passphrase dependent on the amount of traffic.

If you want unbreakable go with WPA2 for best security, although some older clients do not support WPA2.

Anthony
 

stergios

Thread Starter
Joined
Sep 6, 2004
Messages
19
The WEP key is 128 bit and the hacker knows it because I gave it to him in the first place in order to connect his laptop to wireless network.

So, If I enable WPA on the access point and the hacker knows the WPA key will he be able to sniff passwords?

Stergios.
 
Joined
Apr 7, 2009
Messages
90
As far as WPA it uses key regeneration after a set amount of packets or time has elapsed. This means that encryption keys are changed out often after the initial key has been entered. In a nutshell this makes it harder for a user to capture and decrypt data.

A great little article to read would be: http://www.microsoft.com/windowsxp/using/networking/expert/bowman_03july28.mspx

I would definetly recommend going to WPA as this is a lot harder to break than WEP. Unless you have clients that are really old, their equipment should almost definetly work.

The hacker might still be able to sniff passwords if he is determined, but unless he needs access don't give him the new key.
 

TerryNet

Terry
Moderator
Joined
Mar 23, 2005
Messages
81,408
Whenever using a network not under your control (e.g., in a hotel or Wi-Fi hotspot), since you don't know what crooks may also be on the network, it is wise to transmit no sensitive data or else protect it some way, such as by the use of a VPN.

The way I read this thread stergios is offering such a (semi-public) hotspot and wants to know if there is a way he can protect users who do not protect themselves. I infer that he has no special powers with which he is able to detect ahead of time which users may turn out to be crooks. If he had such power he would not have allowed the culprit on the network in the first place.

I was at a motel once that supposedly had such a system (ethernet only). According to them every guest was on a VPN, hence protected from other guests. Their system never worked correctly during the time I was there, so I have no idea how effective it was. I did not detect anybody else using the system, but that may have simply been because they knew it was useless at the time.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top