|
Packet Sniffers
I guess I am getting paranoid, but I am trying to figure out how much a “threat” packet sniffers are. People are saying that a person with a piece of freeware can watch all of your traffic in a public WIFI location.
Is this correct? If so what are people doing to protect themselves? |
I use WildPackets, and it's a great piece of software.
Mostly use it for troubleshooting client/server configurations and discover network bottlenecks, but it's amazing the stuff you can see with them You want protection, connect via a VPN, you can see the connection and traffic, but everything is secure. |
true, but not a big worry
Network analyzers (Sniffer is a registered trademark of Network General) can be used to watch all the packets going to/from a WiFi AP. Ethereal is the best known "free" network analyzer.
However, going from the raw packets to what you're actually doing is not trivial. I'm been working with network analyzers since I helped build some of the first commercial ones in the late 80's and early 90's, and its still not easy for me. In addition, any traffic to/from a commercial website should be encrypted (https: in the URL and look for the "lock" symbol in your browser), which means that all a bad guy could tell is how much total data you sent to the site, not any of the contents. Similarly, if you are connecting to a corporate LAN you should be doing it over an IPSEC or SSL VPN, which is also encrypted. You shouldn't send any confidential data in the clear over a public WiFi link. Just make sure you use the secure logon pages for Amazon, EBay, Etrade, etc, and you should be fine. Bob
Originally Posted by back seat
I guess I am getting paranoid, but I am trying to figure out how much a “threat” packet sniffers are. People are saying that a person with a piece of freeware can watch all of your traffic in a public WIFI location.
Is this correct? If so what are people doing to protect themselves? |
Originally Posted by back seat
I guess I am getting paranoid, but I am trying to figure out how much a “threat” packet sniffers are. People are saying that a person with a piece of freeware can watch all of your traffic in a public WIFI location.
Is this correct? If so what are people doing to protect themselves? |
snoop and tcpdump, but for windows I use ethreal
it does magic for me. I also use Google Secure Access, and it works well for me |
try megaproxy.com
|
Originally Posted by back seat
I guess I am getting paranoid, but I am trying to figure out how much a “threat” packet sniffers are. People are saying that a person with a piece of freeware can watch all of your traffic in a public WIFI location.
Is this correct? If so what are people doing to protect themselves? |
One thing I am considering purchasing for my home office is a wireless router that has VPN capabilities. That way, when overseas and at a public WiFi hotspot, I log into my own VPN at home and use that internet connection to transfer data. This way, you're using your own bandwidth on your home plan (plus whatever you pay at the public hotspot, if it charges). At least I think that's how it works!
The most recent editions of Security Now! with Steve Gibson and Leo Laporte have been talking about it http://www.grc.com/securitynow.htm. |
Originally Posted by DavidNZ
One thing I am considering purchasing for my home office is a wireless router that has VPN capabilities. That way, when overseas and at a public WiFi hotspot, I log into my own VPN at home and use that internet connection to transfer data. This way, you're using your own bandwidth on your home plan (plus whatever you pay at the public hotspot, if it charges). At least I think that's how it works!
The most recent editions of Security Now! with Steve Gibson and Leo Laporte have been talking about it http://www.grc.com/securitynow.htm. |
Originally Posted by back seat
I guess I am getting paranoid, but I am trying to figure out how much a “threat” packet sniffers are. People are saying that a person with a piece of freeware can watch all of your traffic in a public WIFI location.
Is this correct? If so what are people doing to protect themselves? As usual I didn't read carefully enough and Kanebear provided the best advice... listen to that Podcast or at least read the transcripts. I love listening and my wife hates it b/c i keep saying "I've been saying that for years!!!"... Gibson is a lovable nut and is right on when it comes to security. here's the deal...and I'm not overly simplifying... Anything you do on a public network (hotel, etc) or on wifi should be something you are ok with being on the front of the news paper tomorrow. Sniffers (as others have pointed out) pretty much rely on hubs, of which some research (see the podcast mentioned above) suggests over 50% of hotels use. Switches work on a lower level and basically help protect against sniffing- traditionally speaking. Never the less there is stuff out there that can "poison" the switch and then capture packets... thus reading everything you send. Its important to remember that POP (email) is completely insecure, as are a lot of protocols (isn't the sign-in to flyertalk insecure?). Even if you don't do anything private, there are still people who enjoy watching your surfing habits. Your best bet is to get a VPN router at home (linksys makes one for like $100) where you can then establish a very secure connection back to your home router (and access files, etc) and be assured that you are safe. There are also home SSL servers that allow similar things via web pages (ssl explorer is a good one). Even easier are some of the afore mentioned proxy servers, but you HAVE to use the SSL (https) web connection. I like proxify.com... Bottom line, public Wifi and hotels are completely and utterly insecure.... -N p.s. I AM that guy, I always run a certain piece of software on every public network... its amazing... i have even sent people e-mails from them selves (using their pop info) to tell them exactly what I'm typing here. |
Originally Posted by Loren Pechtel
Sure they can unless you have a secure connection. You shouldn't be sending sensitive stuff over the wire without an encrypted connection anyway.
What does that mean? If you run outlook express or outlook on your laptop and have a personal email account that uses POP3 or IMAP, **even if you are VPNed into your work network**, that traffic is in the clear. it means in many cases your password and email for your ISP accounts are avaliable to be sniffed. of course i know all of this and still check my ISP email, using POP3 all the time. i'm sitting at SFO gate 81 doing it now... |
Originally Posted by SpaceBass
Anything you do on a public network (hotel, etc) or on wifi should be something you are ok with being on the front of the news paper tomorrow.
Bottom line, public Wifi and hotels are completely and utterly insecure.... I will now take the extra few steps and login to our companies VPN starting now. |
Originally Posted by kenfry
snoop and tcpdump, but for windows I use ethreal
it does magic for me. I also use Google Secure Access, and it works well for me A month ago they blocked it for all locations except for their one public AP... |
Originally Posted by cbd_sea
of course i know all of this and still check my ISP email, using POP3 all the time. i'm sitting at SFO gate 81 doing it now... :D |
Originally Posted by back seat
This makes me very uneasy now. . . .
I will now take the extra few steps and login to our companies VPN starting now. My uncle is the president of a significant company and he frequently works from home and installed a regular belkin wireless router.... didn't make any changes. I used that certain program i mentioned and showed him his email, passwords and even excel sheet of salaries.... My company is the opposite, we don't even have OWA outside of our network. At home i run my own exchange server (and VPN of course) but I use a secure cert for OWA and it works great for secure e-mail anywhere. -N |
| All times are GMT -6. The time now is 5:36 am. |
This site is owned, operated, and maintained by MH Sub I, LLC dba Internet Brands. Copyright © 2026 MH Sub I, LLC dba Internet Brands. All rights reserved. Designated trademarks are the property of their respective owners.