Encryption-what can hackers see?

mehmeh12

Hi

In the worst case scenario when you are using a wireless connection over non secure http pages what a can a hacker 'see' if they have hacked the wireless key? for example is it just information about the websites you visited, your keystrokes etc.

Spear

mehmeh12 wrote: »

Hi

In the worst case scenario when you are using a wireless connection over non secure http pages what a can a hacker 'see' if they have hacked the wireless key? for example is it just information about the websites you visited, your keystrokes etc.

If the encryption key is broken then all traffic can be seen as it appears on the compromised network. Not keystrokes though.

mehmeh12

Spear wrote: »

If the encryption key is broken then all traffic can be seen as it appears on the compromised network. Not keystrokes though.

Im not that good with computers-define traffic. Is traffic a list of websites and data about the network or is it like being able to emulate what the person did over the network? For example im on boards.ie right now- can a hacker see that i am on boards.ie or can they see the exact webpage i am viewing right now as i type this message?

kmick

mehmeh12 wrote: »

Hi
In the worst case scenario when you are using a wireless connection over non secure http pages what a can a hacker 'see' if they have hacked the wireless key? for example is it just information about the websites you visited, your keystrokes etc.

In the worst case scenario they could hijack your access point. Maybe change the DNS servers to something they control redirecting you to potentially dangerous sites. If you network is fairly open they may be able to see your shared folders on machines on the network and drop files in there. Would you leave your front door open?

Spear

mehmeh12 wrote: »

Im not that good with computers-define traffic. Is traffic a list of websites and data about the network or is it like being able to emulate what the person did over the network? For example im on boards.ie right now- can a hacker see that i am on boards.ie or can they see the exact webpage i am viewing right now as i type this message?

Whatever communications are sent to and from your machine. The DNS lookup for boards.ie, the DNS response, the GET request for the page, the page that's returned etc.

mykro28

If the encryption is compromised you can see pages visited, in the form of the HTTP GET in real time, any HTTP POST which can contain usernames and password, any SMTP or email traiifc including usernames or passwords, basically anything you type into a browser or anything your computer connects too.
If you access a site that uses SSL then the contents to and from that site will be encrypted between your browser and the web server, however it will be possible to determine that you visited that site and the version of SSL used.
It is also possible for a hacker to capture your transactions and reply them, maybe after modifying the information within the traffic. This is all pretty easy stuff after the wireless has been hacked.
Also it is worth knowing that once something is in the internet in clear text, it is technically available for anyone to see, including email. Obviously there are some practical obstacles to overcome but just be aware that anything posted on the internet, and certain sites are to be considered public, even supposedly secure sites like ....book etc.... Also when you send an email be aware that it is akin to posting a postcard, anyone in the delivery chain can potentially read the contents.
That's my paranoia done for today....

mehmeh12

kmick wrote: »

In the worst case scenario they could hijack your access point. Maybe change the DNS servers to something they control redirecting you to potentially dangerous sites. If you network is fairly open they may be able to see your shared folders on machines on the network and drop files in there. Would you leave your front door open?

im currently using open dns on this computer but not the router-the router has the ISP dns settings.

I have no shared folders on my pc. Hopefully comodo firewall is preventing direct access to my pc- i told it to stealth all my ports to everyone, even my router's ip address.

Im not sure if i have the right encryption up-im using vista with WPA2 PSK with AES but for some reason a lot my neighbors say that they can see what im doing over my wireless because im using WEP according to their computers.

In addition i had a similar problem with my vista laptop involving WEP. Basically whenever i told the SSID to hide itself i would get my network with WEP settings. When i told the SSID to not hide itself i got my network with WPA2 PSK with AES. I only have this problem with vista, i have another laptop with xp service pack 3 that always detects my network with WPA2 PSK with AES.

Im so confused.

mehmeh12

Hymm suddenly the flow of messages stops...was it something i said in my earlier post?

Spear

mehmeh12 wrote: »

Hymm suddenly the flow of messages stops...was it something i said in my earlier post?

Your router could be running multiple access points with differing encryption. The Vodafone ones do this, one is called vodafone_xxx in WEP, another is called vodafone_secure_xxx in WPA. It's not likely though.

mehmeh12

Spear wrote: »

Your router could be running multiple access points with differing encryption. The Vodafone ones do this, one is called vodafone_xxx in WEP, another is called vodafone_secure_xxx in WPA. It's not likely though.

Ah hah i think you have it!-i am with perlico and am using their zyxel prestige modem- is this not the same modem that vodafone ship out to new customers in replacement of their bewan modems?

Spear

mehmeh12 wrote: »

Ah hah i think you have it!-i am with perlico and am using their zyxel prestige modem- is this not the same modem that vodafone ship out to new customers in replacement of their bewan modems?

No, they send a Bewan model.

pieface_ie

As already mentioned,all traffic/data is visible.
login details and passwords,all websites and sites your currently on.

also you have session hijacking,if you are logged into a service,the attacker can take over the session by stealing the cookies and altering them,and do what he wants as the website would think its still you.

SSL is not safe anymore as that also now can be decrypted,do if you are not close enough to the target machine it will cause a denial of service ato tack.

WEP is no good.
Hidding your SSID there is still away to uncloak it.
WPA/WPA2 your better off with,and make sure your password contains characters like $£^&*" as the only way at present to defeat this security is by deauth a client to capture the four-way hand shake and the brute force the password. (attacker has a list of words in a file that is tested against your password)

dub45

mehmeh12 you keep asking the same questions with monotonous regularity.

As it stands wpa2 is the best there is for us ordinary folk and as you have been told before if you can't live with that buy a long ethernet cable.

Next post from you on wireless security is going into the personal issues forum.

And can I say that you must live in the most tech savvy neighbourhood in the world?

In one of your previous posts iirc a kid was shouting at you in the street that he had your password and now the neighbours sit around discussing what you are doing on your wireless network????:rolleyes:

but for some reason a lot my neighbors say that they can see what im doing over my wireless because im using WEP according to their computers.