Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Sniffing Public IP (Hackers tricks for protection)

Posted on 2010-11-08
4
Medium Priority
?
2,398 Views
Last Modified: 2012-06-27
So, I basically want to know how a hacker could sniff a public IP address at my office if they are outside my network. I have tried a few tools, to no avail and even though I sniffed perfectly within my network, I cannot figure out how I can see the unencrypted traffic while I am outside. Would someone literally need to be on my network to see this unencrypted traffic that is being sent out into the public internet?

My ultimate goal is to get something tangible to show the bosses, as far as what we are sending unencrypted and why security is important.
0
Comment
Question by:Bardlebee
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 1

Expert Comment

by:h4x0r_007
ID: 34089091
Basically, you would have to be on the same subnet (be in the same range of IP addresses given by the ISP) to be able to do this. Even so, many ISPs have security features that prevent this from happening. However, anyone at the ISP can easily see the data, so an employee of the ISP could misuses sensitive information acquired in this way. So even if your ISP implements security features to prevent hacking, they themselves can easily hack you. So, yes you do need encryption for all sensitive data.
0
 
LVL 4

Expert Comment

by:greggy86
ID: 34089106
Sniffing is a function of Layer 2 as the network interface will have to be in promiscous mode or a network tap wioll have to be used - thus for someone to sniff your traffic they have to be a part of your layer 2 broadcast domain. That way they will capture L2 to L7 data. Someone from outside your network cant just decide to target external traffic leaving from your router for sniffing.
0
 
LVL 33

Accepted Solution

by:
Dave Howe earned 1000 total points
ID: 34091421
Sniffing is actually a misnomer. in order to sniff, you need to be on the same layer two network segment as the target *and* that network needs to be in a mode where traffic is echoed to nodes that don't need it (so hub rather than switched, or arp poisoning needs to be performed)

Most successful hacker interceptions involve hacking a router (usually the headend at an ISP, or in a hosting center) and/or the target server, and doing the interception on an "interested" node. All cisco kit has a number of modes (for law enforcement access) to duplicate or redirect traffic via an intercept node. Actual successful hacker interceptions are near unheard of though - ISPs get enough random chinese hackers every minute that an insecure router is usually compromised, messed up, identified and taken out of service (to be rebuilt as a noticably more secure one) if not in minutes, certainly in less than a day.

The real danger tends to be wifi access points these days. Its no use saying "but its all encrypted" if you never change your key, and give your key to random visitors, the office cleaner, and the sales staff who have an average turnover of three months.  Anyone with your wifi key can see ALL your traffic, from everyone. and no, cisco's magic "isolation mode" doesn't help (although its leap/peap keyless crypto does)

0
 

Author Closing Comment

by:Bardlebee
ID: 34188832
Thanks for breaking this down for me Dave
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I don't pretend to be an expert at this, but I have found a few things that are useful. I hope that sharing them here will help others, so they will not have to face some rather hard choices. Since I felt this to be a topic of enough importance and…
It’s time for spooky stories and consuming way too much sugar, including the many treats we’ve whipped for you in the world of tech. Check it out!
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question