When I discuss Wi-Fi security, I try to show an example of what a Wi-Fi
eavesdropper or hacker could see from an unencrypted wireless network. This way
you can imagine what someone from the parking lot or nearby can see of the data
traveling between you and the access point (AP). The underlying reason is to
help you understand why you need to encrypt your wireless connections. I
usually stick with examples on how email messages and login details can be
sniffed. But I thought I’d show you more.
In this article, we’ll look at several different online and network services
or communication types that are vulnerable to sniffing or capturing by
eavesdroppers. Plus along the way, I’ll give tips on how
you could secure them, over and above encrypting the entire link.
What we’ll discuss mainly applies when you are using public Wi-Fi hotspots or
wired Internet ports you plug into. Though you can have the same types of
vulnerabilities when using private networks, enabling WPA or WPA2 encryption
scrambles all the communication from Wi-Fi eavesdroppers. So make sure your
Wi-Fi network is using this encryption!
Websites you are visiting
First we’ll look at the simplest service, http connections. In other
words, the communication between a web browser and web servers on the Internet
when you’re browsing the web. Eavesdroppers can see what websites you are
visiting. The addresses are always mentioned in the network packets. However,
this is a crude method to snoop. They just see the URLs along with the raw html,
php, or other web code. Figure 1 shows what the web page (of my site) pictured in Figure
2 might look like in a network analyzer.
Figure 1:
Figure 2:
However, if an eavesdropper wanted to go a step further, they could use a
sniffer that captures the network packets and resembles the files or code. This
way they could actually see the web pages you’re visiting. Figure 3 shows an
example, based off the page previously shown in Figure 2. Remember, they have the same
data you’ve accessed store on their computer. They can export or save individual
files (images, pages, documents) to their computer.
Figure 3:
Remember, data from any secured web connection is scrambled and they can’t
see it. For example, when you access your banking, PayPal, and most other
important accounts online, the connection between your computer and their server
is usually totally secure. This is the case when the site uses SSL encryption,
indicated by a https address rather than the usual http. Plus web
browsers display a yellow pad lock in the lower right corner or around the
address bar on top, when the connection is secure.
You shouldn’t have to worry about non-secured sites when on your
private network, since you should be using WPA or WPA2 encryption. However, when
on public networks, if you want connections to non-secured sites protected, you can use a VPN.
I’ll list some VPN providers later.
Files being transferred over the network
Any files you transfer between computers on an unsecured network, or files
you open from network locations, can be captured by eavesdroppers. They could
review the raw packets to see the contents of clear-text files. Again, they
could also use a special sniffer to export and save the file(s). This includes
database files, documents, zip files, images, audio files, everything.
Figure 4 shows an example of what the plain text file pictured in Figure
5 would look like in an analyzer.
Figure 4:
Using WPA/WPA2 encryption on your private Wi-Fi network solves this problem.
For public or unsecured networks, you shouldn’t be sharing
files. You should actually disable file and printer sharing in the network
connection properties in Windows XP or select the public network type in Vista.
Figure 5:
Email login credentials and messages
In previous articles of mine, such as
How
To Secure Your E-mail, I’ve used the email example with Outlook. Check
it out if you haven’t yet.
Don’t forget about web-based email. Like described earlier about non-secured sites, accessing web-based email
without SSL encryption means your messages can be captured. Some email sites
always offer secured access, while others can be optional or non-existent.
Currently, the default for Gmail is no encryption. Figure 6 shows an
example of what an eavesdropper can sniff when you send an email from your Gmail
account, using an unsecured connection.
Figure 6:
To find out if your web-based email provider offers encrypted access, throw a
S after the HTTP. For example, instead of
http://mail.google.com, it would be
https://mail.google.com/. Securing POP3 accounts that use a client, such as
Outlook, is a bit more involved. Refer to my
article on securing email for more information.
Using WPA/WPA2 encryption on your private Wi-Fi network protects unsecured
email from eavesdroppers. If you can’t or don’t want to secure your email when
using public networks, you could use a VPN to encrypt your communications.
FTP login credentials and transferred files
If you upload or download files to or from a FTP server, on a unprotected
network, sniffers can capture the file(s). Plus just like with the email server, the login credentials are also sent in clear-text
(see Figure 7) for the eavesdropper to see.
Figure 7:
Unfortunately, it is not possible to secure or encrypt FTP connections.
However, using FTP on your private network is fine when using Wi-Fi encryption.
Unless you use a VPN, you should not use FTP connections while on public
networks. If you are the server administrator, you might look into other
secure methods, such as SFTP.
Instant messaging conversations
Most instant messaging and chat programs, including ICQ and IRC, send and
receive in clear-text. So if you are on a public network, eavesdroppers can see
the conversations with your loved-ones, friends, or business associates. Figure
8 shows an example of an Yahoo Messenger IM and Figure 9 shows what it looks
like in a sniffer. Again, to prevent this on unsecured
networks, you can use a VPN.
Figure 8:
Telnet login credentials
Don’t forget about Telnet; it also sends and receives in clear-text. Again, don’t connect to servers or computers via Telnet on
unencrypted networks, unless using a VPN. You should really look into using SSH
instead, which is secure.
Keeping it secure
We’ve discovered several Internet and network services that are vulnerable to
sniffing on unprotected and public networks. Anyone within range could possibly
see websites you are visiting and the files you are downloading or transferring.
Email messages, files transferred using FTP, and Telnet sessions are also vulnerable,
along with their login credentials. Finally, we saw that instant messaging
conversations can also be captured.
Figure 9:
I’ll leave you with some tips on how to keep these types of services secure:
- Enable WPA or WPA2 encryption on your network: Then you won’t
have to worry about the issues we’ve discussed, when on your own network. - Independently secure services: Try to use encryption for the
services that can be optionally secured, such as your email. Use
alternatives when possible, such as SSH instead of Telnet and send files via
secured email instead of FTP. Plus make sure access to sensitive online
accounts is via HTTPS/SSL. - Use a VPN when on a public network: This encrypts all your
Internet communications from local Wi-Fi eavesdroppers on public and unsecured networks.
AnchorFree offers
free web-based SSL VPN service. Paid service is available from
WiTopia and
HotSpotVPN. - Don’t use same password for everything: If your credentials for a
particular service are comprised, you want to make sure the hacker can’t get
into your other services or accounts. There are password management
utilities out there that can help you securely manage all your passwords.
Eric Geier is an author of
many computing and networking books, including Home Networking
All-in-One Desk Reference For Dummies (Wiley 2008) and 100 Things You
Need to Know about Microsoft Windows Vista (Que 2007).