Log in

View Full Version : Packet Sniffing


ipaq38vette
08-15-2005, 10:10 PM
I read an article online today about how drive by hackers can sniff out passwords and logons from wireless networks. I live right by a busy intersecrtion and i dont want this to happen. So I tried sniffing my PPCT password with a program called Airscanner mobile sniffer and picked up a number of packets. How do i interpret these packets - they look like gibberish to me. Am i safe from packet sniffing with WEP

Sven Johannsen
08-15-2005, 10:49 PM
No you are not safe from packet sniffing with WEP. You just did it. Are you safe from having your packets decrypted? Not really, there are tools out there that can do it with a relatively small amount of traffic. Is it an issue? Read some more. I just did a search on "How safe is WEP" and got tons of good info, and even more opinions.

Probably worth investigating WPA if your equipment supports it.

My opinion..and you'll some of these echo'ed and pooh-poohed alike, is that WEP is good enough for me at home. I don't see myself as the target of hackers, and if someone is looking for free WiFi, there are plenty of options near by. Then, WiFi encryption really is only protecting the span between your portable and your AP. The info that I would rather not have someone get is stuff I send out on the big world wide internet. I feel OK about that because typically that is protected by SSL. SSL is protected from my portable all the way to the destination. The WEP encryption on the wireless portion is on top of the SSL encryption done from end to end.

So for home use, I use WEP and choose not to worry about it. I am more concerned about hackers busting into all the big databases floating around with all manner of info in them, than targeting my little suburban WiFi network.

OSUKid7
08-16-2005, 01:03 AM
If someone gets into your network (wired or wireless), they can sniff your packets, and thus see all unencrypted (non-SSL) passwords. For wired networks, you're usually pretty safe, since the intruder would have to physically plug into a port to get on your network. But with wireless, you're broadcasting outside your walls. Like Sven said, WEP is not secure. It would be better to use WPA or WPA2 if you can. That being said, WEP is a ton better than nothing. While it's relatively easy to break WEP encryption, the typical wardriver will just go a few houses down to use the network that has no encryption.

SSL really is great technology. After a scare (http://www.pocketpcthoughts.com/forums/viewtopic.php?p=354371#354371) earlier this summer, I'm much more cautious about my passwords. Most of my email accounts support SSL now, but for those that don't, I created a separate "non-SSL" group in Outlook that I only send/receive manually, so I don't accidentally give out my passwords when on a public network. I also now use different passwords for just about every site/account.

So basically, it's good you use WEP. If your wireless clients support WPA/WPA2, use that. Otherwise, WEP is a ton better than nothing.

ipaq38vette
08-16-2005, 02:45 AM
thanks guys - once i took my ppc on a trip to chicago, saw about a hundred networks, most without WEP 8O

BUMP THAT
08-16-2005, 04:22 PM
I know people who wanted to sniff out some networks. But their intentions were to get WIFI access. But it really isnt safe out there anywhere in anyway. I use WPA and I feel fine as far as safety. Then again I rarely use WIFI. Mostly for I.M., Weather Updates and Light mail. WEP is good too, but I read that the FBI was able to crack a WEP security within 3-5 minutes. So I got paranoid 8O and started WPA-PSK. I find that I have less problems with WPA than I did with WEP.