Networking Forums
Home Register Members Search Links
Member Login:

Networking Forums > Wireless Networking > Wireless Internet > detecting wireshark and ethereal

Reply
Thread Tools Display Modes

detecting wireshark and ethereal

 
 
genericprofile13@gmail.com
Guest
Posts: n/a

 
      09-24-2008, 01:13 AM
anyway to detect wireshark and ethereal users on a wireless network?
 
Reply With Quote
 
 
 
 
Axel Hammerschmidt
Guest
Posts: n/a

 
      09-24-2008, 06:11 PM
<(E-Mail Removed)> wrote:

> anyway to detect wireshark and ethereal users on a wireless network?

Send out a packet to a MAC address you know is not on the network. I
think an ARP packet or something like that - any packet that a card in
passive mode would normally respond to.

Here are two (Google) hits explaining in more detail how, along with
some of the exceptions:

<http://www.linuxjournal.com/article/5201>

<http://cns.tstc.edu/cpate/LINUX/Linux_How2/Sniffers.htm>
 
Reply With Quote
 
Jesse Thompson
Guest
Posts: n/a

 
      09-25-2008, 05:58 PM
Unfortunately, Axel's advice only applies on an ethernet network. If
people are sniffing your traffic wirelessly (either via unencrypted
wireless, or comprimised WEP keys) they are likely using an
application like KISMET to collect the packet data. (this dumped
packet data can then be analyzed offline via Wireshark). KISMET does
not participate in the wireless network to collect packets, in essense
it represents a level of passivity that even Wireshark alone doesn't
match. Active arp/mac/latency probes on your part will elicit no
response from the KISMET user's wireless interface.

Your best defense as always is to:
* use WPA or WPA2 encryption at all sites you control
* At untrusted hotspots or where WPA is not available, handle all
truly sensitive data (bank, financial, corporate email) via SSL, TLS,
VPN, IPSEC, or SSH Tunnel
* Consider all wireless data you handle not protected by either of the
above measures as non-private, similar to a conversation in a crowded
room. Anyone genuinely interested will hear what you have to say or
may interrupt the conversation.

Good luck, friend!

Jesse Thompson, Systems Administrator
Webformix, Broadband Internet for Bend, Oregon
http://www.webformix.com/bend.html


On Sep 24, 11:11*am, hl...@hotmail.com (Axel Hammerschmidt) wrote:
> <genericprofil...@gmail.com> wrote:
> > anyway to detect wireshark and ethereal users on a wireless network?
>
> Send out a packet to a MAC address you know is not on the network. I
> think an ARP packet or something like that - any packet that a card in
> passive mode would normally respond to.
>
> Here are two (Google) hits explaining in more detail how, along with
> some of the exceptions:
>
> <http://www.linuxjournal.com/article/5201>
>
> <http://cns.tstc.edu/cpate/LINUX/Linux_How2/Sniffers.htm>
 
Reply With Quote
 
 
 
Reply

« Help Wireless Router as Switch | *New Proxy -- QUICK LOADING Proxy* »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Ethernet CRC check in Wireshark jprudent Linux Networking 4 03-26-2011 12:55 PM
Re: Alternative to Wireshark Rob Morley Home Networking 6 01-10-2011 10:46 PM
Re: Equivalent to Wireshark for wireless adapters? R Johnson Broadband 5 08-23-2009 06:51 PM
Wireshark on Ubuntu nooneinparticular314159@yahoo.com Linux Networking 4 04-27-2008 11:37 AM
Can't launch ethereal--- bash: ethereal: command not found krakov@mailinator.com Linux Networking 1 06-20-2005 10:16 AM


Forum Software Powered by vBulletinฎ, Copyright Jelsoft Enterprises Ltd.
SEO by vBSEO 3.3.2 ©2009, Crawlability, Inc.
Contact Us - Archive - Privacy Statement - Top

1 2 3 4 5 6 7 8 9 10 11