timjet
Guru
- Joined
- Apr 9, 2009
- Messages
- 1,920
You folks that have devices that can receive free WiFi signals from several miles away, I have a question. Aren't most free WiFi password protected? And if so what good is this type of equipment.
WiFi
- Thread starter timjet
- Start date
The friendliest place on the web for anyone who enjoys boating.
If you have answers, please help by responding to the unanswered posts.
If you have answers, please help by responding to the unanswered posts.
kthoennes
Guru
- Joined
- Oct 11, 2013
- Messages
- 2,473
- Location
- USA
- Vessel Name
- Xanadu
- Vessel Make
- Mainship 37 Motor Yacht
Lots of signals are password protected sure, but you just have to find one that's open. Heck, even our marina signal that comes with our slip, there's one access point hundreds of feet away in a 400 boat marina, so equipment with a long range is helpful even for signals you're specifically authorized to use, not only when you're "borrowing" an open signal.
jleonard
Guru
- Joined
- Jun 25, 2008
- Messages
- 5,063
Lots of wifi is open. I use "the wirie ap". It is self contained, has a router, and the only wires needed are 12 v power.
In my marina the wifi is free, and with using the wirie its a stronger signal and faster.
In my marina the wifi is free, and with using the wirie its a stronger signal and faster.
Billylll
Guru
- Joined
- Mar 12, 2011
- Messages
- 938
- Location
- USA
- Vessel Name
- WIRELESS ONE
- Vessel Make
- 36 Gulstar MarkII
The Wirie is okay, I prefer the Wave WiFi products. I have been using the ROGUE and then the EC/HP unit for years. Every year I find more AP's that are open for the public's use. New products are being released by many of the re-packagers that will be N compliant. I prefer the Wave WiFi GUI (graphic user interface) over the others.
If you are in a Comcast, Cox Cable or Cable Vision area chances are you will find many of their hot spots available for your use. Tim, I noticed in another thread you talked about an inside TV antenna an inside WiFi booster will be of little help it needs to be mounted outside of the boat to work properly.
If you are okay with programming you can build your own system using Ubiquiti products. Since the N standard is now ready for prime time look at a Ubiquiti Rocket M2 and the Airmax Omni mating antenna to use as your bridge unit and a small low powered AP/ Router like the Linksys.
Bill
If you are in a Comcast, Cox Cable or Cable Vision area chances are you will find many of their hot spots available for your use. Tim, I noticed in another thread you talked about an inside TV antenna an inside WiFi booster will be of little help it needs to be mounted outside of the boat to work properly.
If you are okay with programming you can build your own system using Ubiquiti products. Since the N standard is now ready for prime time look at a Ubiquiti Rocket M2 and the Airmax Omni mating antenna to use as your bridge unit and a small low powered AP/ Router like the Linksys.
Bill
twistedtree
Guru
And even where a password is required, you can still enter a password to gain access, assuming you have said password. This is required in lots of marinas, even where there is no charge for access.
twistedtree
Guru
Right. And the beauty of a wifi extender is that once you are logged on, everything on the boat works through that single logon. No need to login each device.
Billylll
Guru
- Joined
- Mar 12, 2011
- Messages
- 938
- Location
- USA
- Vessel Name
- WIRELESS ONE
- Vessel Make
- 36 Gulstar MarkII
That's because the bridge unit submits it's MAC address for authentication and everything behind most router/ AP's inside the boat are behind a firewall or invisible to the Hot Spot your connected to.
The only negative with using WiFi is it's not really a mobile platform, meaning if you are moving AP's generally don't hand off like cellular routers. I use both a CradlePoint on VZW LTE when moving and the Wave unit when we are anchored or at a marina where we can grab a good WiFi signal.
Bill
gts1544
Veteran Member
Folks, Admittedly I have limited experience in this area, but I have been using a simple USB powered Alpha Networks Wi Fi range extender for years that is totally portable (stays with my laptop) and works extremely well on my boat, even in the BVI's. Amazon.com: alpha networks 802.11b g long range wireless usb adapter model awus036h George
OP
OP
timjet
Guru
- Joined
- Apr 9, 2009
- Messages
- 1,920
Ok, thanks for all the good info. I guess my experience is not typical in that most free WiFi access points I've come across still need a password.
My marina WiFi is free to tenants and requires a password, but unless you access it between 2400 and 0600 it's pretty much worthless. The antenna is 2 slips away. For that reason and others I've got a verizon MiFi unit that works great. A little pricy but it's secure and dependable.
Just wondering, for you folks that use public WiFi do you conduct computer banking on public WiFi?
My marina WiFi is free to tenants and requires a password, but unless you access it between 2400 and 0600 it's pretty much worthless. The antenna is 2 slips away. For that reason and others I've got a verizon MiFi unit that works great. A little pricy but it's secure and dependable.
Just wondering, for you folks that use public WiFi do you conduct computer banking on public WiFi?
Where's the art if hacking any longer? WEP passwords take about 2 minutes to crack. WPA takes a few days. WEP doesn't protect encryption between devices on the same router very well. WPA is pretty good at that.
Never, ever just connect to an open WiFi router without using a VPN. WPA is pretty good without a VPN. WEP isn't. There are plenty of guys like me and 14 year olds in the condos overlooking the marina who can see much of what is being transmitted outside https websites to and from your laptops, phones, and tablets. A VPN is the only real defense.
If none of those acronyms mean anything to you, you need to read our previous VPN articles starting in 2010 - search for Firesheep on our website and the 4-5 articles surrounding that. To use Google for a site only search, enter a search like this in Google:
firesheep site:ActiveCaptain.com
Never, ever just connect to an open WiFi router without using a VPN. WPA is pretty good without a VPN. WEP isn't. There are plenty of guys like me and 14 year olds in the condos overlooking the marina who can see much of what is being transmitted outside https websites to and from your laptops, phones, and tablets. A VPN is the only real defense.
If none of those acronyms mean anything to you, you need to read our previous VPN articles starting in 2010 - search for Firesheep on our website and the 4-5 articles surrounding that. To use Google for a site only search, enter a search like this in Google:
firesheep site:ActiveCaptain.com
kthoennes
Guru
- Joined
- Oct 11, 2013
- Messages
- 2,473
- Location
- USA
- Vessel Name
- Xanadu
- Vessel Make
- Mainship 37 Motor Yacht
Oh brother. I'm sure you're right, all kinds of vulnerabilities out there, but who has time to hassle with all that complexity when all I want to do is surf boat sites and CNN and send emails to grandma. Life is too short.
Yeah, you're right. In your boat, perhaps thousands of miles away from home...what could possibly go wrong if someone was able to get to your email, bank accounts, and everything else personal you do online...
twistedtree
Guru
I think most POP and IMAP servers can run via SSL. Mine does, so email can't be snooped. And all web banking and ecommerce is via https, so that can't be snooped either. That just leaves all my browsing on TF and other sites. If someone wants to watch, feel free.
What else is there? I don't claim to be an expert on this, but know more it than the average user.
What else is there? I don't claim to be an expert on this, but know more it than the average user.
Wxx3
Dauntless Award
- Joined
- Jan 10, 2013
- Messages
- 2,820
- Location
- USA
- Vessel Name
- Dauntless
- Vessel Make
- Kadey Krogen 42 - 148
Admittedly, I know little about wifi, but I don't think the above is correct.
I'm paying the money for my verizon data simply because at least in NYC, it is clear that anyone can read pretty much anything over wifi unless you have a vpn setup.
This is discussed all the time on our business channels.
rochepoint
Guru
- Joined
- Apr 4, 2009
- Messages
- 1,747
- Location
- Sidney BC, Canada
- Vessel Name
- Roche Point
- Vessel Make
- 1985 Cheer Men PT38 Sedan
We have a Wirie AP and love it! Great having the boat with it's own wifi, everything can talk to each other. Always someone with an open wifi around within the units range. Best password I have seen (hacked) was a marine service with a password protected wifi called "Guest network", one try and I was in!
The password was "guest"..............
The password was "guest"..............
It is so incredibly simple to get into much of what you think is secure. POP is rarely SSL based. IMAP is quite secure but no one would try to break through that wall when there are so many easier ones.
Panbo challenged me with something similar a few years ago. So that evening I used free software to dump some basic network packets. It showed an open POP password within 30 seconds of use. The screen shot is still at:
http://www.panbo.com/assets_c/2010/11/sniffig_courtesy_Jeff_Siegle-3090.html
And Billylll - how would you possibly know how much information was stolen from the marina hotspots that you "run" - which marinas are they (I'd love to check my notes if I've been to one). I'm working with literally hundreds of marinas right now with WiFi. Most are the most unsecure setups I've ever seen. Most of the marina WiFi setups I've seen are created by people who know just enough to be dangerous.
You either need to use cellular or you need to use a VPN. Anything else is just asking to have your identity stolen.
Panbo challenged me with something similar a few years ago. So that evening I used free software to dump some basic network packets. It showed an open POP password within 30 seconds of use. The screen shot is still at:
http://www.panbo.com/assets_c/2010/11/sniffig_courtesy_Jeff_Siegle-3090.html
And Billylll - how would you possibly know how much information was stolen from the marina hotspots that you "run" - which marinas are they (I'd love to check my notes if I've been to one). I'm working with literally hundreds of marinas right now with WiFi. Most are the most unsecure setups I've ever seen. Most of the marina WiFi setups I've seen are created by people who know just enough to be dangerous.
You either need to use cellular or you need to use a VPN. Anything else is just asking to have your identity stolen.
twistedtree
Guru
There are two "level" where the data stream is generally encrypted.
One is the wifi radio connection, and Jeff is correct that only WPA and WPA2 encrypt the whole data stream. WEP just does and access check to let you on or not, but once you are on all data is clear and unencrypted. And of course an open wifi data stream is just that.
But even if someone can listen in on the wifi radio data stream between your computer and the wifi base station, they need to be able to understand that data stream. That brings us to the next level of encryption, which is between your application and the server it is talking to.
Anytime your browser is connected to https://something or other, the entire data stream between your browser and the web server it is talking to is encrypted. Listen all you want, it will just be jibberish. Every bank and ecommerce site uses https at least for checkout, if not for the whole session. So I think that makes those browser sessions secure no mater who is listening in. No WPA wifi required. No VPN required. If you do use a WPA wifi or VPN, you are double encrypting the data stream, once by the browser, and once again to talk over the wifi or VPN channel. By once is enough.
Other applications can do the same. When you set up your email you typically connect to a POP or IMAP server. You can check a box to say you want that communications to be via SSL (Secure Socket Layer) which is the same encryption mechanism used my HPPTS. Buy the way, the "S" in HTTPS stands for HTTP over SSL. Once you have done that, all your email traffic is encrypted end to end over the internet.
healhustler
Guru
- Joined
- Oct 2, 2009
- Messages
- 5,198
- Location
- USA
- Vessel Name
- Bucky
- Vessel Make
- Krogen Manatee 36 North Sea
Can I buy a vowel?
Great Laker
Senior Member
- Joined
- Apr 15, 2008
- Messages
- 13,731
- Location
- California Delta
- Vessel Name
- FlyWright
- Vessel Make
- 1977 Marshall Californian 34 LRC
If I use my Rogue Wifi to pull in an unsecured wifi signal and run that through my onboard WPA-encrypted Cradlepoint wifi router to access the wifi, are my up/downloads vulnerable or am I protected by my router's encryption?
Jbear
Senior Member
Just a question, where are you "vpn'ing" to? Doesn't there have to be another end to your VPN? So are you VPN to your ISP? Or to your home network? How do you set that up?
I setup systems for hotels. Many of the guests use VPN back to their companies. The government workers can only connect by hardwire, no wireless. The true guest gateways do layer 2 isolation so that no two devices can see each other, period. If the wifi is setup correctly it also blocks intra bss which means two devices on the wireless can't see each other.
Everything CAN be hacked. It's just that there are so many easier ways to get data that a typical hacker for identity theft is going to go to a store website or something. The biggest problem we have is someone checking in and sending SPAM out or downloading illegal movies.
Hilton, IHG (Holiday Inn), Choice, Marriott, all have the same basic standards. It would seem odd that a marina wifi system wouldn't do the same. I speak daily with Anthony who manages the network for Cap Sante marina in Anacortes and they use a fairly high end system with Radius authentication server against a Mikrotik router. The wireless array was over 300K alone.
Too much techno tonight, gonna drink some wine now.
I setup systems for hotels. Many of the guests use VPN back to their companies. The government workers can only connect by hardwire, no wireless. The true guest gateways do layer 2 isolation so that no two devices can see each other, period. If the wifi is setup correctly it also blocks intra bss which means two devices on the wireless can't see each other.
Everything CAN be hacked. It's just that there are so many easier ways to get data that a typical hacker for identity theft is going to go to a store website or something. The biggest problem we have is someone checking in and sending SPAM out or downloading illegal movies.
Hilton, IHG (Holiday Inn), Choice, Marriott, all have the same basic standards. It would seem odd that a marina wifi system wouldn't do the same. I speak daily with Anthony who manages the network for Cap Sante marina in Anacortes and they use a fairly high end system with Radius authentication server against a Mikrotik router. The wireless array was over 300K alone.
Too much techno tonight, gonna drink some wine now.
OP
OP
timjet
Guru
- Joined
- Apr 9, 2009
- Messages
- 1,920
Can I surf worry free and secure on my Verizon MiFi unit?
twistedtree
Guru
Billylll
Guru
- Joined
- Mar 12, 2011
- Messages
- 938
- Location
- USA
- Vessel Name
- WIRELESS ONE
- Vessel Make
- 36 Gulstar MarkII
Simple I work with Comcast security you don't think we would be asked for MAC and IP's if people using our systems where hacked, really? Not a single LEO request for records, it's Jeff right? I remember your fear mongering on Panbo well...
Bill
twistedtree
Guru
Good question. The answer is No, you are not protected. WPA encryption scrambles data over wireless connections to that wifi base station only, so in your case the data is encrypted from your laptop to your cradlepoint, but it then clear and unscrambled from your rogue wifi back to the land wifi station.
It's like nesting Russian dolls. WPA is like encrypting one of the outer dolls. HTTPS or email over SSL is like encrypting once of the inner dolls; even if the outer dolls are readable, the inner one still is not.
Similar threads
