1
1
I'm using Internet, shared through wireless network. Now, is there any possibility to track me (i.e. my browsing history) from another computer of same network using "Wireshark" or other tracking software? If so, how to block this.
1
1
I'm using Internet, shared through wireless network. Now, is there any possibility to track me (i.e. my browsing history) from another computer of same network using "Wireshark" or other tracking software? If so, how to block this.
2
Any other computer in the same wireless network can receive the packages you are sending out and that are sent to you. The relevant data contained in such a package is the source and the target address and the actual data. This makes it possible to see what other computers you are communicating with.
Lets take your example of the browsing history. If you enter an URL in your browser, lets say http://google.com
a request is sent out via your network. Every other wireless client does can receive the package as it is sent out in all directions as radio signal. This package can be read using tools like Wireshark. The person reading it would see that the request goes to IP 173.194.113.174
. It is very easy to find out what website this IP belongs to.
If you are not using SSL (https) the data of the package can also be read. In our google example it contains e.g. your search request. If you login on a site that doesn't use https, even your username and password are contained easily readable in that data. As James already stated in the comments it is even possible to attack SSL secured connections.
To avoid this you can use a tunnel (e.g. SSH, VPN). The attacker could still see you communicating with the tunnel endpoint, but all the other information will be encrypted.
1
To elaborate further on my comment
Wireless networks are inherently insecure - someone does not even need to be logged into the network to intercept the packets that are broadcast (think man in the parking lot with a cantenna). It's not just the people on the network to worry about.
As a side note and in addition, someone running an ethernet card in promiscuous mode on a wired connection will intercept any packets they can see (by default cards are set to ignore anything not relevant to them but this can be changed).
Dependent upon the level of control they have over the network gateway / your pc (e.g. via group policy on a domain) they can also break your SSL connections and read them (MiTM / SSL Intercept). This is traditionally used by enterprises for deep packet inspection at the firewall (sometimes using dedicated equipment) under the auspices of preventing malware / trojan communication externally through encrypted connections (e.g. using Cryptcat).
Your best bet is either to tunnel out via a secure proxy / VPN or to use a hostname on your pc that can't be traced back to you individually. Alternatively, if you are super-paranoid, only do your browsing on a network you trust and via a cabled connection.
2simple answer is yes they can track what you are browsing. also, dependent upon the level of control they have over the network gateway / your pc (e.g. via group policy on a domain) they can also break your SSL connections and read them (MiTM / SSL Intercept). Your best bet is either to tunnel out via a secure proxy / VPN or to use a hostname on your pc that can't be traced back to you individually. – James – 2013-06-04T06:49:52.187
Note, however, that due to the very high rate of packet loss in wifi networks, you may not get all messages, because packetx will only be retransmitted until the destination acknowledge them. If you failed to receive some of them before that, you won't see those packets. – BatchyX – 2013-06-04T07:17:37.517