Security Basics mailing list archives

Re: Demonstrate to users- insecure APs

From: "Nicholas Chapel" <nicholas.chapel () gmail com>
Date: Mon, 4 Jun 2007 13:56:55 -0400

If someone is connected to the WAP, then all traffic that goes through
it unencrypted will be ripe for the sniffing.  If you have computers
on a network segment that are not sending traffic through the AP then
someone who is associated to the AP will not be able to sniff the
traffic, but considering that most SOHO users are running a wireless
router as their primary Internet gateway it can be assumed in most
cases that all traffic going in and out from the WAN is at risk.

On 6/4/07, WALI <hkhasgiwale () gmail com> wrote:


Suppose I leave my Access Point in Unsecured Mode, no WEP/WPA etc.

Someone connects to my AP and receives an IP assignment via it's DHCP.

Is it possible to sniff all the traffic from all the machines that get's
connected and browse the Internet/LAN through this AP?

I mean, apart from the usual money saving aspect of having a free ride on
other people's money, ( at home) what else is the risk?

Current thread:

Demonstrate to users- insecure APs WALI (Jun 04)
- RE: Demonstrate to users- insecure APs Peter Marshall (Jun 04)
- Re: Demonstrate to users- insecure APs Nicholas Chapel (Jun 04)
- Re: Demonstrate to users- insecure APs Adam Crosby (Jun 04)
- RE: Demonstrate to users- insecure APs Murda Mcloud (Jun 04)
- Re: Demonstrate to users- insecure APs Manuel Arostegui Ramirez (Jun 05)
- <Possible follow-ups>
- Re: Demonstrate to users- insecure APs bruce_mcculley (Jun 04)
- Re: Demonstrate to users- insecure APs krymson (Jun 04)