Network Administration - The Wi-Fi network is not a safe environment. On the private network, users can activate the encryption security to prevent illegal users to connect and capture the traffic. However, depending on the security methods that use user data can still be stolen. And although the public network can use authentication methods on the web, most of these networks do not have a security encryption method literally. So, anyone in the coverage can be "tapped" hotspot traffic.

The paper will clarify how the Wi-Fi spy and propose some solutions to protect users when using Wi-Fi network as well as public privacy.
Wi-Fi Spy

To better understand how the Wi-Fi spy, we should learn about what can be done over Wi-Fi traffic capture. When an intruder captured packet traffic over Wi-Fi, he may know the password and the content of the website service or the victim is logged when not using SSL encryption technology, usually POP3/IMAP email and FTP connections. He can also block log (hjack) to sites like Facebook and Twitter or file transfers collected online privacy.

security

But fortunately, the Wi-Fi spy will not easily achieve your goals if service or Web site using SSL encryption technology, such as banking sites. But we can still take advantage of vulnerabilities on SSL. This is yet another waste ink other topics.
Protect data on public networks

Since most Wi-Fi hotspot does not use security encryption methods and does not provide any protection features should flow steal information it seems that anxiety is more interested in the public network. Clearly, there are many tools that the average user can easily use to steal information from others. Even more do not need a smartphone to steal passwords or block where your account.

The best solution to keep your network traffic is always safe to use Wi-Fi hotspot is to use VPN to connect to internal corporate network or server. Or use a host service is designed to protect in hotspots such as Wi-Fi Private or Hotspot Shield. When connecting to a VPN, all Internet traffic sent from a computer or device the user via an encrypted tunnel to secure the vendor's VPN network. Should flow completely safe from spies in Wi-Fi hotspot internal.

If you can not or prefer not to use a VPN, users should at least be sure that any services or Web site will use in the hotspot connection is secure with SSL encryption technology. When SSL is applied, web browsers will have an address is https instead of http and will display a pad lock and some other directives. With applications such as Outlook or Thunderbird mail, users need to make sure SSL is being used for POP3 or IMAP connections and SMTP server. However, many email providers do not support this encryption. You can find other solutions as Neomailbox, Hushmail or 4Secure-mail.

For access on public hotspot, you should always ensure that any website that you sign for sensitive information or any service you use (such as email and FTP) is protected by SSL. This will ensure that information between your computer and the site or service is always safe.
Protection of private data network

While information theft is a major concern on the Wi-Fi network is not reliable but it is somewhat disturbing on the private network. Such an enterprise network, can still threatened employees with malicious intent or intruders. The use of data encryption mode WPA2 PSK (also known as personal mode - Personal mode) for wireless and requires users to enter the private network connection password, it still allows a captured using internal flow of other users. Fortunately, WPA2 has a mode called enterprise mode (Enterprise or 802.1X or EAP mode) to block this user to read other users' traffic. This is because each user will be authenticated information such as username, password ... to connect the network instead of using a common password, such as personal mode. When a logging business mode, an encryption key automatically granted and changed periodically.

However, the WPA2 Enterprise mode requires an authentication server, often referred to as RADIUS (Remote Authentication Dial In User Service). But if you are using Windows Server, you can use programs IAS (Internet Authentication Service) in Windows Server 2003 R2 or earlier, or Network Policy Server (NPS) in Windows Server 2008 and the next version followed.

If the existing servers without the user's RADIUS functionality, it still has plenty of free or cheap server such as FreeRADIUS, TekRADIUS, ClearBox and Elektron. Some access points (such as HP ProCurve 530 or ZyXEL NWA 3500, NWA 3166 or NWA 3160-N) even embedded RADIUS server, great for small networks. And if you do not want to run its own server, there are many threads as AuthenticateMyWiFi service for users to choose.
Summary

Thus, Wi-Fi spy might be the real problem with public Wi-Fi network. The best way to protect yourself is to use a VPN connection or at least ensure that site or service you are using Active SSL encryption. And with personal network, you must always focus on internal security and ensure that users can not start the flow of other users.

The other news

• Email alerts containing malicious code that pretend the Ministry of Public Security demands ransom of up to $ 1,000
• What is the virus 'destruction' of the Wanna Cry?
• Ways to prevent and protect your computer from the free Wanna Cry virus
• How to patch Windows flaws to prevent WannaCry ransomware
• The risk of WannaCry virus spread in Vietnam