Highest Voted 'sniffing' Questions - IT Security Stack Exchange

0

votes

2 answers

Legality of sniffing own traffic between mobile app and server

Recently I found a bug on a mobile app which claims to protect their users' privacy, however after connecting my phone with burp and installing a certificate I noticed that this app was sending a users' full first and last name + some other…

legal reverse-engineering sniffing

asked Jul 07 '17 at 09:44

Paradoxis

892
7
15

0

votes

1 answer

Site-to-SIte OpenVPN with shared key

I have two physical sites each with edge router/firewall running pfSense they are directly connected through a WAN link. I've deployed site-to-site OpenVPN using pre-shared key to create tunnel on top of this WAN. I'm using this connection only to…

encryption openvpn sniffing key

asked Jun 12 '17 at 10:31

nethero

482
2
6

0

votes

1 answer

Why does Ettercap scan the wrong hosts?

Details: I'm running three virtual machines on VMware Workstation: Virtual Machine 1: Windows 7. Using static ip: 10.1.1.1 Virtual Machine 2: Windows server 2008. Using static ip 10.1.1.2 Virtual Machine 3: Kali Linux. Using static ip…

sniffing vmware

asked May 31 '17 at 20:14

Leftover

23
2
6

0

votes

0 answers

How feasible would it be to sniff traffic between an Authentication Server and a RADIUS server in a corporate setting?

For WPA enterprise in the corporate world, is the RADIUS server connected to the Authenticator/Access Point wirelessly or 'wiredly' for most situations? If they are connected wirelessly, does this mean that it becomes somewhat trivial to sniff the…

wireless sniffing radius wpa-enterprise

asked May 08 '17 at 14:55

Lew Wei Hao

429
5
13

0

votes

1 answer

Sniffing the whole traffic within a network range

How is it possible to sniff the whole traffic within a network range even if it's beyond your subnet scope? For instance, consider your machine having the IP address of 172.16.96.25, but you need to sniff the whole traffic between 172.16.96.1 -…

linux macos wireshark sniffer sniffing

asked Apr 28 '17 at 05:51

Parsa Samet

246
2
10

0

votes

3 answers

Best options for SSL inspection while maintaining Perfect Forward Secrecy

We are looking to monitor inbound HTTPS connections for performance issues as well as errors. HTTP requests we are able to gather this information just fine, but we don't have a way to do this while maintaining PFS via HTTPS. Our HTTPS decryption…

tls network sniffing

asked Apr 17 '17 at 20:18

user3408592

1
3

0

votes

1 answer

Which chain of the iptables receives the sniffed packets

Host C is using wireshark to sniff packets from Host A to Host B. I am able to see those packets from wireshark but I am not able to find them in the PREROUTING chain of iptables. When Host C arpspoofs Host A and B, I can then see the packets in my…

man-in-the-middle wireshark arp-spoofing iptables sniffing

asked Apr 12 '17 at 12:01

Lew Wei Hao

429
5
13

0

votes

0 answers

Invisible SSL sniffing

My question is pretty brief: may I accomplish invisible sniffing of secure traffic with(HTTPS) via sniffer, using my own certificate but signed by some commonly known CA(like verisign or smth like this) ? The aim of this operation is pretty obvious…

tls certificate-authority sniffing

asked Apr 07 '17 at 06:47

AseN

155
1
7

0

votes

1 answer

Is it possible to analyze real Single Sign-On (SSO) messages via network sniffing?

I am thinking how to gain and analyze the information in the real SSO (request/response) messages, for some commercial SSO solutions. The challenge is that most commercial SSO solutions are black-box or gray-box. I know the OpenID/SAML protocols.…

authentication sso saml sniffing openid-connect

asked Mar 01 '17 at 02:48

TJCLK

818
8
23

0

votes

1 answer

Sniff packets of a remote network

Is it possible to sniff some packets from a friend network from my network? If it's possible, how?

sniffing

asked Feb 18 '17 at 22:27

Jean Jambon

1

0

votes

1 answer

Can someone obtain URL (or just domain name) by using IP destination address of a packet even when HTTPS is used

When we sniffing with, lets say ettercap, we receive all packets from victim, and with that we can see Destination IP address from particular packet. So, can we obtain the domain name from that IP address, even when https is used, when we know that…

sniffing

asked Nov 25 '16 at 12:36

Ewe

3
2

0

votes

0 answers

How to capture data and answer with simulated data?

I use Wireshark and other relatively smaller sniffers to make some tests. I share my internet to my second PC. However, I have to spend much time for the following task, and want to know if i can do it easier: From 2nd PC I have an application…

man-in-the-middle wireshark sniffing

asked Oct 29 '16 at 18:12

T.Todua

2,677
4
19
28

0

votes

0 answers

What are the security risks of making an app closed-source?

What are the security risks, if any, of making an app closed-source vs. open-source?

opensource backdoor sniffing

asked Sep 12 '16 at 20:29

Geremia

1,636
3
19
33

0

votes

2 answers

What vulnerabilities are there for a website that does not use SSL for a login page (or any pages)

I see many websites that do not implement SSL either when logging in or at all. I know that you can simply sniff traffic on those sites and therefore see the user/pass in plaintext but what other vulnerabilities are there? Most of the insecure sites…

tls authentication websites sniffing

asked Sep 03 '16 at 21:52

user118923

67
4

0

votes

4 answers

Human readable SSL/TLS packets

If I have a protocol-analyzer/packet-sniffer, such as wireshark installed on a particular device.. (or in this case; tcpdump & tshark etc. on my smartphone..) ..should I be able to read that devices incoming & outgoing ssl/tls traffic, in an…

tls wireshark packet sniffing tshark

asked May 20 '16 at 15:32

voices

1,649
7
22
36

Questions tagged [sniffing]