# Prevent people from monitoring wireless activity



## ladyv (Jun 8, 2009)

I used a friend's wireless network (he gave me the network password), and my friend was able to view an email that I'd written while using the network. I know very little about wireless networks and computers generally. I have two questions:

1) How was my friend able to see the email I'd written? My friend does not know the password to my computer and claimed that he saw the contents of the email by monitoring his network's activity; and

2) How can I prevent this in the future? I do not want anyone to be able to view the websites I visit or read my emails when I use a wireless network. 

Thank you!!!


----------



## steveb1234 (May 1, 2009)

I don't think that this is posible with an ordinary domestic router - ask your friend how he was able to do this.
computers connected to the internet via the same router shouldn't be able to see each others activity.
IF yor computer is part of a home network then you will only be able to view shared folders on the other computers.
Do you store sent emails in a shared folder?


----------



## ladyv (Jun 8, 2009)

I'm not part of a home network, and I don't think I store sent emails in a shared folder. I basically took my laptop over to his apartment and used his wireless to write an email from my personal gmail account. He said he was able to somehow go into his wireless settings and see my activity, including the contents of the email. He wouldn't tell me how he was able to do it.


----------



## ladyv (Jun 8, 2009)

He just said he used a special monitoring program. What can I install on my computer that prevents these programs from seeing what I do on someone's network?


----------



## johnwill (Sep 26, 2002)

Depending on his level of technical skill, it's quite possible. If you want privacy, you need your own ISP connection.


----------



## grue155 (May 29, 2008)

A wireless packet sniffer is one way to see the packets. Tough to do on a Windows machine, but easy for a *ix/BSD system (its a question of supported drivers).

Alternatively, an ICS-like host running a network monitor can also capture traffic.

The standard security method in either case is to always use an SSL connection for either web or email. Note that a very large majority of email providers do not use the STARTTLS connection option to force an SSL connection. It is usually possible to have your email application try to force a TLS/SSL connection, and if that fails then your email provider is not using a secure connection.


----------



## johnwill (Sep 26, 2002)

Since the other person has possession of the wireless hardware, he has possession of the wireless key. As mentioned, he can monitor any non-encrypted traffic pretty easily.


----------



## ladyv (Jun 8, 2009)

Thank you so much for the information! I looked up the browser settings in my gmail account and checked the box that says "always use https." Will this help? 

Also, how do I force it to use a TLS/SSL connection? I didn't see anything about that in the browser section....

Finally, how do I ensure that I have my own ISP when I'm using my laptop somewhere other than my home? I apologize for my obvious ignorance on this topic.


----------



## grue155 (May 29, 2008)

> I looked up the browser settings in my gmail account and checked the box that says "always use https." Will this help?


It should help. I'm not familiar with gmail account settings, but other web based email services vary widely in what they call "secure". In some cases, what happens with "always use https" means that your login password is encrypted, but your email is not. Watch your web browser secure-lock icons to find out.



> Also, how do I force it to use a TLS/SSL connection? I didn't see anything about that in the browser section....


I think maybe I'm talking different applications here. Web based email is one thing, but the email application itself is another. An email app like Thunderbird has settings for its connections to say "always use TLS/SSL", because those settings are part of the email protocols. Web browsers don't have anything comparable.



> Finally, how do I ensure that I have my own ISP when I'm using my laptop somewhere other than my home?


This is a different kind of problem to solve, as it means avoiding the man-in-the-middle attack. I don't know a web browser that can do this. In email applications, I only know of two that check and will complain loudly if the TLS/SSL fingerprint doesn't match what's expected. Those two email apps are Eudora (eudora.com), and Pegasus Mail (pmail.com). The Thunderbird email app may have something similar, but I haven't tripped over it yet.

In terms of secure email, aside from a local ISP, the only email provider I've found that does secure email right (as I consider it right) is gmx.com, which does provide free accounts. I'm sure there are others. I just don't know about them yet.


----------



## lorjack (Nov 15, 2007)

You can encrypt using SSH and proxy settings
http://lifehacker.com/software/ssh/...ng-session-with-an-ssh-socks-proxy-237227.php


----------

