Sniffers: Wired and Wireless Network
- 1. Network Sniffers Privacy Protection Thamer Alsuhbani Mikel Solabarrieta
- 2. We are going talk about How do computers communicate in a LAN? How can we avoid be a victim? What is a Network Sniffer? Which are the risks of being monitored? Sniffers in Wired and Wireless Networks Conclusions
- 3. How do computers communicate in a LAN? -- A local area network (LAN) is a computer network that interconnects computers within a limited area -- General Idea
- 4. -- Sometimes things are not as we expected -- What is a Network Sniffer?
- 5. -- A network sniffer monitors data flowing over computer network links in real time. -- What is a Network Sniffer? Sniffer mode
- 6. -- Network adapters have differents operation modes -- How can be this possible? >> non-promiscuous mode >> promiscuous mode >> monitor mode -- If the package is not for this device drop it -- -- If the package is not for this device do not worry allow it in -- -- Just for wireless, it will capture everything in the “air” -- remember, at this point network adapters are filtering package using MAC address (LAYER2)
- 7. -- Network adapters have differents operation modes -- How can be this possible? >> promiscuous mode Wired + Hub - do receive everything (broadcast, unicast and multicast packages, we really meant everything) *Wireless - it should receive everything on a network to which you have associated (broadcast, unicast and multicast packages, we really meant everything) Wired + Switch - do not receive everything (broadcast, unicast and multicast packages, that were send to this device) * it sometimes works, but it depends of the network adapters drivers
- 8. -- Network adapters have differents operation modes -- How can be this possible? >> monitor mode Wireless - it must receive everything in the air (having in count, frequency, signal strength, channel, etc.) remember, we are sniffing the “air”, we are going to collect everything of every network (SSID) around, we do not need to be joined to one of them at all
- 9. Sniffers in Wired and Wireless Networks Hub-based network -- In a hub, a frame is passed along or "broadcast" to every one of its ports -- Uncleverdevice -- broadcasting the same data out of each of its ports --
- 10. Sniffers in Wired and Wireless Networks Switch-based network -- In a switch, a frame is passed to only one or multiple devices that need to receive it -- Smartdevice -- each port have a device and the switch will send the package directly to a port --
- 11. Sniffers in Wired and Wireless Networks Access point-based network -- In wireless networks the communication going through the air using radio communication techniques-- -- The air is the way and we can sniff the air--
- 12. Which are the risks of being monitored? FTP -- Some protocols were designed to manipulate data in plain text -- TELNET SMTP HTTP POP3 IMAPv4 SNMP plain text SFTP HTTPS* encrypted SMTPS* SSH *S This is for SSL or TLS
- 13. Which are the risks of being monitored? plain text - http
- 14. Which are the risks of being monitored? plain text - ftp
- 15. How can we avoid be a victim? no longer plain text- sftp
- 16. How can we avoid be a victim? no longer plain text- https
- 17. How can we avoid be a victim? -- We should follow good practices when we are surfing on internet -- -- We should avoid using old and insecure known protocols --
- 18. Can I sniff someone else wifi? Is this illegal?
- 19. Thanks Questions