Networking – Can attackers harvest WiFi passwords by spoofing ESSID

Securitywireless-networking

I've recently started using wireless on an (Arch) laptop.
My wireless manager (wicd) is set up to automatically associate with any networks with a certain ESSID and attempt to authenticate with them.

Is that a security risk? In particular, could an attacker set up a network with the same ESSID as the one I connect to, then wait for my wireless manager to try to connect, and receive my authentication details?

edit: The network I am connecting to uses WPA Enterprise authentication which requires an identity and password, not an encryption key.

Best Answer

Pre-shared-keys are never transmitted during the establishment of a wifi session - in other words the client never says "This is the key I have, can I come in?".

Simplifying what happens somewhat in a crappy WEP session, it goes like this:

The client says "I'd like to authenticate"
The access point says "Ok, use your key to encrypt this data", sending some random data
The client encrypts the data with the key and sends it back
The access point checks the encrypted data matches its own version of the data if it encrypts with the key, and lets them in if it matches.

A rogue access point is a security concern, but not one that will make harvesting keys any easier than simply watching the above interaction. The real concern is that people will connect to a rogue access point and transmit sensitive data over it thinking it is an authorised AP.

Best Answer

Related Solutions

Windows Networking – How to Launch a Command on Network Connection/Disconnection

Setting an event for when you connect to the network:

Setting an event for when you disconnect from the network:

Networking – What are the best wireless security settings for the router

Related Question