0

I read here, but that wasn't related.

If userA is connected to router and userB is connected to the same router, then how can userB sniff communications between userA and the router?

I've see a few videos where it says userB can sniff userA's traffic without ever explaining how that's possible.

Isn't it like two parallel bridges with no overlap? Hence sniffing shouldn't be possible.

schroeder
  • 123,438
  • 55
  • 284
  • 319
Honey
  • 103
  • 7
  • didnt i answer you here already?https://security.stackexchange.com/questions/214555/why-not-just-have-the-password-mentioned-in-the-ssid-so-public-networks-would-be – yeah_well Aug 02 '19 at 15:37
  • This is about how is about how can userB sniff userA's traffic. Where did you answer that? You just said he can MITM him. My question is how? I suppose there is something wrong with my analogy to the bridges, but I don't know what it is exactly – Honey Aug 02 '19 at 15:40
  • Helping us to break security without showing knowledge is off-Topic here.But this kind of basic and a google search should show you how. – yeah_well Aug 02 '19 at 15:45
  • I'm not asking for help to break security. I'm an iOS developer trying to understand some things. I've looked online e.g. [here](https://www.youtube.com/watch?v=4YbXXW3DLQM) and they all say it's open to phishing. They don't explain why. My question is why can userA's connection be exposed to userB? – Honey Aug 02 '19 at 15:51
  • "Isn't it like two parallel bridges with no overlap?" -- No. In modern hardware there might be a [network switch](https://en.wikipedia.org/wiki/Network_switch) attached to the router, that would make eavesdropping harder, but the router itself couldn't care less. It's more like two people in the same room shouting into the same speakerphone and promising not to listen to each other's conversations. – Ghedipunk Aug 02 '19 at 16:06
  • 1) "more like two people in the same room shouting " <-- That implies that the connection is more like a broadcast that a p2p. Like I'm going to send this out — and anyone can listen. Is that the case? 2) and when it's password protected it's more like each individual in its own separate room? But how come your connection isn't open to others connecting then? Aren't you again in the same network. Don't you all have the same password? @Ghedipunk – Honey Aug 02 '19 at 16:23
  • For wifi with WPA2? Nope, same room still. It's more like, once you connect to a password protected router, you start speaking a different language... Everyone else who knows that language can still listen in on you, and if they don't know it, they can record in and translate later. – Ghedipunk Aug 02 '19 at 16:29
  • @Ghedipunk so still in a password protected network everything is sniffable —but also gibberish to the sniffer? – Honey Aug 02 '19 at 16:30
  • Gibberish until you get that password as well... which means that once Alice and Bob connect to that access point and router, as in the scenario in your question, both can eavesdrop on each other without doing anything special at all. And Eve who doesn't have the password yet can still record the whole conversation and translate it at their leisure. – Ghedipunk Aug 02 '19 at 16:34
  • @Ghedipunk In your last comment, I didn't get the full setup. Is the setup Alice and Bob both connected to a password protected network and Eve is not even connected to the network? – Honey Aug 02 '19 at 16:38
  • Correct. Eve doesn't even have to start transmitting, she can just have her wifi antenna passively collect everything, so nobody would be able to tell that she's there, even if they were using bad-spy-movie tracking devices. – Ghedipunk Aug 02 '19 at 16:41
  • @Ghedipunk oh I never knew that, I thought you at least have to be within the network but I guess that makes sense, because everyone is broardcasting and everyone can pick that up (gibberish or not) – Honey Aug 02 '19 at 16:42
  • so Alice and Bob who are both connected can sniff each others HTTP connections but not each others HTTPS connections? @Ghedipunk – Honey Aug 02 '19 at 16:43
  • The relevant search term to use is "wifi sniffing". There are numerous questions with answers here about this topic. – schroeder Aug 03 '19 at 14:19

0 Answers0