Is my connection secure?

Jouni Malinen j at w1.fi
Fri Aug 8 12:27:49 EDT 2008


On Sun, Aug 03, 2008 at 10:50:55PM -0300, - t3sT0r wrote:

> I'm using hostapd with madwifi drivers as an AP, and connecting from a XP
> laptop using wpa_supplicant. I tried to encrypt the connection with WPA, but
> I'm not sure if I have done it properly, because when creating a second
> virtual interface in monitor mode on the same machine that runs hostapd, I
> can see all the packets in plaintext (I use wireshark to see the packets). I
> also tried enabling debugging with athdebug and 80211debug , and I also see
> the packets as plaintext (at least the ones from the machine running
> hostapd).

If you are using hardware acceleration for encryption/decryption, the
virtual monitor interface would receive decrypted frames. Assuming you
can see hostapd and wpa_supplicant going through WPA 4-way handshake, I
would say it is reasonable to assume you are using an encrypted
connection. Whether it is secure would depend on the quality of your
keys (wpa_passphrase in this case) and your definition of secure ;-).
Assuming you are using CCMP with a long, random passphrase that is not
exposed to any other device apart from your AP and client, I would
consider the connection secure.

-- 
Jouni Malinen                                            PGP id EFC895FA


More information about the HostAP mailing list