View previous topic :: View next topic |
Author |
Message |
cmxflash -
Joined: 11 Dec 2004 Posts: 872
|
Posted: Tue Dec 26, 2006 10:41 pm Post subject: Sniff WPA2 WiFi |
|
|
Today I bought a new wireless router, a Netgear wpn824, which supports WPA-PSK (TKIP) and WPA2-PSK (AES). With my past experience, I know that WEP is pretty insecure, but I've never tried to break into a WPA2-protected network.
As far as I know, this router supports AES, which is pretty secure. However, if somebody know the password to the network, is it possible to sniff my traffic and see it in plain text? |
|
Back to top |
|
|
p3 -
Joined: 17 Jun 2005 Posts: 615
|
Posted: Sun Dec 31, 2006 6:21 am Post subject: |
|
|
Packets are never sent as plain text, they are sent in hex. Even when it's encrypted, someone can sniff your network and get your password. WPA2 is more secure than WEP, but, IIRC, it has been cracked before. |
|
Back to top |
|
|
cmxflash -
Joined: 11 Dec 2004 Posts: 872
|
Posted: Sun Dec 31, 2006 11:50 pm Post subject: |
|
|
p3 wrote: | Packets are never sent as plain text, they are sent in hex. |
No they are not. They are sent in binary, 0's and 1's.
p3 wrote: | Even when it's encrypted, someone can sniff your network and get your password. |
No, if it is encrypted, you can't sniff my password without the knowledge of how to decrypt the data. That's the point of encryption.
p3 wrote: | WPA2 is more secure than WEP, but, IIRC, it has been cracked before. |
I read a few articles about it on Wikipedia, and it is considered to be secure as long as you use a long passphrase. |
|
Back to top |
|
|
AbyssUnderground -
Joined: 31 Dec 2004 Posts: 3855
|
Posted: Mon Jan 01, 2007 12:02 am Post subject: |
|
|
The easiest way to make sure it is secure is to change it as often as you can be bothered to. EG, daily or weekly. _________________ Andy (AbyssUnderground) (previously The Inquisitor)
www.abyssunderground.co.uk |
|
Back to top |
|
|
hc2995 -
Joined: 07 Aug 2006 Posts: 644 Location: Maryland, USA
|
Posted: Mon Jan 01, 2007 1:29 am Post subject: |
|
|
As andy said, change your passphrase often, make sure you use a combo of letters numbers and symbols, make sure its not something common, make sure you are the only person who will be able to get it. As for the thing about encryption, packets are sent in binary, and they can be sniffed, but if they are encrypted all the person will see is a bunch of 1's and 0's onless they obtain the algorithm for decryption. _________________ Where have i been? School got heck-tick, had to move half way around the state, then back... and then i had to change jobs, so iv been away for a while :P |
|
Back to top |
|
|
olly86 -
Joined: 25 Apr 2003 Posts: 993 Location: Wiltshire, UK
|
Posted: Mon Jan 01, 2007 2:49 pm Post subject: |
|
|
hc2995 wrote: | but if they are encrypted all the person will see is a bunch of 1's and 0's onless they obtain the algorithm for decryption. |
No they will not. To decrypt data, you need the private key, which is never broadcast from the server receiving the data. You may be able to obtain the public key, however that is useless for decryption, you can only encrypt using it, so your data is still safe.
If all you needed to decrypt data was the original algorithm why bother encryption the data in the first place? As many people would be able to read your creditcard info under that argument. :roll: _________________ Olly |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|