1

A user is accessing adult websites using a PC hotspot connection. Can the signal be intercepted to identify website / content instead of installing monitoring software on the PC?

packnheat
  • 11
  • 1
  • 3

2 Answers2

2

Most people use their personal hotspot because there is no way for their employer to see their traffic. I'm assuming that's the case here.

The hotspot becomes its own network, which means you have no legal or inexpensive way to break into it. "Stingray" is a device that is designed to do what you are looking for, but it is limited to law enforcement.

The only option here is to install something on the PC.

If you are the employer and not the employee (I assume it's actually the other way around) if you have endpoint protection software already installed, you might be able to prevent the use of hotspots, or simply pull the user's browsing history from the machine.

schroeder
  • 123,438
  • 55
  • 284
  • 319
  • Shamelessly plugging my answer http://security.stackexchange.com/q/143268/123514 here: I agree, since it'll be unknown what passphrase the user chose for their WiFi, or of they used a commercial WiFi hotspot network with wpa2 enterprise/802.1x, eavesdropping on that will be hard. However, you **can**passively intercept 3G or 4G, and it breaks down to your knowledge of keys and computational power wheter you can decipher stuff. A stingray is way more intrusive (and hence, detectable)! – Marcus Müller Jan 13 '17 at 09:49
  • I always use USB connections for my hotspots, so not even WiFi is a reliable vector for this scenario. – schroeder Jan 13 '17 at 09:53
  • I'd say that "hotspot" means "wireless hotspot", not USB tethering (since I presume the term originated from the idea that you'd have a "heatmap" of internet access) – Marcus Müller Jan 13 '17 at 10:37
1

If the hotspot belongs to you, and it's your PC,then the answer is - yes. Very easily. Just get a packet sniffer/capture tool (a quick search will throw up a few suggestions) and pass all traffic through it.

However, ensure that the user is aware that their traffic will be monitored. A lot of this could be illegal and actually violate wiretap regulations, otherwise.

If the hotspot doesn't belong to you/not hosted by you, then there's not much you can do without breaking any laws. If the AP is a router, just set up access logs - that should give you a good idea of what sites the user is visiting.

thel3l
  • 3,384
  • 11
  • 24
  • That's plain wrong. If using no encryption, or WEP, or WPA with a pre-shared key, then the network is trivial to easy to sniff on. See http://security.stackexchange.com/q/143268/123514 – Marcus Müller Jan 13 '17 at 09:43
  • The question whether it's unlawful to listen to anyone's WiFi signal is a question that can't be answered universally, and depends in local regulations. – Marcus Müller Jan 13 '17 at 09:45
  • @MarcusMüller "plain wrong" if certain conditions are met, then. Not "plain wrong" if those conditions are not met? And he does say "could be illegal", so I'm not sure such a strong response on illegalities is warranted. – schroeder Jan 13 '17 at 09:54
  • that's why I split the comment in two: It's "plain wrong" that there's not much you can do; the legal details might differ. I must admit I don't like the wording of my first comment now, given that thel3l did say "... without braking the law", and in my head, he meant "without modifying the router that's not yours, because that would be illegal pretty much anwhere"; he probably really meant "it's probably illegal to eavesdrop on a communication channel not meant for you". – Marcus Müller Jan 13 '17 at 10:35