Government Security
Network Security Resources

Jump to content

Photo

Packet Sniffer Detection?


  • Please log in to reply
2 replies to this topic

#1 appdev

appdev

    Private

  • Members
  • 1 posts

Posted 06 July 2012 - 11:36 AM

Hi. I'm a newb when it comes to network security.
Is there a way to detect if someone *was* packet sniffing? I let my sister's friend on my wireless home network using my WEP. A couple hours later I looked on his laptop monitor and it looked like he had a screen open that looked like a network analyzer.
Questions:
- Is there any other reason why he would have a network analyzer running besides to sniff?
- Is there any way I can check to see if he was actually sniffing?
- Can I look in my network logs for increased activity?
- Packet sniffing is passive though right, so there wouldn't be any trace?

I just want some kind of proof that he was analyzing my network without my permission since he's denying having a network analyzer open.

Thanks.

#2 infiltrator

infiltrator

    Staff Sergeant

  • Sergeant Major
  • 421 posts

Posted 24 July 2012 - 11:05 PM

Is there a way to detect if someone *was* packet sniffing?


It may be possible, depending on the network switch capability. But in theory, it would be impossible, because when the attacker packet sniffs he doesn't generate any traffic on the network, he's only receiving the traffic. So it would be almost impossible to tell.

- Is there any other reason why he would have a network analyzer running besides to sniff?


If you have other users on your home network, he will be more than likely trying to steal their passwords or other information.


- Is there any way I can check to see if he was actually sniffing?


Inspect his PC.


- Can I look in my network logs for increased activity?


It will depend on the type of information you log files records.

- Packet sniffing is passive though right, so there wouldn't be any trace?



Correct!


I just want some kind of proof that he was analyzing my network without my permission since he's denying having a network analyzer open.


The only way to verify, is inspecting the computer for any log files that the packet analyzer may have left behind.

#3 Johans

Johans

    Private

  • Members
  • 3 posts

Posted 06 May 2013 - 09:04 AM

i guess you cannot trust anyone these days ... :)


Learn more about network security by visiting our webpage.

 

Find android free apps here.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users