Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Wireless hot-spot & WPA-2 - How secure if password is common


  • Please log in to reply
7 replies to this topic

#1 GoshenBleeping

GoshenBleeping

  • Members
  • 269 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:52 PM

Posted 07 May 2013 - 12:48 PM

There is a local cafe with a wireless hot-spot using WPA-2. Every customer who wants to use the wireless is handed the wireless SSID and the same password. Am I correct that this is not secure since everyone has the same password? If not, what am I not understanding?
 
Thank you.


BC AdBot (Login to Remove)

 


#2 jhayz

jhayz

  • BC Advisor
  • 6,922 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:52 AM

Posted 07 May 2013 - 10:24 PM

The network access authentication of a hotspot is nothing different to a common home wireless network. Since it uses the latest WPA2 which means its a more secured setup compared to an open network which is more vulnerable to hacking, see this link for more information and tips. There are also softwares available for hotspot security like http://www.hotspotshield.com/en


Edited by jhayz, 09 May 2013 - 02:32 AM.

Tekken
 


#3 GoshenBleeping

GoshenBleeping
  • Topic Starter

  • Members
  • 269 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:52 PM

Posted 08 May 2013 - 10:00 AM

I am not sure I understand your response. What do you mean by "is nothing different to a common home wireless network"? At home, I connect to my DSL wireless router using WPA-2 so how is this different from the local cafe hotspot? By the way the URL above does not exist.



#4 chrisd87

chrisd87

  • Members
  • 811 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NC
  • Local time:12:52 PM

Posted 08 May 2013 - 10:47 AM

With WPA-PSK and WPA2-PSK, it's a little trickier, but not too hard. WPA-PSK and WPA2-PSK encrypt everything with per-client, per-session keys, but those keys are derived from the Pre-Shared Key (the PSK; the key you have to know to get on the network) plus some information exchanged in the clear when the client joins or re-joins the network. So if you know the PSK for the network, and your sniffer catches the "4-way handshake" another client does with the AP as it joins, you can decrypt all of that client's traffic. If you didn't happen to capture that client's 4-way handshake, you can send a spoofed de-authenticate packet to the target client (spoofing it to make it look like it came from the AP's MAC address), forcing the client to fall off the network and get back on, so you can capture its 4-way handshake this time, and decrypt all further traffic to/from that client. The user of the machine receiving the spoofed de-auth probably won't even notice that his laptop was off the network for a split second.

 

 

You can even try it for yourself in Wireshark: There is a built-in option to decrypt all transmissions in the 802.11 settings; as long as you know the PSK and the initial authentication is contained in the recorded traffic, Wireshark decrypts it automatically for you.

 

The difference between WEP and WPA is that there is a different pairwise key (called the pairwise transient key) for every client, but as this key is always directly derived from the PSK, it doesn't really add any security at all. If you want that kind of security, you would have to use EAP and a RADIUS server (sometimes called "WPA enterprise), where the PMK is different for every client.

 

If you don't want your important information being accessed then the best practice is to not do anything that contains important information on a shared network.


Edited by chrisd87, 08 May 2013 - 10:52 AM.

"Like car accidents, most hardware problems are due to driver ɹoɹɹǝ."

 


#5 GoshenBleeping

GoshenBleeping
  • Topic Starter

  • Members
  • 269 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:52 PM

Posted 08 May 2013 - 12:10 PM

Thank you very much for taking the time to answer my question.



#6 Sneakycyber

Sneakycyber

    Network Engineer


  • BC Advisor
  • 6,135 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ohio
  • Local time:12:52 PM

Posted 08 May 2013 - 06:46 PM

Awesome explanation chrisd87 :thumbsup:

Edited by Sneakycyber, 08 May 2013 - 06:47 PM.

Chad Mockensturm 
Network Engineer
Certified CompTia Network +, A +

#7 chrisd87

chrisd87

  • Members
  • 811 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NC
  • Local time:12:52 PM

Posted 08 May 2013 - 07:16 PM

Thanks Sneaky. :bananas:  Having experience with Wireshark, you kind of get first hand experience with all the security side of standards and etc. It's a very powerful application if you know how to use it.

 

Also Goshen, if you want experience with EAP and 802.1x standard then you can download a free RADIUS server from http://freeradius.org/ . You have to be running a varient of Linux OS for the use of it, which can be a downside if you're not familiar with Linux. BUT the experience you will gain and knowledge you'll aquire is way worth the pain it may be at first of setting it up. That way you can see how powerful and better the 802.1x standard is.


Edited by chrisd87, 08 May 2013 - 07:22 PM.

"Like car accidents, most hardware problems are due to driver ɹoɹɹǝ."

 


#8 jhayz

jhayz

  • BC Advisor
  • 6,922 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:52 AM

Posted 09 May 2013 - 03:12 AM

Fix the link. :) By saying 'nothing different' means being the same as they are accessible wireless network given that you know the passphrase and SSID or simply open. The only difference is the network location access - public, work and home. WPA2 have superseded WPA and the inferior WEP encryption which is susceptible to intrusion and hackers. Rather on a public network, it is best to access online confidential data on your own private network.


Tekken
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users