Wireless encryption

[James Knott]

Giles Orr wrote:
> I've done some research on this but haven't had any luck ...
>
> In the old days of "hubs" you could sniff pretty much anyone's network
> traffic just by plugging into the hub.  And the same thing is true of
> unencrypted wireless traffic: just get your wireless card in
> promiscuous mode and start logging.
>
> But now comes the question(s): if Alice and Bob are both
> connected/associated to the same wireless router that uses WEP
> encryption, can Bob see (sniff) Alice's traffic as clear text?
>
> How about with WPA, and WPA2?
>
> I encourage people to use SSL at all times anyway ...  Blame Firesheep
> for the questions.
>
>    
The encryption method doesn't matter.  It's essentially the same as if 
you're plugged into an ethernet switch.  Some WiFi gear can be 
configured to block communication directly between users.  Back in the 
days when I was using WEP, I had my WiFi network outside of my firewall 
and could only reach my network by using OpenVPN or SSH.  However, I'm 
now using WPA2 (with a 63 random character password*), which is very 
secure and have the WiFi connected directly to my home network.


*Those random passwords can be obtained from www.grc.com.  Click on 
Services > Perfect Passwords.  I use the alpha-numeric passwords only, 
as I've found some equipment chokes on some of the other characters.

--
The Toronto Linux Users Group.      Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists