Questions tagged [sniffing]
A sniffer is a program that monitors and analyzes network traffic.
184 questions
0
votes
0
answers
68
views
Is there a tool to capture encrypted telnet traffic and show which algorithm is used?
I have setup (is just a testing, nothing serious) two vm which can connect between them using telnet and aes (the shishi kdc use only aes). The problem is telnet is reporting using cbc which is not ...
- 243
1
vote
0
answers
98
views
ettercap-text-only ARP Poisoning Works in Docker Environment with three containers but No Packets Are Sniffed
I'm working on a protected Docker based lab with three containers for education purpose to run network tools like Ettercap to perform a MITM.
Here's a snippet from my Dockerfile for the attacker ...
- 11
2
votes
1
answer
625
views
Is RTSP sniffable in the sense of confidentiality?
I really wonder if the password used in rtsp-adresses are used only to authenticate or also to encrypt.
Let's assume I have a usual IP-camera and I stream its video over RTSP with usual user/password-...
- 1,159
2
votes
2
answers
1k
views
How to Sniff Bluetooth Traffic and Determine Encryption on Fitness Tracker Data?
I am attempting to analyze the Bluetooth communication between a fitness tracker (GOJI ACTIVE GFITBK20 Activity Tracker) and its corresponding application (Goji Active) installed on my Android phone. ...
- 23
1
vote
0
answers
324
views
How to investigate data transmission of a suspicious camera
I recently bought a camera (for indoors home monitoring), and I got suspicious of its behavior data wise.
It is set up like this:
First you download and install an app called Lookcam onto your phone.
...
- 111
0
votes
0
answers
183
views
Testing in case of TLS 1.3 with AES-GCM
At work, I'm used to sniffing and capturing on network interfaces by which client and server intercom on LAN in my domain so as to grab genuine business data, followed by my customized replaying to ...
- 101
1
vote
0
answers
4k
views
Is it possible that Telegram's OTP has been hacked?
A couple of my friends have been in a kind of pickle recently. There have been attempts to hack their Telegram accounts and hackers somehow learned their one time pass codes but the login attempts ...
- 3,571
0
votes
0
answers
25
views
Can an attacker sniff the encryption details when connecting to a VPN? [duplicate]
I thought I would be protected from sniffing if I use a VPN, even in a setting where my traffic is going through a «man-in-the-middle» either by ARP poisoning or an evil twin attack.
Now I was told, ...
- 101
0
votes
0
answers
88
views
Are there any attacks against TLS 1.1 encryption? [duplicate]
I've been researching the main TLS 1.1 vulnerabilities, and from what I've seen, TLS 1.2 only improves the cryptographic hash functions, because TLS s 1.1 are broken.
If these hash functions are ...
- 43
3
votes
2
answers
1k
views
Is sniffing possible on a wired network, assuming it is physically secure?
I had a security concern with an unknown device on the network.
If Wi-Fi is disabled and the network is strictly ethernet, assuming that no malware is deployed and it cannot be physically accessed by ...
1
vote
1
answer
825
views
How can authoritarian governments sniff TLS encrypted traffic on mass scale?
I tried sniffing TLS web traffic on my own network and I always run against the following complications:
I need to install an additional root cert on my devices
I need to root my phone to do ...
- 1,152
2
votes
3
answers
1k
views
How easy is it for hackers to intercept http traffic between VPN exitnode and the destination web service without being inside the VPN or web server?
Let’s say I’m using http connection over a properly set up VPN with secure protocol and implementation. Then, most likely, the connection will be secure all the way until it exits the VPN server.
But ...
- 21
2
votes
2
answers
415
views
What is the name of the box that hackers connect to a router in order to spy on all your traffic?
I watched a documentary where hackers entered a victim's house by pretending to be from the ISP and then connected a box to a router in order to spy on all of the victim's traffic. Later, the hackers ...
- 23
1
vote
1
answer
1k
views
Is TLS needed on loopback for local security?
So the scenario is that we have a server shared with a number of users, with me being the server administrator and able to determine permission assignments.
The server is running a service on loopback ...
- 113
0
votes
0
answers
53
views
On the gains and losses of an additional client side stretching of the user password [duplicate]
Picture a state of the art implementation of a website registration and login system.
I'm interested in analyzing what a defender gains and loses by feeding the user password to a key-stretching KDF ...
- 1,292