affordableCebu
Home » Questions » Computers [ Ask a new question ]

What are the dangers of running a wireless router with no encryption?

What are the dangers of running a wireless router with no encryption?

I have an Airport Extreme and I've been having trouble running with WPA2 encryption. It intermittently loses the connection to the router. I turned encryption off and the problem seems to have gone away. I used to run with an open network all the time, and never really worried about it because I'm on a VPN most of the time. However, my new roommates aren't so keen on the idea. They're worried that it might be possible to connect to the same router and gain access to whatever they're working on. Would doing something like running under promiscuous mode give an attacker this kind of access, or do they have nothing to worry about?

Asked by: Guest | Views: 403
Total answers/comments: 2
Guest [Entry]

"Though, I don't personally agree that WEP is no security, it's better than nothing. We can agree that easily hacked, but, I don't believe that there are WEP cracking gremlins running up and down the street hacking WEP encrypted APs (if there are, I demand pics!). Will it stop the average person from mistakingly connecting to your AP? Yes. Is it a good form of encrypting your data over the wire? No. WEP just uses a single key and XORs your data with it...it may be easily hacked but its better than nothing. WEP is like going to a jousting with just your clothes on, it may not help but its better than going there naked.

Having NO SECURITY is like leaving your front door open. Izzy made some good points. And to expand on MITM attacks, assuming there are gremlins who really want to mess with you, they can change DNS servers to their servers. This means that when you goto chase.com you will query their DNS server which will take you to a fake site. SSL wont even be able to protect you in this case either because the attackers chase.com wont have a certificate to present. The average person won't ever notice this.

If you don't want to use ANY encryption, then MAC address checking would be the best bet. I would personally try WPA and see if that is any better. Again, your data will be sent in the clear over the air if you just use MAC address checking, which any of the gremlins can possibly sniff.

Now the other question is really location. Are you in the middle of nowhere with the nearest neighbor miles away? I would say it would be safe to run without any protection. If you live in downtown Chicago and you can touch your neighbors house by just reaching outside your window, I would highly recommend that you use WPA2 or get a new router."
Guest [Entry]

"If you use nothing (or WEP - same thing) you are open to other people connecting to your network, browsing your machine shares, and worse. It's a very real possibility that someone will use your connection to engage in illegal activities. To the outside world (read: the police) it's you that broke the law until you can prove otherwise. Downloading pirated materials, child porn etc.

It's also possible for man-in-the-middle attacks to be initiated this way."