A sniffer is a program that monitors and analyzes network traffic.
Questions tagged [sniffing]
176 questions
5
votes
1 answer
Where would I place a sniffer to capture data in a home network with the following topology?
I am aware of the various techniques that there are to sniff around a network that has Hubs or Switches (port mirroring, hubbing out, use of taps), but I am not sure which method would be more efficient in a home network that has the following…
Irene Ant
- 659
- 7
- 19
5
votes
2 answers
Why isn't a standard for encrypted but open WiFi developed?
With passwordless public WiFi hotspots, it's easy to demonstrate that packets can be sniffed and (in the case of non-HTTPS traffic) private information gained. While the long-term solution would be to completely implement HTTPS and deprecate HTTP,…
Luke Moll
- 161
- 4
5
votes
3 answers
Why aren't TCP sockets encrypted by default?
I've been wondering this for as long as I've been programming, Why aren't TCP sockets encrypted by default? Everyone always says that using raw sockets is dangerous as all packets sent are susceptible to packet sniffing.
So why didn't the original…
Paradoxis
- 892
- 7
- 15
5
votes
1 answer
Unable to obtain TCP/HTTP traffic from WPA2 packets even with full handshake and decryption
The Problem
On my WPA2 network, I have been successfully able to get intercept a full four-message EAPOL handshake from a particular computer on my network. It is my understanding that with this handshake (and knowing the passphrase for my network),…
saltthehash
- 235
- 1
- 8
5
votes
1 answer
ARP poison on divided network (every PC in it's own subnet)
Let's say that we have a room with a router and 30 PC's plugged in. Every PC has it's own 'subnet'. If we check for available hosts via ettercap/wireshark (on any PC), it only discoveres two hosts: our own and the router. I couldn't find any…
Insane
- 61
- 2
4
votes
2 answers
What does WPA2 traffic look like to a packet sniffer that is not connected to the network?
Imagine there is a wireless network using WPA2, and an attacker has come along with his wireless card in monitor mode. What will the packets from that network look like? Is any information disclosed i.e Destination/Source IPs/Ports? Or is it all…
RandyAnon
- 73
- 7
4
votes
1 answer
Is there a reason why ARP spoofing would be used for spying instead of sniffing promiscuously?
I am a student trying to demonstrate an ARP spoofing attack. To test whether my attack was working I decided to use wireshark to sniff the packets on the attacking machine. At first I thought I was able to intercept traffic with my ARP spoofed…
Matt
- 143
- 5
4
votes
1 answer
Can smart power meters read key presses on a wired keyboard?
Smart power meters are becoming quite prevalent. Question: Can a smart power meter (with patched firmware) read the keys pressed on a wired PS/2 or USB keyboard, connected to a desktop computer? What about a laptop (connected with RJ45 Ethernet,…
AlphaCentauri
- 205
- 1
- 4
4
votes
4 answers
Sniff packets of a wired computer
in my home network my own PC is connected with a wire to the router. I want to do some analysis on the packets so I got an old laptop and tried to sniff my PC packets with the laptop (that is connected on WiFi).
Unfortunately I couldn't see my PC…
Cars Data
- 41
- 2
4
votes
1 answer
Would it be possible for an ISP to guess specific requests on an HTTPS site using package size?
In light of the recent senate decision in the US to allow ISPs to sell users' browsing history, I've been reading of recommendations on how users can retain their privacy. One of the common recommendations is to restrict your browsing to HTTPS…
andrewb
- 204
- 1
- 6
4
votes
3 answers
I just found out I have unknowingly been sending a password not using SSL, how likely is it that I have been compromised?
I just realized that I have been connecting (sending user name and password) to my production MongoDB database for several weeks using MongoChef (a database GUI) without the SSL option enabled. I recently switched to MongoChef from a different GUI,…
cTylk
- 43
- 3
4
votes
1 answer
How can I exploit a web application if content sniffing is not disabled?
I just come across one of the customer's website for penetration testing having JSON callback reflecting the user input in the response body.
like this:
https://example.com/somepage?callback=mypayload
{"callback":"mypayload"}
As…
avicoder
- 313
- 2
- 11
3
votes
2 answers
How to intercepting iOS HTTPS traffic
How can I intercept & parse through the SSL traffic (incoming & outgoing) generated by my iPad application?
voices
- 1,649
- 7
- 22
- 36
3
votes
1 answer
Is eavesdropping possible over smpp?
I don't know much about the SMPP protocol, but I often hear that it is not a secure protocol.
If Alice sends a SMS to Bob, can Eve view what Alice sent to him? If yes, can you give an example on how Eve can accomplish that?
MrHeliose
- 77
- 9
3
votes
1 answer
Wireshark - How to see the domain of HTTPS websites visited
How can I see the domain name of https websites that are visited on my network? I know I'm not able to see the full url, just the websites ip or domain. I think it my be possible with a reverse dns lookup, but how can I retrieve the dns…
Evan
- 31
- 1
- 3