« how do you connect to broadband on windows xp?
Problems connecting to wireless network with psp? »

Can my information be read when connecting on wireless?

Not by connecting by someone else but at my friends or school when connecting to their internet by using wireless. How can they read my information and how to prevent it? Any tips? Thanks

Your friends probably wouldn’t know or have the equipment to do it, but you can be sure schools do some monitoring and if you use their system, you cannot circumvent it.

The only way to do it would be going through a secure proxy server but there aren’t any free ones and it would probably against school policies.

This entry was posted on Monday, January 25th, 2010 at 8:13 am and is filed under wireless connecting. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

5 Responses to “Can my information be read when connecting on wireless?”

  1. I don’t know if they can. It would be very difficult.
    References :

  2. Your friends probably wouldn’t know or have the equipment to do it, but you can be sure schools do some monitoring and if you use their system, you cannot circumvent it.

    The only way to do it would be going through a secure proxy server but there aren’t any free ones and it would probably against school policies.
    References :

  3. It is absolutely possible to watch traffic of people who are using your network.

    Some routers (the hardware itself) have the software installed, so a person with very limited technical capabilities could do it.

    At a more advanced level, passwords submitted to insecure login forms can be sniffed using still fairly simple software.

    Your best bet is to make sure you are on, and submitting to a secure (HTTPS) page. This ensures everything between you and the server is encrypted. Be cautions about manually accepting security certificates (your browser will warn you about the potential hazard), as they could be forgeries.

    Entering your password into other people’s computers is also hazardous. They may unknowningly (or intentionally) have a keylogger installed, monitoring what you type (even into password boxes).

    1) Use your own computer when possible
    2) Make sure the URL of the website you are visiting is correct (not mistyped, like "facbeook.com" or some variant)
    3) Make sure the page is secure (URL starts with "HTTPS")
    References :

  4. here is a secure proxy https://wb.eppforums.net
    References :

  5. Note. It is possible for EVERYONE on the internet to read your traffic, not only your wireless network. Using strong encryption is the safest way to communicate over the internet. When purchasing things make sure the vendor is using HTTPS ( something like https://www.amazon.com when you are making a purchase using credit cards). Also IM (instant Messenger) traffic is COMPLETELY clear text and can be read by anyone on the internet. So don’t share private information on things like Yahoo IM or MSN live messenger.

    1. If you are using WEP authentications then 100% someone will be able to hack into your network and crack the password and they can see your entire network. Lots of script kiddy tools out there to do this.

    2. If you are using the WPAv1 authentications methods there is a way to hack into this as well. Basically someone deauthenticates you from the wireless network, and makes you reconnect. From that process they can again grab your password and possibily crack it.

    3. ARP poisoning is a method by in which a hacker will trick your computer into thinking that the hackers computer is the router or wireless access point. All traffic from your computer will then go into the hackers computer and the hacker can then use a packet sniffer like wireshark http://www.wireshark.org and see all your stuff.

    Best practices.

    1) Use WPAv2 authentication methods if your router supports it. If not then buy a new one. WPAv2 using AES encryption has not yet been hacked. As least publically available information says so.

    2) For your WPA2 PSK (preshared key) encryption key use a VERY LONG PASSWORD that is COMPLETELY RANDOM. I use https://www.grc.com/passwords.htm . Use the one in the middle.

    3) For your SSID (service set identifer) that names your wireless network, set it to non-broadcasting. This is an old security thing that can be bypassed, but it will keep away less formitable hackers. Also use https://www.grc.com/passwords.htm and use a 32 character random SSID.

    4) Use HTTPS when possible. HTTPS uses SSL/TLS to encrypt your data into junk essentially preventing someone on the internet who intercepts that traffic from reading it.

    (optional)

    If you have a desktop computer that is running all the time, and you have a server OS you can setup a RADIUS server and implement 802.1x which basically authenticates users who want to use the network with a username and password from like a Active Directory infrastructure. That is a little overkill for a home network, but for crazy people like me is cool the implement ^_^V.

    As a note, some may say the setting your SSID to non-broadcasting is trivial and won’t help because you can still discover it using a wireless sniffer and such, but at least it keeps regular people from see and or TRYING to get into your network.

    GL
    References :

Leave a Reply