Mutt
Professional
- Messages
- 1,458
- Reaction score
- 1,070
- Points
- 113
Contents
Lunch break in the office or just an hour or two of free time. A quick business lunch in a cafe is a common thing for a business person, as well as hours-long gatherings of students (after couples) over tea or beer. However, the main attribute of a modern catering establishment is not well-trained staff or gourmet cuisine, but the presence of a wireless network with free Internet access. You can view notifications on social networks, send mail, make a purchase in an online store or make an urgent payment from a mobile device (smartphone or laptop) directly in a cafe. Isn't it convenient? But it's hardly safe!
Sniffering - what is it?
An analyzer of passing network traffic, or "sniffer" (from the English word - "to sniff") is a computer program for redirecting (intercepting) packet data with the ability to decode and analyze it. Sniffering (data interception) is especially popular in crowded places (restaurants, train stations, shopping malls and just on the street). Wherever there is a public Wi-Fi network, an unsuspecting Internet user can fall prey to an attacker. In appearance, a fraudster can be the same carefree visitor to a cafe, whose attention is riveted to the screen of a personal laptop.
At the same time, a sniffer application is activated on the criminal's device, a wifi access point is turned on with a name consonant with the name of an institution or a public place (for example, macdonalds). When an unsuspecting user connects to one of the available public networks, he can easily become a potential victim of an intruder. All passing traffic is intercepted by the sniffer and analyzed for usernames and passwords of payment systems, credit card numbers, payment confirmation passwords, and so on. In fact, all your traffic is intercepted, but provided that you are connected to the fraudster's pseudo-network.
Traffic interception can be carried out not only through wifi, the following methods are known:
Interception of data via Wi-Fi. How to protect yourself?
There is practically no absolute recipe for protection against sniffing, and basically the recommendations of information security specialists are reduced to the simplest one: in no case should financial transactions be carried out in public networks. Ideally, you should use your own mobile phone or laptop with a 3G modem to access the Internet, which will certainly help to avoid interception of traffic by intruders in public places.
And through public high-speed wifi internet connections, you can only watch YouTube videos, play online games, download music and movies.
In any case, give preference to encrypted Wi-Fi networks and, if possible, use an encrypted VPN connection. For reference. VPN (from the English Virtual Private Network - virtual private network) is a set of technologies that allows you to create separate secure networks on top (or inside) existing ones.
Also pay attention to the type of connection when entering your mail, Internet bank or social network account. The connection must be encrypted with SSL (Secure Sockets Layer)! When you connect it, the prefix of the web address changes from http to https, and you can see a green lock in the right corner of the browser line with the address. This protocol is not considered completely reliable, but in the vast majority of cases it will protect you from hackers.
As a result, returning once again to the above in the text, we can draw only one conclusion: one should avoid financial transactions on the Internet if data transfer is carried out in a public network. The security and privacy of data is primarily the concern of the user himself. Only in this case sniffering (data interception) does not threaten you at all!
- 1. Sniffering - what is it?
- 2. Interception of data via Wi-Fi. How to protect yourself?
Lunch break in the office or just an hour or two of free time. A quick business lunch in a cafe is a common thing for a business person, as well as hours-long gatherings of students (after couples) over tea or beer. However, the main attribute of a modern catering establishment is not well-trained staff or gourmet cuisine, but the presence of a wireless network with free Internet access. You can view notifications on social networks, send mail, make a purchase in an online store or make an urgent payment from a mobile device (smartphone or laptop) directly in a cafe. Isn't it convenient? But it's hardly safe!
Sniffering - what is it?
An analyzer of passing network traffic, or "sniffer" (from the English word - "to sniff") is a computer program for redirecting (intercepting) packet data with the ability to decode and analyze it. Sniffering (data interception) is especially popular in crowded places (restaurants, train stations, shopping malls and just on the street). Wherever there is a public Wi-Fi network, an unsuspecting Internet user can fall prey to an attacker. In appearance, a fraudster can be the same carefree visitor to a cafe, whose attention is riveted to the screen of a personal laptop.
At the same time, a sniffer application is activated on the criminal's device, a wifi access point is turned on with a name consonant with the name of an institution or a public place (for example, macdonalds). When an unsuspecting user connects to one of the available public networks, he can easily become a potential victim of an intruder. All passing traffic is intercepted by the sniffer and analyzed for usernames and passwords of payment systems, credit card numbers, payment confirmation passwords, and so on. In fact, all your traffic is intercepted, but provided that you are connected to the fraudster's pseudo-network.
Traffic interception can be carried out not only through wifi, the following methods are known:
- "Listening" to the network by connecting to the network interface (free port of the hub or switch). This method will be effective only when using conventional hubs (hubs) instead of switches (switches) in the network segment. The fact is that a hub is an ordinary splitter, through each port of which all packets pass, and switches are intelligent devices, where the data flow can be divided into different channels, so the overall picture of the transmitted data in them, when connected to one port, is not receive;
- Connecting a sniffer to a break in a network channel;
- Branch (software or hardware) of network traffic with the direction of its copy to the sniffer (Network tap);
- Analysis of spurious electromagnetic emissions and restoration of listening traffic;
- Attack at the channel (MAC-spoofing) or network layer (IP-spoofing), which leads to an imperceptible redirection of the victim's traffic or the entire traffic of the segment to the sniffer, with the subsequent return of the traffic to the correct address.
Interception of data via Wi-Fi. How to protect yourself?
There is practically no absolute recipe for protection against sniffing, and basically the recommendations of information security specialists are reduced to the simplest one: in no case should financial transactions be carried out in public networks. Ideally, you should use your own mobile phone or laptop with a 3G modem to access the Internet, which will certainly help to avoid interception of traffic by intruders in public places.
And through public high-speed wifi internet connections, you can only watch YouTube videos, play online games, download music and movies.
In any case, give preference to encrypted Wi-Fi networks and, if possible, use an encrypted VPN connection. For reference. VPN (from the English Virtual Private Network - virtual private network) is a set of technologies that allows you to create separate secure networks on top (or inside) existing ones.
Also pay attention to the type of connection when entering your mail, Internet bank or social network account. The connection must be encrypted with SSL (Secure Sockets Layer)! When you connect it, the prefix of the web address changes from http to https, and you can see a green lock in the right corner of the browser line with the address. This protocol is not considered completely reliable, but in the vast majority of cases it will protect you from hackers.
As a result, returning once again to the above in the text, we can draw only one conclusion: one should avoid financial transactions on the Internet if data transfer is carried out in a public network. The security and privacy of data is primarily the concern of the user himself. Only in this case sniffering (data interception) does not threaten you at all!
