1

This question is similar to this but for my network admin.

For example, when I enter this URL: https://www.google.com/search?q=example or ... I can see the word example that I was searching on Google.

Can my network admin see this URL and see what I searched? Can he see the decrypted traffic even if the web site uses SSL?

Ptx ViewCare
  • 27
  • 1
  • 1
  • 4
  • @Philipp He said (network admin) not ISP, he is talking about a LAN – Ulkoma Dec 03 '15 at 11:17
  • @Ulkoma it's still exactly the same situation. There is no technical difference between a LAN in a company and a WAN of an internet service provider which matters in this situation. – Philipp Dec 03 '15 at 12:22
  • @Ptx ViewCare Even if website is using SSL, the traffic can be decrypted in case of "Man in The Middle Attack"(MiTM). See http://security.stackexchange.com/questions/65794/it-is-possible-to-decrypt-https-traffic-when-a-man-in-the-middle-proxy-is-alread – roguesecurity Dec 07 '15 at 04:57

3 Answers3

3

Whether he can see the traffic depends on the encryption. If you visit webpages delivered by http, he is able to monitor everything. If you use https, the traffic is encrypted. In a company it's still possible to decrypt the traffic if the admin installed a fake CA whose private key he owns. There are various tools that implement such a proxy functionality like Squid or MITMproxy if you just want to try it on your own. You can detect this by comparing the OS/Browser CA list with the one delivered by the OS/Browser vendor.

Even if you use https and the admin isn't able to decrypt the traffic, he is still able to find out which domains you connected to because you are using the company owned DNS server.

You can use TOR to hide both but there are some downsides. The usage of TOR can be detected by the network administrator and this makes you or at least your PC suspicious because TOR is often used by malware.

You can use a VPN which is also detectable but not as suspicious as using TOR.

The best solution for your problem might be using your personal PC/Laptop at home.

Fire Quacker
  • 2,432
  • 1
  • 19
  • 29
davidb
  • 4,285
  • 3
  • 19
  • 31
-1

Can my network admin see this URL and see what I searched?

neither yes nor no. He can't see the URL, but he can see the IP, which is easy to resolve for him (just enter the url into a browser..!).

Can he see the decrypted traffic even if the web site uses SSL?

99.999% NO. everything between you and the URL is encrypted via TSL. He can't get any informations other than the ip address you visited - as soon as your handshake with google is done, everything else is encrypted.

TLS is indeed not totally bulletproof, but mostly. for more information on potential vulnerabilities of 'https': https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security

Gewure
  • 324
  • 1
  • 11
-4

Yes he can. Always use a personal system for more security.

The best way for anonymous activity:

  1. Use Tor (setup custom bridges)

Or

  1. For Paranoid Security: Buy a Windows Server and connect to a VPN and remote into the server. Start browsing from this machine. You can download files to this server and then download onto the machine you choose.

Or

  1. Buy access to a VPN and ensure all traffic goes through it.
schroeder
  • 123,438
  • 55
  • 284
  • 319