• We've upgraded our forums. Please post any issues/requests in this thread.

small question about sniffing

s.

New Member
Joined
Feb 25, 2011
Messages
32 (0.01/day)
Likes
0
#1
hello,
i want to ask if it is possible that one can sniff the first request packet that i send or he cannot???
i think he can sniff the traffic but not the request, is that right???
please if any thing not clear in my question please tell me to clear it
thanks in advance to any help
regards
 
Joined
Jan 17, 2010
Messages
10,033 (3.47/day)
Likes
6,637
Location
Oregon
System Name Delta // Alpha-HTPC
Processor Intel i7 6700K // Intel i5 4570
Motherboard GIGABYTE Z270X-Gaming K7 // Gigabyte H97M -D3H
Cooling Corsair H80i V2 // Silverstone NT-06 Pro
Memory Corsair DDR4 3000 32gb //G.SKILL Ripjaws X Series 8GB 1600
Video Card(s) EVGA GTX980ti// EVGA GTX 1050ti
Storage Samsung 950 Pro 512, 2 Tb FireCuda// Samsung 850 Pro, 1 X 4 Tb HGST, 1 x 6Tb Toshiba
Display(s) ASUS PB278Q 27" 1440X 2560 // 50" Samsung Plasma 720p
Case Corsair Obsidian Series 550D // Silverstone Granada GD05
Audio Device(s) ASUS Xonar DGX // HDMI to Yamaha RX V571
Power Supply Corsair TX850M // SeaSonic G Series 550w
Mouse Logitech G502
Keyboard Corsair K70
Software Windows 10 64bit // Windows 7 64bit with Kodi
#2
Its not clear...what programs, what traffic
 

s.

New Member
Joined
Feb 25, 2011
Messages
32 (0.01/day)
Likes
0
#3
i mean for example when i send a traffic, that traffic contain (syn packet in TCP is the first request packet in the traffic) first request packet and the later packets is that contain the information, ok
now it is possible for some one to sniff that first request, or he can start sniffing after that packet
is it now clear please
thank you for your reply and trying to help
regards
 
Joined
Jan 14, 2009
Messages
2,628 (0.81/day)
Likes
521
Location
Brisbane, Australia
System Name MRCOMP!
Processor Amd 1090T @ 4200 mhz
Motherboard Gigabyte 890FX UD5
Cooling CNPS Extreme
Memory 32GB OCZ Reapers 1600mhz 6-8-6-24 1.65v
Video Card(s) GTX560 TI 26% overclock
Storage 60GB OCZ vertex 3, 2x1TB Raid 0 2x 640GB Raid 0
Display(s) 30" LG lcd
Case No Case... just sitting on cardboard :D
Audio Device(s) Nvida HDMI - Sony MU TE KE 7.2 1695Rms
Power Supply Silverstone 700watts.
#4
im fairly certain you can sniff every single packet you send/receive. assuming this person has access to your connection locally via a hub.




to answer in a simple way, Yes. if they can sniff a packet, they can sniff every packet. it does not matter the order.
 

s.

New Member
Joined
Feb 25, 2011
Messages
32 (0.01/day)
Likes
0
#5
thank you very much
ok, that is very helpful
now in the real network(leaf network)where me and many people share the same ISP (by wire or wireless), you mean that is possible here??
so that is mean sniffing can never defened, is it true
when there is an important information in the header feild (of only the first request packet(syn packet)) it can be sniff, is that right???

thank you very much for your help
best regards
 
Last edited:

Kreij

Senior Monkey Moderator
Staff member
Joined
Feb 6, 2007
Messages
13,817 (3.49/day)
Likes
5,524
Location
Cheeseland (Wisconsin, USA)
Processor Intel Core 2 Quad QX9650 Extreme @ 3.0 GHz
Motherboard Asus Rampage Formula
Cooling ZeroTherm Nirvana NV120 Premium
Memory 8GB (4 x 2GB) Corsair Dominator PC2-8500
Video Card(s) 2 x Sapphire Radeon HD6970
Storage 2 x Seagate Barracuda 320GB in RAID 0
Display(s) Dell 3007WFP 30" LCD (2560 x 1600)
Case Thermaltake Armor w/ 250mm Side Fan
Audio Device(s) SupremeFX 8ch Audio
Power Supply Thermaltake Toughpower 750W Modular
Software Win8 Pro x64 / Cat 12.10
#6
Hi s,

If someone has access to the packets travelling through a network whether it's wired or wireless, they can read all the packets that are transfered over the medium if they know how to do so.

If you are worried about someone intercepting packets make sure everything that you send is encrypted. They will still get the packets but it will be very difficult for them to be able to decipher them if a good encryption method is put into place.

If the data is so extremely sensitive that you cannot risk anyone deciphering it, there are techniques for that also, but require additional communication outside the network (offline) to get the decryption information (keys) to people who will be receiving the data.
 
Likes: s.

s.

New Member
Joined
Feb 25, 2011
Messages
32 (0.01/day)
Likes
0
#7
thank you very much for the information you explain
what i am worried about is a key in the header that i want it not to be used from other one(it was for auth. the client by the nearest router), when he know my ip address and want to know the key that associated to that ip(to use my identity), so also if i encript it i think it does not be helpful, isn't that???? because he also can use that encription with my ip together
thank you very much for your help
best regards
 

Easy Rhino

Linux Advocate
Joined
Nov 13, 2006
Messages
14,405 (3.56/day)
Likes
4,257
System Name VHOST01 | Desktop
Processor i7 980x | i5 7500 Kaby Lake
Motherboard Gigabyte x58 Extreme | AsRock MicroATX Z170M Exteme4
Cooling Prolimatech Megahelams | Stock
Memory 6x4 GB @ 1333 | 2x 8G Gskill Aegis DDR4 2400
Video Card(s) Nvidia GT 210 | Nvidia GTX 970 FTW+
Storage 4x2 TB Enterprise RAID5 |Corsair mForce nvme 250G
Display(s) N/A | Dell 27" 1440p 8bit GSYNC
Case Lian Li ATX Mid Tower | Corsair Carbide 400C
Audio Device(s) NA | On Board
Power Supply SeaSonic 500W Gold | Seasonic SSR-650GD Flagship Prime Series 650W Gold
Mouse N/A | Logitech G900 Chaos Spectrum
Keyboard N/A | Posiden Z RGB Cherry MX Brown
Software Centos 7 | Windows 10
#8
slyfox summed it up. you can easily intercept and read packet info with a hub if you have physical access to the network.
 

s.

New Member
Joined
Feb 25, 2011
Messages
32 (0.01/day)
Likes
0
#9
so, you mean what i say is true
there is no way to prevent person who do that?
thank you for your reply
regards
 

Easy Rhino

Linux Advocate
Joined
Nov 13, 2006
Messages
14,405 (3.56/day)
Likes
4,257
System Name VHOST01 | Desktop
Processor i7 980x | i5 7500 Kaby Lake
Motherboard Gigabyte x58 Extreme | AsRock MicroATX Z170M Exteme4
Cooling Prolimatech Megahelams | Stock
Memory 6x4 GB @ 1333 | 2x 8G Gskill Aegis DDR4 2400
Video Card(s) Nvidia GT 210 | Nvidia GTX 970 FTW+
Storage 4x2 TB Enterprise RAID5 |Corsair mForce nvme 250G
Display(s) N/A | Dell 27" 1440p 8bit GSYNC
Case Lian Li ATX Mid Tower | Corsair Carbide 400C
Audio Device(s) NA | On Board
Power Supply SeaSonic 500W Gold | Seasonic SSR-650GD Flagship Prime Series 650W Gold
Mouse N/A | Logitech G900 Chaos Spectrum
Keyboard N/A | Posiden Z RGB Cherry MX Brown
Software Centos 7 | Windows 10
#10
the only way i think is to use SSL encryption on the LAN so at least the information is encrypted. there may be a better way.
 
Likes: s.

s.

New Member
Joined
Feb 25, 2011
Messages
32 (0.01/day)
Likes
0
#11
thank you very much for that idea
the problem i had is i need the header to be secure, the information in the packet not matter,
i think the SSL is used to secure the info. in the packet, isn't that
best regards
 

Easy Rhino

Linux Advocate
Joined
Nov 13, 2006
Messages
14,405 (3.56/day)
Likes
4,257
System Name VHOST01 | Desktop
Processor i7 980x | i5 7500 Kaby Lake
Motherboard Gigabyte x58 Extreme | AsRock MicroATX Z170M Exteme4
Cooling Prolimatech Megahelams | Stock
Memory 6x4 GB @ 1333 | 2x 8G Gskill Aegis DDR4 2400
Video Card(s) Nvidia GT 210 | Nvidia GTX 970 FTW+
Storage 4x2 TB Enterprise RAID5 |Corsair mForce nvme 250G
Display(s) N/A | Dell 27" 1440p 8bit GSYNC
Case Lian Li ATX Mid Tower | Corsair Carbide 400C
Audio Device(s) NA | On Board
Power Supply SeaSonic 500W Gold | Seasonic SSR-650GD Flagship Prime Series 650W Gold
Mouse N/A | Logitech G900 Chaos Spectrum
Keyboard N/A | Posiden Z RGB Cherry MX Brown
Software Centos 7 | Windows 10
#12
hrm true i guess. are you specifically worrying about tcp packets or ip packets?
 

Easy Rhino

Linux Advocate
Joined
Nov 13, 2006
Messages
14,405 (3.56/day)
Likes
4,257
System Name VHOST01 | Desktop
Processor i7 980x | i5 7500 Kaby Lake
Motherboard Gigabyte x58 Extreme | AsRock MicroATX Z170M Exteme4
Cooling Prolimatech Megahelams | Stock
Memory 6x4 GB @ 1333 | 2x 8G Gskill Aegis DDR4 2400
Video Card(s) Nvidia GT 210 | Nvidia GTX 970 FTW+
Storage 4x2 TB Enterprise RAID5 |Corsair mForce nvme 250G
Display(s) N/A | Dell 27" 1440p 8bit GSYNC
Case Lian Li ATX Mid Tower | Corsair Carbide 400C
Audio Device(s) NA | On Board
Power Supply SeaSonic 500W Gold | Seasonic SSR-650GD Flagship Prime Series 650W Gold
Mouse N/A | Logitech G900 Chaos Spectrum
Keyboard N/A | Posiden Z RGB Cherry MX Brown
Software Centos 7 | Windows 10
#14
if the person has a hub on the LAN and the information is not encrypted then the person can capture all data, including the first request packet. at least that is what i believe. somebody with more network experience will know more or be able to explain it better.
 
Likes: s.

s.

New Member
Joined
Feb 25, 2011
Messages
32 (0.01/day)
Likes
0
#15
what you try to do for me is very kind of you
and i am very thank to you
best regards
 
Joined
Nov 4, 2005
Messages
9,950 (2.25/day)
Likes
2,309
System Name MoFo 2
Processor AMD PhenomII 1100T @ 4.2Ghz
Motherboard Asus Crosshair IV
Cooling Swiftec 655 pump, Apogee GT,, MCR360mm Rad, 1/2 loop.
Memory 8GB DDR3-2133 @ 1900 8.9.9.24 1T
Video Card(s) HD7970 1250/1750
Storage Agility 3 SSD 6TB RAID 0 on RAID Card
Display(s) 46" 1080P Toshiba LCD
Case Rosewill R6A34-BK modded (thanks to MKmods)
Audio Device(s) ATI HDMI
Power Supply 750W PC Power & Cooling modded (thanks to MKmods)
Software A lot.
Benchmark Scores Its fast. Enough.
#16
Unless you are on a separate node you can capture all the data being transmitted across your network with a few exceptions. I can listen in at work to the data from all systems and see all the packets.

Hubs, switches, and most consumer grade devices will not route data off the network unless they are a endpoint device to the node.

Are you looking to sniff packets to determine network usage, or just hacking on neighbors networks? If you want to know network usage use a service like openDNS or buy a decent firewall and forget trying to capture data. If you are hacking a network, go away.
 
Likes: s.

s.

New Member
Joined
Feb 25, 2011
Messages
32 (0.01/day)
Likes
0
#17
thanks for your reply
no don't worry i am not a bad person, be sure, what i am asking for is to see how can the hackers distroy my security (that is in my study)by sniffing and i need your help for that
best regards
 
Last edited:

LordJummy

New Member
Joined
May 13, 2011
Messages
1,403 (0.58/day)
Likes
246
Location
US of A
System Name Workstation1 | Asus G55VW-DS71
Processor i7 970 3.8GHz | i7 3610QM
Motherboard RIII Formula
Cooling EK 360 Supreme HF | Asus G55VW
Memory 24GB Dominator | 12GB DDR3
Video Card(s) 2x Diamond HD 6970 | GTX 660M
Storage 2x Vertex4 256GB | 256GB Vertex4 & 750GB HDD
Display(s) 3x Crossover 27" LED S-IPS + 30" DELL IPS
Case Corsair Obsidian 800D
Audio Device(s) X-Fi Titanium Fatal1ty Pro + Gigaworks G550W
Power Supply HX1000 + NZXT Black Sleeved Extensions
Software Win7Ult64Bit
Benchmark Scores ballz
#18
"All those packets will be lost in time, like tears in rain"

If a packet is sent over any network, wired or wireless, someone with physical access to that network absolutely has the ability to listen in and capture all packets. Encrypted or not he can see/sniff them.

Is this a LAN or WAN? If it's a LAN, is it a simple physical network? Does it have wireless segments?

If it's a WAN things are a bit different. I saw something about a leaf network so I'm assuming this is a WAN spread out over several public networks...

I know I'm a little late to jump in here but I'm really interested in what the network layout looks like. I might have some helpful suggestions on how to circumvent this guy.
 
Likes: s.

s.

New Member
Joined
Feb 25, 2011
Messages
32 (0.01/day)
Likes
0
#19
thank you very much for your reply
leaf network like that with the ISP , i assume it has wireless segments
thanks for your attention
 

Kreij

Senior Monkey Moderator
Staff member
Joined
Feb 6, 2007
Messages
13,817 (3.49/day)
Likes
5,524
Location
Cheeseland (Wisconsin, USA)
Processor Intel Core 2 Quad QX9650 Extreme @ 3.0 GHz
Motherboard Asus Rampage Formula
Cooling ZeroTherm Nirvana NV120 Premium
Memory 8GB (4 x 2GB) Corsair Dominator PC2-8500
Video Card(s) 2 x Sapphire Radeon HD6970
Storage 2 x Seagate Barracuda 320GB in RAID 0
Display(s) Dell 3007WFP 30" LCD (2560 x 1600)
Case Thermaltake Armor w/ 250mm Side Fan
Audio Device(s) SupremeFX 8ch Audio
Power Supply Thermaltake Toughpower 750W Modular
Software Win8 Pro x64 / Cat 12.10
#20
Here is the sum total of electronic communications, s.
If you absolutely, positively cannot risk the slightest chance of someone intercepting your electronic transmission. Don't send it.
This includes internet, telephone, cell, coded CB, direct satellite or any other electronic means of communication.
If a person has enough resources and/or access to the link, they can get your transmitted data.

The only thing you can do to mitigate the problem is to encrypt all the data you can so that even if they do get it, it will be very difficult for them to decipher what you have sent.

If the person is intent upon spoofing your identity (for whatever reason) they will be able to accomplish this if they are good enough, but that too can be mitigated but is way beyond being explained here on TechPowerUp.

Even if you travel to the person who is to receive the message and tell them verbally, there are ways to listen in to the conversation, even remotely.
If the person watching you has that many resources, you are probably already compromised in many ways.

My advice ... just use a secure transport protocol and make sure both the transmitting and receiving computers are protected with good firewalls to prevent intrusion, and you should be fine.
 
Likes: s.