Help me with my WLAN security!

This is my security problem.

So, I'm connecting to the internet through a WLAN network, shared by another person, we both are admins over the network and know the password, but he is a computer guru and is into hacking, and I'm a computer illiterate.

The thing is, he gave remarks about "sniffing" my data (Aka Web browsing for the most part) and I think he is serious, I'm trying to protect my privacy here, I asked in a lot of places but the answer always was "get a VPN" and I can't afford that. :(

I want to protect my data but he is on the same network (and an admin nonetheless).

What should I do?

Frank

Posted 2011-01-28T09:31:54.267

Reputation: 31

Answers

If he sniffs your data, he can be arrested over the computer misuse act. This is a UK law, but America have even tighter rules about this sort of thing.

Externally, if your WLAN is using a WPA2/PSK encryption, then you should be fine from most people. Obviously this isn't foolproof (nothing is) and could be cracked, but it would take forever to do so.

Internally, well you don't say if this is at work or at home. If it's at work, leave all your "private" surfing at home. What can he get from you if your just reading about sports? As I said, if he does sniff your data this is a criminal offence. Threaten him with that and see how many times he makes remarks about sniffing your data in future.

Also, regarding VPN's, there are free alternatives to the paid for VPN. A quick search on google gave me this: http://www.avinashtech.com/internet/15-best-free-vpn-for-secure-anonymous-surfing/. But as I said, the best way to protect your personal information is to leave your personal web use at home. Use your work internet for work purposes, not for Facebook! :)

mickburkejnr

Posted 2011-01-28T09:31:54.267

Reputation: 1 437

They both are on the same WLAN and effectively share the same encryption keys... Isn't the traffic clear as day then? – sinni800 – 2011-01-28T09:48:35.157

1@sinni That's the "externally" part of the second paragraph. Not relevant here. – Daniel Beck – 2011-01-28T09:51:11.100

Alrighty, not relevant :) – sinni800 – 2011-01-28T09:55:09.350

He can only sniff data which is not secured.

Secured is: HTTPS, SSH, for example.

Insecure is: HTTP, FTP for example. He can completely sniff this traffic.

For a VPN you first need a VPN provider. For example http://openvpn.net/ (I never tried this, I don't use VPNs.)

OpenVPN also has the client on their site (most popular VPN client as far as I know). You should find a tutorial here, too.

But you said you can't afford a VPN... So there's a few alternatives:

Tor (Very slow, but completely anonymous and encrypted)
Using a free VPN service that includes ads in your traffic: Here is a list of them

sinni800

Posted 2011-01-28T09:31:54.267

Reputation: 3 048

Tor is only useful if you don't do things that can be linked back to you. Leaking classified documents of a huge organization is fine, logging into Facebook is not. – Daniel Beck – 2011-01-28T09:52:16.200

Afaik Tor encrypts transfers between nodes. Which will effectively make sniffing in a WLAN useless. Though it is true there CAN be implications when you log into a unencrypted site. The "exit node" will know your data. – sinni800 – 2011-01-28T09:54:11.237

That's what I meant. You replace your friend/colleague/neighbor with someone you know nothing about and isn't bound by telecommunications law. – Daniel Beck – 2011-01-28T10:04:23.953

Alright, I give it that. VPN does the same though, if I use a free one I wouldn't one houndred percent trust it. I'd rather trust one that I paid for. – sinni800 – 2011-01-28T10:16:10.687

If you are on the same network, there's little you can do. Of course, all your HTTPS and SFTP/SSH traffic will be secured, but everything else will go through a router at some point, and depending on how experienced your roomate (?) is, he will be able to sniff pretty much anything, even if you have a secured WiFi.

Please threaten him with the fact that sniffing anybody else's private data is illegal, even if you share a network. This is your only resort if you can't find a decent VPN provider.

slhck

Posted 2011-01-28T09:31:54.267

Reputation: 182 472

Thank you all, I tried HOTSPOTSHEILD ... Is that Okay? I also tried Logmein Hamachi 2 but I didn't know how to use it. – Frank – 2011-01-28T14:34:32.173

@Frank I think you need to edit your post and explain exactly where this network is. Is it in an office or at home? That way we will be able to explain the VPN process better. – mickburkejnr – 2011-01-28T14:49:45.533

@mickburkejnr It's a home network. :) – Frank – 2011-01-28T15:58:27.200

@Frank A VPN won't help you then. A VPN will help you connect securely to another network over the internet, but won't help you connect securely to the Internet. – mickburkejnr – 2011-01-28T17:00:06.390

@mickburkejnr Then what do you suggest? – Frank – 2011-01-28T19:21:02.907

I'm still waiting for your answer – Frank – 2011-01-30T13:38:25.320

As long as you're connecting through a secured WiFi and the WiFi Access Point is the Modem or is directly connected to it and you know that your roommate does not sniff at the WiFi AP, you're safe. – slhck – 2011-01-30T13:50:12.413

@Frank Sorry dude, been AFK for the weekend. Unless you have a separate WiFi network for yourself then theres nothing else you can do. – mickburkejnr – 2011-01-31T09:17:15.860