Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Wireshark!

  • 08-11-2007 2:31am
    #1
    Black Swan
    Moderators, Category Moderators, Science, Health & Environment Moderators, Society & Culture Moderators Posts: 47,537 CMod ✭✭✭✭


    Anyone familiar with the network protocol analyzer called Wireshark? Read in the most recent issue of PCMagazine that you can assess your hotspot wifi vulnerabilities by using Wireshark to hack yourself (i.e., packet sniff and see if you appear). Anyone done this? Does it work? Comments?


Comments

  • #2
    Dr Lektroluv
    Closed Accounts Posts: 89 ✭✭Dr Lektroluv


    It's just a packet sniffer.. with regards assessing your wifi vulnerabilities well if you sniff on a network that you are a client of course your traffic is going to show up. Is that what you mean? It's getting access to your network (ie. breaking your WEP/WPA/etc) that's the tricky part.


  • #3
    Black Swan
    Moderators, Category Moderators, Science, Health & Environment Moderators, Society & Culture Moderators Posts: 47,537 CMod ✭✭✭✭Black Swan


    Dr Lektroluv wrote: »
    It's just a packet sniffer.. with regards assessing your wifi vulnerabilities well if you sniff on a network that you are a client of course your traffic is going to show up. Is that what you mean? It's getting access to your network (ie. breaking your WEP/WPA/etc) that's the tricky part.
    Not exactly what I meant... If I am at a javahouse hotspot using their unencrypted wifi router sending emails, PMs to boards.ie, or posting to a university Black Board, would my packets be disclosed and decoded into plain text if someone was using Wireshark (assuming that I am not using VPN or SSL)?

    A related question... If I too am using Wireshark while posting my emails (or whatever), will my Wireshark detect another person using Wireshark (or a different packet sniffer) within signal range of the javahouse hotspot unencrypted wifi router?


  • #4
    matrim
    Registered Users, Registered Users 2 Posts: 7,518 ✭✭✭matrim


    Blue_Lagoon wrote: »
    Not exactly what I meant... If I am at a javahouse hotspot using their unencrypted wifi router sending emails, PMs to boards.ie, or posting to a university Black Board, would my packets be disclosed and decoded into plain text if someone was using Wireshark (assuming that I am not using VPN or SSL)?

    A related question... If I too am using Wireshark while posting my emails (or whatever), will my Wireshark detect another person using Wireshark (or a different packet sniffer) within signal range of the javahouse hotspot unencrypted wifi router?

    Wireshark could be used for this but it depends on your Wireless Network card. If your card (or more specifically driver) supports capturing packets in promiscuous mode then you can sniff all the traffic on the network. Once you are authenticated you will see the traffic and it won't be encrypted (unless its VPN, SSL etc).

    You cannot detect if another user is using Wireshark to detect packets.


  • #5
    Martyr
    Closed Accounts Posts: 1,567 ✭✭✭Martyr


    Read in the most recent issue of PCMagazine that you can assess your hotspot wifi vulnerabilities by using Wireshark to hack yourself

    possibly they were referring to airpcap adapter, which has started to grow in popularity since its much easier to setup than linux and aircrack.

    its well supported by wireshark too..

    Currently, there is little or no support for free drivers that allow packet injection on 2000/xp, but since vista was released with new wifi stack, drivers that support packet injection should start to appear in the near future.

    Comm Wifi supports alot of cards, and you can get it to work with aircrack-ng if you like, but i've not tried it out..can't comment on how well it works.

    airpcap also works with cain & abel, which has reasonable support for cracking wifi hotspots, WEP/WPA-PSK


  • #6
    Dr Lektroluv
    Closed Accounts Posts: 89 ✭✭Dr Lektroluv


    Blue_Lagoon wrote: »
    Not exactly what I meant... If I am at a javahouse hotspot using their unencrypted wifi router sending emails, PMs to boards.ie, or posting to a university Black Board, would my packets be disclosed and decoded into plain text if someone was using Wireshark (assuming that I am not using VPN or SSL)?

    Technically they can read absolutely all your traffic see the thing about wireless protocols (WEP/WPA/etc) is apart from the initial authentication & association the traffic going around the internal wireless network is not encrypted at all, major flaw if you ask me.

    Anyway yeah if you are visiting a website that isn't using SSL then all your traffic can be read by others on the network. Even usernames/passwords that aren't sent over secure connections can be read. Full msn conversations, etc. There's even an msn protocol selector in wireshark. Scary stuff.


  • Advertisement
  • #7
    Capt'n Midnight
    Moderators, Recreation & Hobbies Moderators, Science, Health & Environment Moderators, Technology & Internet Moderators Posts: 93,591 Mod ✭✭✭✭Capt'n Midnight


    They could only sniff the packets you send if they have line of sight to you. But
    anyone with line of sight to the access point would be able to see all the packets sent to you. So people you can't see could still sniff the replies. Point an MMDS dish or a 14 dB Yagi at the access point and they could eavesdrop from several miles away.

    http://ubnt.com/company_press_07.php4
    August 21, 2007 - Ubiquiti Networks, a leading innovator in outdoor wireless broadband solutions and the Italian Center for Radio Activities (C.I.S.A.R), an association founded by a group of Italian radio amateur operators today announced the new world record for a 5 GHz WiFi link achieving a distance of 304km.
    Ok they had high gain antennas at both ends of the link but they only used 600mW which is a lot less than wifi power limits in the US.

    So you only need to worry about people eavesdropping within a 100 mile radius of the access point.


  • #8
    Martyr
    Closed Accounts Posts: 1,567 ✭✭✭Martyr


    ...you only need to worry about people eavesdropping within a 100 mile radius of the access point.

    :D


Advertisement