In relation to packet sniffing, how secure are secure networks? [closed]

Question

Closed. This question is off-topic. It is not currently accepting answers.

---

Want to improve this question? Update the question so it's on-topic for Stack Overflow.

Closed 9 years ago.

Improve this question

I don't fully understand how packet sniffing works, but the gist I get from it is that if someone is logged on the same network as you, they can sniff packets for unhashed passwords and... well, that's really enough damage.

The solution, I've read, is to only go on networks that are secure when doing bank stuff, but my issue is that the only secure network I have is a school wide one (dorms). Imaginably, the school wouldn't set up a network so open to password theft, but the only thing I can think of stopping the bad guys is that we log in with our student ID. All they would need is someone else's ID and password and (if my understanding is correct) they could packet sniff pretty much everyone in the hall using the same router without being traced.

Are my fears justified, and if not why? And if so, also why?

Thank you

Answer 1

Speaking generally, you can't sniff transmissions between a client and a bank server since the communication uses public key encryption. That said, SSL is still vulnerable to man-in-the-middle attacks - beware of notices/alerts about unrecognized certificates.

Regarding privacy on non-HTTPS websites, it depends on how your network is set up. If it's a standard WPA2 setup then all of your unencrypted traffic is visible (easily) to anyone who is in transmission range of your computer and has the WiFi password. You can install HTTPS Everywhere from EFF (https://www.eff.org/https-everywhere‎) which helps secure your communications on many common websites - Facebook, Twitter, etc.