security vs hubbing vs snooping

Most folks think about others breaking into their WiFi network,
vs what others can snoop from your network.
The solutions are MAC filtering or WEP or WPA.
Even though they all will limit traffic going IN,
only the encryption protocols will protect it from local snooping.
This is a good reason to run VPN across Wifi.

I was curious what I might see using my ethernet protocol analyzer software
with my Wifi connection. It appears the transmitted traffic is just like a
hub.
I can see the network traffic being transmitted from my neighbor's non-wep
AP....
So, just remember that when using a public AP,
anyone can see what traffic is being sent from the AP back to your laptop.

"Phil Schuman" <(E-Mail Removed)> wrote in message
news:aC5Cd.4737$(E-Mail Removed) ...
> Most folks think about others breaking into their WiFi network,
> vs what others can snoop from your network.
> The solutions are MAC filtering or WEP or WPA.
> Even though they all will limit traffic going IN,
> only the encryption protocols will protect it from local snooping.
> This is a good reason to run VPN across Wifi.
>
> I was curious what I might see using my ethernet protocol analyzer
> software
> with my Wifi connection. It appears the transmitted traffic is just like
> a
> hub.
> I can see the network traffic being transmitted from my neighbor's non-wep
> AP....
> So, just remember that when using a public AP,
> anyone can see what traffic is being sent from the AP back to your laptop.

On your own WLAN, a VPN is probably overkill. But on a public WLAN, it's a
great solution. Just establish a VPN to anywhere that will forward requests
onto the Internet, such as your workplace (with permission) or your home.
At home you could use a VPN router (e.g., Linksys WRV54G), or a VPN server
behind the router.

Actually, before WPA was released, on their own internal network Intel was
using VPNs in addition to WEP since WEP's weaknesses were well known.

The other point to make is to distinguish which information is at risk when
you use an unencrypted WLAN. Counterintuitively, your e-commerce
transactions are safe, while your emails are at risk. E-commerce sites use
SSL (you shouldn't be doing business with any site that doesn't), so your
credit card numbers are safe as long as you check that SSL is in use and
that the security certificate is in order. Email, OTOH, normally sends
everything in cleartext, including your userid and password.

Ron Bandes, CCNP, CTT+, etc.

"Ron Bandes" <RunderscoreBandes @yah00.com> wrote in message
news:5PhCd.33905$(E-Mail Removed)...
> "Phil Schuman" <(E-Mail Removed)> wrote in message
> news:aC5Cd.4737$(E-Mail Removed) ...
> > Most folks think about others breaking into their WiFi network,
> > vs what others can snoop from your network.
> > The solutions are MAC filtering or WEP or WPA.
> > Even though they all will limit traffic going IN,
> > only the encryption protocols will protect it from local snooping.
> > This is a good reason to run VPN across Wifi.
> >
> > I was curious what I might see using my ethernet protocol analyzer
> > software
> > with my Wifi connection. It appears the transmitted traffic is just
like
> > a
> > hub.
> > I can see the network traffic being transmitted from my neighbor's
non-wep
> > AP....
> > So, just remember that when using a public AP,
> > anyone can see what traffic is being sent from the AP back to your
laptop.
>
> On your own WLAN, a VPN is probably overkill. But on a public WLAN,
it's a
> great solution. Just establish a VPN to anywhere that will forward
requests
> onto the Internet, such as your workplace (with permission) or your
home.
> At home you could use a VPN router (e.g., Linksys WRV54G), or a VPN
server
> behind the router.
>
> Actually, before WPA was released, on their own internal network Intel
was
> using VPNs in addition to WEP since WEP's weaknesses were well known.
>
> The other point to make is to distinguish which information is at risk
when
> you use an unencrypted WLAN. Counterintuitively, your e-commerce
> transactions are safe, while your emails are at risk. E-commerce
sites use
> SSL (you shouldn't be doing business with any site that doesn't), so
your
> credit card numbers are safe as long as you check that SSL is in use
and
> that the security certificate is in order. Email, OTOH, normally
sends
> everything in cleartext, including your userid and password.
>

and of course, the issue depends upon if the "plain text" is echoed from
the server -
again - I could only see the "transmitted" traffic from the AP,
or what is "received" by the other users laptops.....
not the traffic being sent from their laptops to the AP -

hmmmm - I wonder what if I setup my wireless card for ad-hoc mode
and then what might I see ?

"Phil Schuman" <(E-Mail Removed)> wrote in message
news:3QICd.4619$(E-Mail Removed) m...
>
> and of course, the issue depends upon if the "plain text" is echoed from
> the server -
> again - I could only see the "transmitted" traffic from the AP,
> or what is "received" by the other users laptops.....
> not the traffic being sent from their laptops to the AP -
>
> hmmmm - I wonder what if I setup my wireless card for ad-hoc mode
> and then what might I see ?

That doesn't really make sense to me. You should be able to receive the
frames from any station within range of your computer. Even if some
stations are out of range, in an Infrastructure-mode Basic Service Set, the
AP repeats the stations' frames since the stations may be out of range of
each other. So unless you are eavesdropping on an Ad-hoc network, if you
can hear the frames that are originated by the AP, then you can also hear
the frames from the stations as they are repeated by the AP.

Ron Bandes, CCNP, CTT+, etc.