I am asking this (for educational purposes) to be alert if this kind of thing happens to me.
Asked
Active
Viewed 208 times
2 Answers
1
It depends on the attack. For passive sniffers, i.e. those that do not interfere with the network configuration:
- For wired networks: it is not possible if the network uses switches and there are no other hosts on the wire between the attacker and the switch. Switches direct communications to the appropriate physical wire. This is however for performance reasons, not security, so an active attacker can see everything passing through the network.
- For wireless networks: it is not possible if the network uses WPA Enterprise and different identities for each user: you have the same situation as a switched wired network with one port per client.
An active attacker (e.g. through ARP poisoning) can sniff all the traffic on the network.
Piotr P. Karwasz
- 5,292
- 2
- 9
- 20
-
While that's true if you're only considering plain users of the switch, it only sends packets to the port with the destination mac address. This hides most traffic from the other ports of a switch.However, anyone that has admin access to the switch management can enable port mirroring and see all of your traffic, and you'd never know. – BeowulfNode42 Jan 14 '20 at 14:02
0
Yes, it is possible with the appropriate software like Wireshark, you can track the traffic of your network. Typical items sniffed include: SMTP, POP, IMAP traffic, POP, IMAP, HTTP Basic, Telnet, SMB, NFS, FTP traffic. Keep in mind you can not have knowledge if someone is sniffing at your network but you can use encrypted services in order to encrypt your traffic.
Keftef
- 86
- 1
- 8
-
So can anyone see other's browsing history in Wireshark on the same network, I mean "https" websites as well? – Saurav Jan 15 '20 at 09:17
-
You can see that there are https traffic and the handshakes but you can not see the data because https establish an encrypted connection,so you are not able to see anything through https. – Keftef Jan 15 '20 at 10:09