|
fearfect

Registered: 01/15/04
Posts: 1,845
Loc:
|
something to make you more paranoid
#7434209 - 09/20/07 08:45 PM (16 years, 4 months ago) |
|
|
I'm taking a networking class and I've been playing with a packet analyzer. When I turn on promiscuous mode and start sniffing all the packets on the LAN, you wouldn't believe how much stuff goes around unencrypted. I have full access to incoming and outgoing AIM messages from random people around me, many of the emails are unencrypted and I can just read them (not even using PGP) etc. Just a heads up to some of you that don't realize how vulnerable you really are :P
|
Brugman
antisobrietarian



Registered: 05/16/01
Posts: 15,887
Loc: the land up over
Last seen: 10 years, 9 months
|
Re: something to make you more paranoid [Re: fearfect]
#7434232 - 09/20/07 08:48 PM (16 years, 4 months ago) |
|
|
omgz, someone could read my kinky AIM sex chat!
|
The_Ghost
ゴースト



Registered: 03/27/07
Posts: 15,802
Loc: USG Ishimura
Last seen: 11 months, 2 days
|
Re: something to make you more paranoid [Re: Brugman]
#7434355 - 09/20/07 09:14 PM (16 years, 4 months ago) |
|
|
Well theres a big no shit.. That doesn't make you 'vulnerable' to attack. Truly sensitive information should of course be encrypted being sent online.
|
Alan Rockefeller
Mycologist


Registered: 03/10/07
Posts: 48,276
Last seen: 1 hour, 38 minutes
|
Re: something to make you more paranoid [Re: The_Ghost]
#7434519 - 09/20/07 10:06 PM (16 years, 4 months ago) |
|
|
> I'm taking a networking class and I've been playing with a packet analyzer.
I love packet analyzers.
Everyone should use them so they realize what is actually being said over the wire. You'll be suprised.
Macs come with tcpdump installed by default. Windows users should install Wireshark.
> When I turn on promiscuous mode and start sniffing all the packets on the LAN, you wouldn't believe how much stuff goes around unencrypted.
Fo shizzle.
> I have full access to incoming and outgoing AIM messages from random people around me
# tcpdump -ln -s0 -X tcp port 5190
I used that one last week and was like...ok....this conversation needs to continue on skype.
> many of the emails are unencrypted and I can just read them (not even using PGP) etc.
# tcpdump -ln -s0 -X tcp port 25 -w email.cap
> Just a heads up to some of you that don't realize how vulnerable you really are :P
No one knows how vulnerable they really are because it is never tested in a real world situation.
Here is a good trick to use to reduce your vulnerability by forwarding all your web traffic over ssh. It requires access to one unix host somewhere out on the net. If you don't have a shell account, google for free shells.
First, ssh into the remote host with the -D flag.
$ ssh -D3128 alan.rockefeller@whitehouse.org
Once you authenticate, go to your browser preferences, then to advanced, then to network settings. Set up the network proxy to be a SOCKS proxy on 127.0.0.1 port 3128. Once you do that, all your web traffic will be forwarded to the remote host using very strong encryption, then leave unencrypted from there. The traffic still goes through the internet in the clear, but at least any packet sniffers at your location (network monitoring group, feds, wardrivers, etc) won't be able to see anything but your DNS requests.
If you don't want your DNS requests to go out in the clear, you can use a squid proxy on the remote host, but that takes 3 extra minutes to set up. I use an /etc/hosts file that has a few "questionable" sites (like this one) and let the DNS go out like normal for most of my requests.
PM me if anyone needs help making this work.
Edited by Alan Rockefeller (11/19/07 01:32 PM)
|
Krystal Klear
Stranger



Registered: 05/09/07
Posts: 1,148
Loc: Mushroomvilletopiatonopol...
Last seen: 2 years, 2 months
|
Re: something to make you more paranoid [Re: fearfect]
#7435102 - 09/21/07 01:25 AM (16 years, 4 months ago) |
|
|
Quote:
fearfect said: I'm taking a networking class and I've been playing with a packet analyzer. When I turn on promiscuous mode and start sniffing all the packets on the LAN, you wouldn't believe how much stuff goes around unencrypted. I have full access to incoming and outgoing AIM messages from random people around me, many of the emails are unencrypted and I can just read them (not even using PGP) etc. Just a heads up to some of you that don't realize how vulnerable you really are :P
That would only make someone that does something illegal paranoid. I am sure glad I don't do anything illegal.
-------------------- Nothing I say is meant to be taken seriously. -Krystal
|
|