Page 1 of 3 123 LastLast
Results 1 to 10 of 27

Thread: is there a way to pervent network sniffing?

  1. #1
    Junior Member
    Join Date
    Jul 2007
    Posts
    37

    Default is there a way to pervent network sniffing?

    i'm sharing my internet with a roomate is there a way to pervent him from using etheral or cain and abel to sniff out password for email and so on? our network connection is like this..

    dsl modem> linksys wrt54g > his pc >> mine pc
    I made fun of -=Xploitz=- and I got banned for 3 days.

  2. #2
    Member
    Join Date
    Nov 2007
    Posts
    220

    Default

    So your PC is connected through your friends? in that case he/she will hear everything surely?

    I suppose you could regularly check the arp on your PC to make sure the mac listed against the IP of the gateway is correct?
    wtf?

  3. #3
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by Andy90 View Post
    So your PC is connected through your friends? in that case he/she will hear everything surely?

    I suppose you could regularly check the arp on your PC to make sure the mac listed against the IP of the gateway is correct?
    You can sniff traffic without doing arp poisoning. I do it on my network at work all the time.

    The answer is No, if a person has direct access to the hardware between you and the internet, there is no way to detect them. Although, you could prevent if you're able to VPN to another network and route your traffic through them.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  4. #4
    Junior Member
    Join Date
    Jul 2007
    Posts
    37

    Default

    not a direct connection.. we jus connect to a the router.. he is on port 1. and i'm on port two. on the linksys. router..
    I made fun of -=Xploitz=- and I got banned for 3 days.

  5. #5
    My life is this forum Barry's Avatar
    Join Date
    Jan 2010
    Posts
    3,817

    Default

    If it's running a non-stock firmware you might be able to vlan the ports. Like the wireless would be on 10.0.0.1, ethernet port 1 would be 10.0.0.2, ethernet port 2 would be 10.0.0.3. Pretty sure this would keep him out of your traffic. I'm just not 100% sure it will allow this.
    Of course, if you really wanted to have some fun, go to Wal-Mart late at night and ask the greeter if they could help you find trashbags, roll of carpet, rope, quicklime, clorox and a shovel. See if they give you any strange looks. --Streaker69

  6. #6
    Junior Member
    Join Date
    Jul 2007
    Posts
    37

    Default

    i'm using the dd-wrt firmware. i will head over there and see if i can find something. thanx for the advice
    I made fun of -=Xploitz=- and I got banned for 3 days.

  7. #7
    My life is this forum Barry's Avatar
    Join Date
    Jan 2010
    Posts
    3,817

    Default

    Quote Originally Posted by guardianx View Post
    i'm using the dd-wrt firmware. i will head over there and see if i can find something. thanx for the advice
    Here you go.

    Linky thingy.

    I'm doing something similar, but I use my ipcop box to separate the networks.
    Of course, if you really wanted to have some fun, go to Wal-Mart late at night and ask the greeter if they could help you find trashbags, roll of carpet, rope, quicklime, clorox and a shovel. See if they give you any strange looks. --Streaker69

  8. #8
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    With OpenWRT you can VLAN everything on a WRT54g.

    http://soapbox.bartsplace.net/articl...50203220950714
    (Keep in mind that's a 2005 article)
    Router between upto 5 ethernet segments and a wireless segment
    You'd want something like the 3rd option described here:
    http://wiki.openwrt.org/OpenWrtDocs/...43d6cf85ba878f
    [LAN (vlan0), WAN (vlan1), DMZ (vlan2)]
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  9. #9
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by thorin View Post
    With OpenWRT you can VLAN everything on a WRT54g.

    http://soapbox.bartsplace.net/articl...50203220950714
    (Keep in mind that's a 2005 article)


    You'd want something like the 3rd options described here:
    http://wiki.openwrt.org/OpenWrtDocs/...43d6cf85ba878f
    I bet that even with VLAN to the router, traffic could still be sniffed.

    Since all you're doing is establishing a VLAN between yourself and the router. If you were to put another router after that one, with a hub in the middle. You'd have an Open spot for all traffic passing through.

    Which is what I was leading to in my first post. As long as someone has physical access to the equipment, they can monitor the traffic.

    He'd need to establish a VPN through the device to another network on the outside, to ensure that he cannot be monitored.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  10. #10
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    I guess my question would be: If you're roomate is really that un-trustworthy why do you share a connection? Does your system have a boottime password? Do you lock your screen (winkey-L or whatever in *nix) everytime you walk away from it? If the answers to the later two are "no" then you have bigger problems then them sniffing your traffic.
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

Page 1 of 3 123 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •