Page 2 of 2

Re: Cell Phone Sniffing

Posted: Fri May 04, 2018 6:15 am
by Cool_Fire
Under a good VPN configuration it is not possible to sniff the data and it will take impractically long to brute force the encryption key.

HOWEVER
There are bad configurations;
- A VPN connection is usually encrypted, but it does not need to be. You can for example configure OpenVPN to not use any encryption at all, which would make it no better than not using a VPN at all for privacy reasons.
- A VPN may use a very weak encryption. This means it's probably not viable to crack it fast enough to get the same sniffing and injection abilities you get on an un-encrypted channel, but it may be feasible to capture the traffic and crack the key offline at a later point.
- If you are able to capture the connection setup of the VPN, you may be able to capture the key (or the parameters used to generate the key). This heavily depends on the VPN implementation. If it is implemented properly this should not be possible but not all VPN software is implemented properly.