 |
|
You are not logged in! F.A.Q Log in Register |
 |
|
 |
 Now online (1)recycle ...and 471 guests Last 5 registered Oplandisks nothingstar N_loop yipe foxtrotromeo Browse members... |
 |
Members 8025Messages 2614093 Today 6 Topics 127542 |
|
|||||||||
| |||||||||
|
|
How can i tell when someone's put a sniffer on my traffic? Are there any hacker sites anyone could sugest where i can read more about the mechanics of a sniffer? |
||||||||
|
|
|||||||||
| |||||||||
|
|
::sniffs his crotch:: I'm sorry, but someone has to do it |
||||||||
|
|
|||||||||
| |||||||||
|
|
, do a search on sniffing. |
||||||||
|
|
|||||||||
| |||||||||
|
|
http://www.etherdetect.com/demo.htm Cool demo |
||||||||
|
|
|||||||||
| |||||||||
|
|
that might come in handy some day |
||||||||
|
|
|||||||||
| |||||||||
|
|
great movie, if indeed the subject line is a play on a movie quote... or maybe i'm just stupid. |
||||||||
|
|
|||||||||
| |||||||||
|
|
ravenous? yeah, i had to make it catchy 'cuz most of my other "technical" topics go dwn the drain with hardly any answers, and with me rambling on, and on for the bump. |
||||||||
|
|
|||||||||
| |||||||||
|
|
real sniffers are completely passive. meaning there's no way in the fucking world you can tell if you're being sniffed or not. |
||||||||
|
|
|||||||||
| |||||||||
|
|
WTF ARE YOU FUCKING SERIOS dood no one can just SNIFF YER TRAFFIC if so they have to have ACCESS TO THE ROOT VLAN UPLINK TO THE ROUTER. this means they will only see your broadcasts (unless on a hub-type segment) or they have at the vLAN uplink to the router MIRRORED (span port) and they are sniffing that port THIS MEANS THAT THEY WOULD HAVE TO HAVE DIRECT PHYSICAL ACCESS TO THE ISP' SWITCHE AND ROUTERS I DONT THINK SO BUDDY. STOP FREAKING OUT EJEEZOUS |
||||||||
|
|
|||||||||
| |||||||||
|
|
and if they are not on the same segment as you, then of COURSE ....... htis isn't going to happen. CHILL |
||||||||
|
|
|||||||||
| |||||||||
|
|
Pantysniffer? Rad! |
||||||||
|
|
|||||||||
| |||||||||
|
|
actually, these people can very well do this. |
||||||||
|
|
|||||||||
| |||||||||
|
|
it is much more difficult than you may think ;) |
||||||||
|
|
|||||||||
| |||||||||
|
|
not when i live in a military installation where they've told us that they can do this. (maybe a scare tactic, but the comany that's contracted to give the base its internet service kicks us off after 24 hrs us use [yes, dls line]. It's a security issue) Since they can do this, i'm sure that the investagators can sniff me. They've told me personally (since i work on the bases's military networks), that they can sniff anyoen on base if need be. |
||||||||
|
|
|||||||||
| |||||||||
|
|
elusive: whu, vlan uplink traffic mirrored? dood, hack teh gibson! damn blakhat hakers, wtf11?!?? nano: given whoever said that has access to any network segments between you and your destination (routers, network cabling, etc), they can certainly sniff you. of course, if the data from you->destination is encrypted, it's not going to be terribly useful ;-) |
||||||||
|
|
|||||||||
| |||||||||
|
|
Maybe its time to change your deoderant if they can still sniff you! ;) |
||||||||
|
|
|||||||||
| |||||||||
|
|
any sugestions on propper encryption proggs? |
||||||||
|
|
|||||||||
| |||||||||
|
|
remote end needs to understand the encryption too, so unfortunately it's not as easy as just downloading some program that'll do it all for you. typically, you look at encrypting the services you use, and make sure the remote end you're talking to supports the encryption. use the web? use https:// (ssl) sites with important stuff; you should be doing this already without even knowing it (credit cards, etc). email? make sure you're using secure pop3 (ssl) or ssl-imap instead of normal pop3/imap, which sends passwords/emails over in plain text. of course, your email server needs to support it. instead of using ftp, use an alternative such as sftp (secure ftp, ssh-style). instead of using telnet, use ssh. list goes on; the remote end needs to talk the same encryption as you're sending to it, though. |
||||||||
|
|
|||||||||
| |||||||||
|
|
... or start using deoderant lolzroflwtf11!! |
||||||||
|
|
|||||||||
| |||||||||
|
|
Hahahah |
||||||||
|
|
|||||||||
| |||||||||
|
|
ssh, huh? never heard of dat one. What about sftp? Do ftp servers need to be configured to suport sftp? is is that a protocol that most tend to do as it is? |
||||||||
|
|
|||||||||
| |||||||||
|
|
Could you explain what is "smelt" :P via sniffing? I'd greatly like to read up on the mechanics. |
||||||||
|
|
|||||||||
| |||||||||
|
|
Yeah, most ftp servers won't support sftp, usually you need to reimplement the server side of things. If you've never heard of ssh, then you probably don't need to know about it :-) It all depends on how paranoid you are; you probably don't need to encrypt *everything*. Smelt? No idea. |
||||||||
|
|
|||||||||
| |||||||||
|
|
nanotech, you say "actually, these people can very well do this. " well you neglectced earlire in your post to say that YOU ARE ON A MILITARY BASE, where all traffic SHOULD have an eye kept on it (sorry, but true..) and also that it's on the same segment. it's not goign to be hard, there are PLENTY of great packet decoders out there these days, |
||||||||
|
|
|||||||||
| |||||||||
|
|
actually, you'd be better off asking Jedi Chris about 'smelt' :P |
||||||||
|
|
|||||||||
| |||||||||
|
|
and yes XF, if it's a switchd network you will not be able to "sniff" the traffic - you will only see broadcasts and all uni-traffic must be captured from the router uplink. it is the only other point will traffic will go through. there are "other" ways, but they require some expensive equiment (cough, in my lab, cough). |
||||||||
|
|
|||||||||
| |||||||||
|
|
arp spoofing, etc? yeah, it's not as easy as some think, but that said, it's not impossible either, especially given if you're on the same network segment (switch or not, although hubs make things stupidly easy). |
||||||||
|
|
|||||||||
| |||||||||
|
|
arp spoofing will confuse the switch/router/hub. Switches (unless in a sort of SPAN mode) will not actively forward frames to 2 ports with the same MAC address unless specifically configured (like a multi-trunk/multiple access server). The MAC table will continously be updated (MAC aging timers will be relenquished) and frames will get forwarded to each port, depending on the update of the FDB of the switch, i dunno, there's ways, but they are unlikely. |
||||||||
|
|
|||||||||
|
Messageboard index
|
|||||||||
