15

I have a roommate who is a network security engineer and I think he hacked our home network and now knows what sites I am visiting and what I am doing online. Although he is not stealing anything I think he must be playing with me. I read on the internet that if my router is a switch then it is not possible to snoop the home network, but my router is switch and I am not using a hub. How is it possible for him to know what websites I am seeing?. I have enabled the firewall, installed anti-virus, and secured the router login. Please let me know where to read and learn about it.

Scott Pack
  • 15,167
  • 5
  • 61
  • 91
oortcloud_domicile
  • 267
  • 1
  • 2
  • 5
  • 2
    As this stands, this is not a suitable question. Please read the FAQ entry and provide context. For example, you say you have secured the login- how? Cm you guarantee your roommate doesn't know your password? What is the network setup? A switch can act as a router, but there are other ways to get info. Do you have any evidence of anything? If you want to know about securing a router, the search function will help you find existing answers here. – Rory Alsop Mar 18 '11 at 22:00
  • It is possible that a more useful question to ask might be: what can you do to protect yourself from this kind of attack? – D.W. Mar 19 '11 at 03:59
  • 2
    Another perhaps more tractable question would be: *how can I find out if my roommate really is snooping on me?* Techniques like [honeypots](http://en.wikipedia.org/wiki/Honeypot_(computing)) might be useful. – nealmcb Mar 19 '11 at 14:51
  • 2
    This would be better asked at SuperUser, as this does not fit the scope of this site [it is not an IT Sec Professional question...] – Josh Brower Mar 21 '11 at 00:36
  • 3
    Switches switch to hub mode if they get overloaded with too many packets. – kuhkatz Mar 19 '11 at 00:53
  • Hi kuhkatz, this doesn't really address the question, which is (roughly) "where can I learn whether my network is safe from local snooping". Please consider editing your answer, to expand on and demonstrate your point and explain its relevance to the question asked by SixthString. –  Sep 28 '11 at 07:48
  • Blindfold your roommate. – vasin1987 Jun 07 '16 at 15:48

4 Answers4

41

He's your roommate, so he probably has physical access to your machines and/or your networking equipment. Given that he's also a security engineer, there are probably dozens of ways that he could learn what sites you are visiting, from eavesdropping on the network communications, spyware on your machine, logs on your computer or your router, or a gazillion other possibilities.

There's probably not much point in speculating about what methods he is using, if indeed he is doing anything at all. Securing yourself against a roommate who is a security expert and you don't trust is ... well, it's basically a nightmare scenario for computer security. Defending against that is possible in theory, but in practice, not really realistic for the average person, and probably a major pain in the butt. Even if you somehow knew that he was hacking your machine/network and knew exactly what he was doing, and even if you were able to close off that particular hole, there would still be any number of other ways he could go after you, if he really wanted to play games with you.

If you really want to protect yourself as best as possible against that kind of threat model, here's what you could do to start: wipe your computer's hard drive, install a clean copy of the OS, install TrueCrypt and encrypt the entire hard drive using a hard-to-guess passphrase, turn off autorun, make sure when you leave your computer unattended you've powered down or done something that will require you to re-enter your TrueCrypt password to regain access, install HTTPS Everywhere, buy a secure VPN (one that encrypts everything that goes over the network, e.g., with SSL or IPSEC) and route all your communications through the VPN, and change your passwords on all your websites. It'll be a serious pain in the butt, and only you can say whether it's really worth it. If your roommate is just fooling around? Probably not worth the bother.

Probably the best way to deal with this is through social means, not technical means. In other words, either grin and bear it, or persuade your roommate to quit jerking your chain, or find a new roommate.

nealmcb
  • 20,544
  • 6
  • 69
  • 116
D.W.
  • 98,420
  • 30
  • 267
  • 572
  • 1
    It all seemed overkill up to the last sentence, which is the real point here. +1 –  Sep 28 '11 at 07:50
  • and remember that **hardware** keylogger can be attached either to keyboard or USB post. I think protecting computer from physical access might solve need of encrypting disk. How? That's a question. Safe? Seal? I think that easiest will be external webcam monitoring or ... changing computer to small alternative you can always bring with you - like RaspberryPi or other ARM based very small computer. – Grzegorz Wierzowiecki Aug 22 '12 at 20:27
  • Don't forget, use an open source OS like Linux because Windows will make it easier for him. Also turn the firewall on and block all incoming requests by default. The term [roommate](https://en.wikipedia.org/wiki/Roommate) is also ambiguous and could mean that they sleep in the same room or it could mean different rooms in the same apartment/house. If you have separate rooms, then get a good lock for your bedroom door. Download some software and use your webcam as a motion detector system when you leave the room. If the system detects motion in your room it will send you an email alerting you. – NDF1 Oct 27 '14 at 07:46
  • @NDF1 such "webcam motion detector system" is so easy to bypass. Bring the network down and do what you want. No emails will go through. –  Oct 27 '14 at 14:22
  • @user42178 Not quite true... all he needs is an encrypted [WORM flash drive|https://en.wikipedia.org/wiki/Write_once_read_many] with the email saved to that flash drive. That way, there is no way the tech guy can erase it without ruining it (either way would let you know he's been snooping around your room). – Jack G May 17 '17 at 00:57
6

There are many ways to compromise such a network from the inside:

  • ARP spoofing will cause a switch to direct packets to the wrong place.
  • Flooding will put the switch into hub mode.
  • He could physically place his machine to capture traffic on the wire.
  • If he gains control of the router, he could change configuration information to possibly forward packets (custom firmware or fancier router)
  • Fake DHCP packets could make your computer think that his computer is the router address.

Of course, compromising your machine can't be fully ruled out either.

1234567
  • 123
  • 6
Jeff Ferland
  • 38,090
  • 9
  • 93
  • 171
3

Well I guess, he had already access following information I can tell, because you said he can tell what websites you visited so far:

  • Accessing your router admin page, from router admin page he can see all the web access log
  • Packets Sniffing on your wire-less connection
  • He may access your machine and put RAT or Keylogger on your machine

In order to prevent for accessing route admin page, please change your router admin's default password, don't setup your router with default password. And you don't want to setup wireless key as WPA/WPA2 networks which use pre-shared keys. PSK are easily crackable. If you prevent that, he can't able to access your wire-less connection.

And you can use VPN to secure your packets sniffing, you can buy VPN network online for it, it will cost about $40 for a year I guess. That will secure your data connection, he can't sniff your data even he is using same wireless connection at all unless he uses RAT on your machine.

And make sure you remove unwanted software and scan your OS with anti-virus program which is recently update virus definition if you don't want to reinstall newly fresh OS. Or newly fresh OS is recommended to install again on your machine if you can.

If you do above steps, I hope it can help you a lot and you can have peaceful life, harassment free from your roommate :)

Scott Pack
  • 15,167
  • 5
  • 61
  • 91
Winthan Aung
  • 31
  • 1
-1

As a network/secuirty engineer i would suggest he is not. Mainly for the fact that the implications of a secuirty specialist compromising someone without the express persmission would be foolish considering that an aspect of truth and respect is expected when being a security specialist. Foolsih even more so if he is you roomate, also the knowlege of what this person hopes to achive would not be worth the risk or profit. You as a user do have data integrity rights, computer misuese actcs etc etc and to be a network security engineer he would almost sertainly know this so i suspect a straight up question would serfice and if he is then tell him to stop it. If not then procced legaly.

iefrungi
  • 1
  • if your premise was true, people would never commit crimes as the consequences can be severe. And yet every day people are sent to prison for years. – user1666620 Jul 26 '16 at 10:30