how secure is Wireguard?

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
Author Message
Cold-Lemonade
DD-WRT Novice


Joined: 27 Mar 2021
Posts: 35

PostPosted: Thu Nov 17, 2022 3:38    Post subject: how secure is Wireguard? Reply with quote
How secure is Wireguard? Here is the context.

My father was using his iPhone and got dupped into clicking on a phishing message and now his iPhone has been hacked. He was connected by wifi to his home router, a Netgear r7000p running manufacturer's firmware.

At the time this happened, I was on my laptop connected to his router and via Wireguard to the ddwrt router at my house. After the hack (but before my father alerted us to the fact that his iPhone was now acting weird), I turned on and off my Wireguard connection.

Assuming a hacker was on the LAN (i.e., my father's router via his iPhone), could the hacker have seen my Wireguard keys as I was trying to establish a connection?
Sponsor
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12837
Location: Netherlands

PostPosted: Thu Nov 17, 2022 7:01    Post subject: Reply with quote
Short answer no this is a standard public/private key setup and after that you have session keys which are refreshed every few minutes.

But if they could have access to the router they could have seen the keys on the router and those should be altered. If not you are safe

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Cold-Lemonade
DD-WRT Novice


Joined: 27 Mar 2021
Posts: 35

PostPosted: Thu Nov 17, 2022 12:05    Post subject: Reply with quote
Thank you @egc .

I don't think the hacker would have access to my ddwrt router which runs Wireguard server. So that hacker would be in a position to see the Wireguard keys stored on the server. That router is on a physically separate network than the one my father was using when his iPhone became compromised.

I'm assuming the hacker could see the traffic on the network my father's iPhone was connected to. My laptop was connected to this network. So the hacker could see my laptop's attempts to establish a Wireguard tunnel to my ddwrt router on the other network. Based on your reply, I think there is no reason to think the hacker could get any info about my Wireguard from the local network traffic.

This leads me to believe I am safe because I don't have any reason to think that my laptop was hacked. Just my father's iPhone which has never connected to my laptop.

Please let me know if you agree. Many thanks.
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12837
Location: Netherlands

PostPosted: Thu Nov 17, 2022 12:09    Post subject: Reply with quote
No worries, you should be good Smile
_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum