3
I've read somewhere that wired home routers often act like a switchhub, and when you send data to your router, it broadcasts it to the whole network, even when it's addressed to an outer computer. Because of this, it was possible to intercept unsecure communications from the LAN to anywhere simply by having another computer wired to the router.
Is this still the case on many home routers?
zneak
Posted 2011-02-13T20:57:17.930
Reputation: 989
6
No. You are confusing switch and network hub. Huge majority (I haven't encountered single device including hub for years) of home routers include switch, not hub.
However, if you have home router with WLAN link (not just computer connected to WLAN, but linked to another access point), then all packets are broadcasted over that WLAN link.
Olli
Posted 2011-02-13T20:57:17.930
Reputation: 6 704
I'm not sure offhand about WPA/WPA2, but unencrypted and WEP-encrypted WLANs do allow all connected computers to see all packets, even with only a single access point. – Dave Sherohman – 2011-02-14T11:42:22.530
@Dave Yes, if you are connected over WLAN. WPA/WPA2 protects connections between clients. Question was about wired connections. – Olli – 2011-02-14T11:51:52.070
@Dave Also, WEP encrypted do not allow others to see, unless you crack that encryption. Of course, with WEP it's trivial. Same goes for WPA/WPA2, it's encrypted, but you can crack it.
– Olli – 2011-02-14T19:42:17.993Perhaps it's due to misconfiguration, but my personal experience is that any computer connected to a WEP WLAN (regardless of whether it's cracked the WEP or connected to the WLAN normally using a legitimate key/passphrase) can see all data on that WLAN. I've done it many times at friends' homes without ever once running a WEP cracker. – Dave Sherohman – 2011-02-15T09:24:33.400
1
no, to the best of my knowledge this doesn't happen on modern routers, however you may way to read about Arp Spoofing:
Hortinstein
Posted 2011-02-13T20:57:17.930
Reputation: 398
0
This is the same answer again, I know. As far as I'm aware, all routers these days are switched, ie they send data only to where it's intended. The switch 'learns' which port the PCs are connected to by inspecting the traffic. The only time they broadcast is when they don't know where a PC is, which should only happen once.
Like Hortinstein said, the system used to resolve an IP address to a MAC address (ARP) is not secure. It is possible to redirect IP traffic, in which case it can be read and forwarded totally transparently.
Andee
Posted 2011-02-13T20:57:17.930
Reputation: 559
Switches don't do that. Hubs do. – user1686 – 2011-02-13T21:00:05.573