WiFi question

Hi, I got WiFi router and I would like to know, what exactly is WPA2 encryption good for? I found dozens of explanations via google, but I need to know, what does it protect? Lets say, that someone would get my WPA2 key, what could he do? He could just connect to my network or he could sniff all unecrypted passwords, traffic or what ... ?

 

All of the above.

 

OK, thanks.

 

WPA2 is the most recent protection mechanism for wireless data. It is not a panacea however. The following article shows how *weak* WPA2 passwords can be cracked. The key word here, is weak:

http://www.smallnetbuilder.com/wireless/wireless-howto/30278-how-to-crack-wpa--wpa2

A 63 character random password from some place like GRC's password page will make it not worth anyone's time.

It's like any thing else; PGP, TrueCrypt, etc... if "password" is your password, you're done.

P

 

I have "unbreakable" key, I am just afraid, that some mallware might steal WPA2 key from other computer's settings, since other user might infect hers PC.

 

no need to be afraid of any malware, particularly one that will somehow snatch wpa2 keys, as you will not let any infect your machine.

 

If malware has installed itself onto a PC logged into the network, then the malware doesn't have to bother stealing the WPA2 key, since it already has access to the network and can snoop at it wants.

Typically, the people interested in your WPA2 key are going to be people physically near you, within range of the wifi signal. In contrast, the vast amount of malware downloaded is going to be from people potentially thousands of miles away, attacking anyone on the internet, so collecting WPA2 keys for hundreds to thousands of access points they can't use isn't of interest to them.

However, if you're really concerned about your key being stolen from another computer on your network, you could get a router that can use multiple SSIDs, and assign different computers to different SSIDs, each with a different WPA2 key. That way, if one computer gets compromised, only that one computer's network would be compromised. Many routers now allow for a "guest" network, so you could at least split your network in two. However, this would come at the cost that the computers in your house wouldn't be able to communicate with each other, only the internet.

 

If you are really concerned about WiFi security you could get a non-wireless router or disable the wireless features of your router, if possible.

Generally, wired connections are safer and more stable than wireless.

If you use a wired connection Google won't be able to localize you so easily ('street view'). (geolocation)

It's important to configure your router properly. Generally it's about setting a good password and proper wireless encryption, like WPA2 (AES) with a long key. Depending on the router you may have to deal with other issues.

 

The thing about your WPA2 key is that anyone that has ever connected to your WiFi will have it stored on their machine and it can be retrieved with this handy little tool. http://www.nirsoft.net/utils/wireless_key.html

Since there are people with personal devices that connect to our work WiFi I hate to think of the possibilities if one of those devices is lost or stolen.