Securing yourself at a nonsecure wireless network
-
- n00b
- Posts: 14
- Joined: Wed Dec 01, 2004 12:03 pm
- Location: Denmark
Securing yourself at a nonsecure wireless network
At my school the hole wireless LAN isn't encrypted. There is no such thing as security, that may sounds as a good idea but I don't think so. I tried to use a packet sniffer at the wireless net, and found out that all the passwords and usernames send to the http proxy were shown in plain text. Pretty scary. So here is my question, is there any way I can secure my information send to the AP when is isen't running any encryption?
The other students have also found out to use the packet sniffer so I would like to secure my connection.
Maybe I should also tell if you guys haven't found out that iam a student at the school not an administrator.
The other students have also found out to use the packet sniffer so I would like to secure my connection.
Maybe I should also tell if you guys haven't found out that iam a student at the school not an administrator.
By
SecUsr
SecUsr
- matt
- Challenge Winner [1x]
- Posts: 772
- Joined: Sun Jul 18, 2004 1:19 pm
- Location: u.kingdom Manhood: large
- Contact:
- BattousaiX
- Your Senior
- Posts: 933
- Joined: Wed Jun 23, 2004 9:19 am
-
- n00b
- Posts: 14
- Joined: Wed Dec 01, 2004 12:03 pm
- Location: Denmark
I forgot to mension that I have told them about it. An they wont do anything about it....
They are at the oppinion that if it works then they wont do anything about it, sad but true!
But again if they start using WPA etc. then the people that are allowed at the net will still be able to read the passwords because they got the key, what can you do about that?
They are at the oppinion that if it works then they wont do anything about it, sad but true!
But again if they start using WPA etc. then the people that are allowed at the net will still be able to read the passwords because they got the key, what can you do about that?
By
SecUsr
SecUsr
- pozican
- Oh lawd is dat sum chikinz
- Posts: 1617
- Joined: Tue May 18, 2004 1:29 pm
- Location: #hackerthreads
I don't think you can do much to hide the non-secure passwords on a wireless network -- Even with WEP anyone who can get on it, can also still sniff. If you are worried about your passwords I think the only way to encrypt them is to fix whereever your passwords are going to enable 128 encryption
Get some exercise -- Support bad porn
Life for President, Ramius for vice, GhostHawk for Secretary of Beer
i <3 2 sqrt(u)
Life for President, Ramius for vice, GhostHawk for Secretary of Beer
i <3 2 sqrt(u)
- BattousaiX
- Your Senior
- Posts: 933
- Joined: Wed Jun 23, 2004 9:19 am
- BattousaiX
- Your Senior
- Posts: 933
- Joined: Wed Jun 23, 2004 9:19 am
I was breifly reading a book called Hacking the Network how to own a continent. In this book this guy uses a program to send out more fake request than real. You could use some program of this nature.
I only read the introduction, but seemed like a great book. ;)
I only read the introduction, but seemed like a great book. ;)
Living tomorrow as another day of the past
-
- n00b
- Posts: 8
- Joined: Mon Feb 21, 2005 1:28 am
Tunnelling
Do you have access to another computer at home? You could do an encrypted tunnel to your home machine to encrypt everything from your computer over the wireless network.
To back up: Since you can't get them to encrypt the network, you need to encrypt your traffic from prying eyes. The easiest way to do that, if you have access to a machine outside the network as well, is through secure tunnels or port forwarding.
Here's my setup for attending conferences: I have a Linux machine at home that exposes SSH (and only SSH) to the outside world. I run Squid on that machine to be a web proxy. When I'm away with my XP laptop, I use PuTTY to connect back to my home machine over SSH. I also forward port 3128 (default port for Squid) to the home machine and set my XP browser to use localhost:3128 as the proxy.
When I open the browser, then, it tries to use localhost:3128 as the proxy. PuTTY forwards this to the Linux server, which forwards the traffic to itself on port 3128, which Squid picks up and does its magic.
Voila! I can now surf the web in peace knowing that everything from my laptop through the unsecured wireless network is wrapped in an encrypted pipe. You'll need a computer outside the network running an SSH server (avaliable with any decent *nix distribution, and look at OpenSSH for Windows), and an SSH program (I use PuTTY for windows) on your wireless machine.
Also, check out stunnel for a program built for generic tunnels.
Hope this helps - it's way past my sleeptime, so I may be rambling a bit.
To back up: Since you can't get them to encrypt the network, you need to encrypt your traffic from prying eyes. The easiest way to do that, if you have access to a machine outside the network as well, is through secure tunnels or port forwarding.
Here's my setup for attending conferences: I have a Linux machine at home that exposes SSH (and only SSH) to the outside world. I run Squid on that machine to be a web proxy. When I'm away with my XP laptop, I use PuTTY to connect back to my home machine over SSH. I also forward port 3128 (default port for Squid) to the home machine and set my XP browser to use localhost:3128 as the proxy.
When I open the browser, then, it tries to use localhost:3128 as the proxy. PuTTY forwards this to the Linux server, which forwards the traffic to itself on port 3128, which Squid picks up and does its magic.
Voila! I can now surf the web in peace knowing that everything from my laptop through the unsecured wireless network is wrapped in an encrypted pipe. You'll need a computer outside the network running an SSH server (avaliable with any decent *nix distribution, and look at OpenSSH for Windows), and an SSH program (I use PuTTY for windows) on your wireless machine.
Also, check out stunnel for a program built for generic tunnels.
Hope this helps - it's way past my sleeptime, so I may be rambling a bit.
-
- Banned
- Posts: 149
- Joined: Mon Feb 07, 2005 10:03 pm
it is possible to eavesdrop on your regular cables, so the best solution is fiber optics ;)BattousaiX wrote:One solution: Use wires. :)
edit: well, maybe not the best...
http://www.cnn.com/2005/US/02/18/submarine.secrets.ap/