Is my connection secure?

Jeff Sadowski jeff.sadowski at gmail.com
Fri Aug 8 15:13:16 EDT 2008


you could always setup a free radius server to connect if you want to
step up the security a little more.
So they would need a valid username and password.

On Fri, Aug 8, 2008 at 10:27 AM, Jouni Malinen <j at w1.fi> wrote:
> On Sun, Aug 03, 2008 at 10:50:55PM -0300, - t3sT0r wrote:
>
>> I'm using hostapd with madwifi drivers as an AP, and connecting from a XP
>> laptop using wpa_supplicant. I tried to encrypt the connection with WPA, but
>> I'm not sure if I have done it properly, because when creating a second
>> virtual interface in monitor mode on the same machine that runs hostapd, I
>> can see all the packets in plaintext (I use wireshark to see the packets). I
>> also tried enabling debugging with athdebug and 80211debug , and I also see
>> the packets as plaintext (at least the ones from the machine running
>> hostapd).
>
> If you are using hardware acceleration for encryption/decryption, the
> virtual monitor interface would receive decrypted frames. Assuming you
> can see hostapd and wpa_supplicant going through WPA 4-way handshake, I
> would say it is reasonable to assume you are using an encrypted
> connection. Whether it is secure would depend on the quality of your
> keys (wpa_passphrase in this case) and your definition of secure ;-).
> Assuming you are using CCMP with a long, random passphrase that is not
> exposed to any other device apart from your AP and client, I would
> consider the connection secure.
>
> --
> Jouni Malinen                                            PGP id EFC895FA
> _______________________________________________
> HostAP mailing list
> HostAP at lists.shmoo.com
> http://lists.shmoo.com/mailman/listinfo/hostap
>


More information about the HostAP mailing list