Can people steal my user/pass for connecting to ISP?

Is it possible that someone can use my bandwidth or steal my user/pass
when I got a wireless ISP? I connect to the IPS trough PPPOE.

Is it easy to "see" what I'm doing on the Internet by "listening" on
the signals?

Regards
Ole

Ole wrote:

> Is it possible that someone can use my bandwidth or steal my user/pass
> when I got a wireless ISP? I connect to the IPS trough PPPOE.
>
> Is it easy to "see" what I'm doing on the Internet by "listening" on
> the signals?

If you're not using encryption, it's very easy. If you use WEP, it's more
difficult, but still possible. If you use WPA it's far more difficult.

--

Fundamentalism is fundamentally wrong.

To reply to this message, replace everything to the left of "@" with
james.knott.

Ole <the_REMOVE-(E-Mail Removed)> wrote in
news:(E-Mail Removed):

> Is it possible that someone can use my bandwidth or steal my user/pass
> when I got a wireless ISP?

Depends on what protocol your Wireless ISP uses.

--
Lucas Tam ((E-Mail Removed))
Please delete "REMOVE" from the e-mail address when replying.
http://members.ebay.com/aboutme/coolspot18/

> Depends on what protocol your Wireless ISP uses


The protocol that your isp has not to do with it. It depends upon how
good the hacker is and what tools he is using. The chances of a hacker
using these tools is slim to none . Plus , I'm sure the hacker would
want to go after bigger fish. Still you must take all the steps to
secure you wireless connection. Use wpa , changing default passwords
,etc goes along way.

Drew Cutter <(E-Mail Removed)> wrote in news:c4q8r0$vvk$0@65.17.190.246:

> The protocol that your isp has not to do with it. It depends upon how
> good the hacker is and what tools he is using. The chances of a hacker
> using these tools is slim to none .

If the ISP used a WPA connection... how might the hacker crack the
connection? AFAIK, there are no exploits for WPA.

--
Lucas Tam ((E-Mail Removed))
Please delete "REMOVE" from the e-mail address when replying.
http://members.ebay.com/aboutme/coolspot18/

As Lucas points out, protocols to the ISP are typically not secure. WPA (or
WEP) is between your AP (or router) and your wifi client.

WPA with preshared key (typical for home use) has exploits if you do not
take care to choose long enough keys. There have been several articles about
this. See for example

http://www.technewsworld.com/perl/story/32070.html

If you use long-enough passphrases, WPA should be good enough for anybody.
WEP is very vulnerable, but if you change passwords even once a week, it's
unlikely that anyone will waste time trying to crack your system. Hackers
generally want quick payback for their efforts, unless they're trying to
prove a point on a specific (usually public) system.


"Lucas Tam" <(E-Mail Removed)> wrote in message
news:Xns94C1D21DCA003nntprogerscom@140.99.99.130.. .
> Drew Cutter <(E-Mail Removed)> wrote in news:c4q8r0$vvk$0@65.17.190.246:
>
> > The protocol that your isp has not to do with it. It depends upon how
> > good the hacker is and what tools he is using. The chances of a hacker
> > using these tools is slim to none .
>
> If the ISP used a WPA connection... how might the hacker crack the
> connection? AFAIK, there are no exploits for WPA.
>
> --
> Lucas Tam ((E-Mail Removed))
> Please delete "REMOVE" from the e-mail address when replying.
> http://members.ebay.com/aboutme/coolspot18/

On Mon, 5 Apr 2004, Drew Cutter wrote:
> > Depends on what protocol your Wireless ISP uses
>
> The protocol that your isp has not to do with it. It depends upon how
> good the hacker is and what tools he is using. The chances of a hacker
> using these tools is slim to none . Plus , I'm sure the hacker would
> want to go after bigger fish. Still you must take all the steps to
> secure you wireless connection. Use wpa , changing default passwords
> ,etc goes along way.

Actually, the protocol does matter - to the extent that it is (or isn't) using
SSL, TLS, or other encryption regardless of what the firmware layer of
communication is using. Whether encryption at multiple layers significantly
adds anything will depend on the precise methods of encryption used and their
interactions. Obviously, one does not want to use inverse methods, thus
reducing the final transmitted message to one equivalent to that had it been not
encrypted at all.

On Mon, 5 Apr 2004, Lucas Tam wrote:
> Drew Cutter <(E-Mail Removed)> wrote in news:c4q8r0$vvk$0@65.17.190.246:
>
> > The protocol that your isp has not to do with it. It depends upon how
> > good the hacker is and what tools he is using. The chances of a hacker
> > using these tools is slim to none .
>
> If the ISP used a WPA connection... how might the hacker crack the
> connection? AFAIK, there are no exploits for WPA.

I hope that you meant there are CURRENTLY no KNOWN exploits for WPA. :-)

On Mon, 05 Apr 2004 00:39:41 GMT, in alt.internet.wireless , Lucas Tam
<(E-Mail Removed)> wrote:

>Drew Cutter <(E-Mail Removed)> wrote in news:c4q8r0$vvk$0@65.17.190.246:
>
>> The protocol that your isp has not to do with it. It depends upon how
>> good the hacker is and what tools he is using. The chances of a hacker
>> using these tools is slim to none .
>
>If the ISP used a WPA connection... how might the hacker crack the
>connection? AFAIK, there are no exploits for WPA.

WPA can be broken by brute-force techniques even faster than WEP, if the
passcodes are poorly chosen and short.
http://www.wi-fiplanet.com/news/article.php/3105271
http://wifinetnews.com/archives/002453.html

Moral: Whenever you think you've a foolproof design, the universe will
upgrade Fool (tm) to a new, improved version with extra features.

--
Mark McIntyre
CLC FAQ <http://www.eskimo.com/~scs/C-faq/top.html>
CLC readme: <http://www.angelfire.com/ms3/bchambless0/welcome_to_clc.html>


----== Posted via Newsfeed.Com - Unlimited-Uncensored-Secure Usenet News==----
http://www.newsfeed.com The #1 Newsgroup Service in the World! >100,000 Newsgroups
---= 19 East/West-Coast Specialized Servers - Total Privacy via Encryption =---