Hey i've got a silly question? Can you detect package sniffers. Looking for an answer.

Hey i've got a silly question? Can you detect package sniffers. Looking for an answer.Do you have a problem with someone sniffing your package?

http://glickselfdefense.com/safety/images/PS7_Bigshot_Pepper_Spray.jpg

That should do the trick!

http://www.doggienews.com/uploaded_images/sniffing-dog-butt-779913.jpg

http://media.ebaumsworld.com/picture/RipsnortChemist/dogsmellingass.jpg

http://www.homotron.net/images/homotron/dogbutt/dog_butt_sniffing.jpg

If I could do that, I would never leave the house.

Haha.. Great replies :P

OP... I think you mean "packet sniffers", and no I don't believe there is any way for the average user to detect them. I could be wrong but I've never seen or heard of such a thing. If you're concerned about your security the best thing to do is use encryption so even if someone was sniffing packets, the information they'd gather would be useless junk.

Packet sniffing is a passive activity and leaves no "finger prints" so it goes undetected.

The only evidence you will ever see is when someone actually attaches to your network. If you suspect that someone is packet sniffing, best you can do is:

1. Make sure all passwords (routers) are non-obvious, and difficult to decrypt. These are called "strong passwords. As a basic guideline, a strong password will be 12-14 characters long, will contain a mix of UPPER/lower/numeric/symbols, will not be in a dictionary, and will not do 1337h4x0r character substitution.
2. Do not broadcast your SSID.
3. Set your router to only accept connections from specified MAC addresses.

The only secure computer is one that sits in a locked room and has no network access. Since that is unrealistic, you just need to be careful.

Can we get back to package sniffing now?

...and if you're really, really concerned you can
impliment some more extreme security levels such as:

1. use copper or other metal-based EMI/RFI shielding (http://en.wikipedia.org/wiki/RF_shielding) to enclose your network

2. employ counter-EMI or counter-RFI emitters (http://en.wikipedia.org/wiki/Electronic_countermeasures) at a perimeter around your network

3. encrypt (http://en.wikipedia.org/wiki/Encryption_software) your entire network, including all files, packet data, and individual
LAN/WiFi connections making sure to use characters from all sets,
[e.g., 0-9, a-z, A-Z, symbols and ctrl-characters]

Tok was right though, I wouldn't really worry much about it
unless you're secretly communicating somehow with the aliens.

Additional References:

http://www.p-mtinc.com/
http://www.magnetic-shield.com/products/lab-kit.html?gclid=CNLfqZOKvpcCFQsMGgodXDrIRA
http://eastcoastshielding.com/
http://www.symantec.com/business/theme.jsp?themeid=globalsem_endpointsecurity&header=0&footer=1&depthpath=0&tabID=6&om_sem_eid=Google&om_sem_cid=biz_sem_Endpoint_Security_US_English&om_sem_adid=Endpoint_Encryption&om_sem_kw=laptop+encryption
http://www.csishield.com/
http://www.nelco-usa.com/industrial_radiation_shielding.php
http://www.emi-shielding.net/?source=google&gclid=CIiXqKaJvpcCFQt4Hgod41e5TQ

If you need someone to stop sniffing your packets all you need is a backpack, a badger, and 3 feet of rope. It is pretty simple and cheap to block people from sniffing packets that are going in and out of your computer but it is sometimes to keep the badger in line, I recommend using hypnosis on the badger and putting it to sleep until you get him inside of the backpack.

Steps:
1. Get your supplies and cut the rope into 2 pieces, the first piece being 1 foot long and the second piece being 2 feet long.

2. Put the badger in the bag (I recommended earlier that you should use hypnosis to complete this difficult task)

3. Tie the one foot rope to the ceiling and the other end to the top of the backpack with the badger inside. Then tie the two foot rope to the bottom of the backpack, you may have to put some kind of hole in the backpack to be able to tie the rope to the bottom if there is nothing to tie the rope to.

4. Hang on to the bottom of the rope and this should protect you from those pesky packet sniffer.

I have constructed this basic diagram in MS paint to give you further understanding of what the finishing outcome should look like.

http://farm4.static.flickr.com/3164/3105667619_a942c80bc0_o.jpg

If you have any questions afterwords with something not working, go ahead and take a picture of yourself with your setup and I can try and find out what's wrong.

Do you have a problem with someone sniffing your package?BA AHHAHAHAAHA!!!!! Oh man, I needed that.

3. Set your router to only accept connections from specified MAC addresses.


This is good in theory, but if someone is employing packet sniffers to grab traffic from your network, you're already boned since MAC addresses are transmitted in clear text and can be (relatively) easily spoofed (I have done it in a lab environment, it's fun!)

If you are on a wired network, like everyone else said, encrypt the hell out of everything. If you are on a wireless network, you're next to boned, but what you can do is:

1. WPA2 security
2. Encrypt as much of everything as you can
3. Do not open any ports. Port forwarding is your enemy.
4. Turn off all services that interact with the network. Anything open is a pure invitation.
5. Upgrade you OS to the newest version. (Again, I've played with some of the tools used to audit corporate networks to demo flaws, they are fun as hell but turn you very very paranoid).

That's about the best I can tell you.

As for the original question: As far as I know, it's not possible since most only require you to turn your ethernet (be they wireless or wired) into promiscuous mode (something Windows won't let you do but Linux can :) ). Network mappers on the other hand, are relatively EASY to pick up if you are doing anything over -T2 on nmap.

Hey i've got a silly question? Can you detect package sniffers. Looking for an answer.

contrary to responses, you can, theoretically. In order for packet sniffers to work, they have to flip into promiscuous mode (pick up any traffic you see flying by, not just packets destined for your NIC's MAC). It's a bit tricky, but higher end (managed) switches can certainly detect when a NIC flips into promiscuous as do some odd apps (PromqryUI.exe for windows comes to mind). Granted, there are legit uses for promiscuous mode (packet sniffing is a legit practice, in certain circumstances), but these will at least tell you when it happens.

Commonly, enterprises forbid promiscuous mode on their networks and set up all switches to immediately flag when ports do this.

edit -- for linux (doubt this works with other unicies) http://www.securiteam.com/tools/2GUQ8QAQOU.html

Commonly, enterprises forbid promiscuous mode on their networks and set up all switches to immediately flag when ports do this.All true - but only pertinent to people sniffing packets on a wired LAN. A wireless network cannot detect that a wireless NIC is in promiscuous mode.

Re: MAC spoofing. Not going to fool a dedicated "h4x0r", but MAC addresses will work to a point.

Another option - channel the wifi channel you are on. Again, not a great security measure, but its not obvious, and will stop interference from other networks in area that might be on same freq.

Both these options are easy, and free, and like all good security provide a another couple layers that need to be peeled back. They are about as effective as a screen door to protect you from intruders, but will keep the bugs out.

Any wireless network should be viewed as the most malicious of networks as a matter of practice, I supposed I figured it would be a moot point to sniff in the first place. I mean, all your traffic is just... floating there :P


All true - but only pertinent to people sniffing packets on a wired LAN. A wireless network cannot detect that a wireless NIC is in promiscuous mode.

Re: MAC spoofing. Not going to fool a dedicated "h4x0r", but MAC addresses will work to a point.

Another option - channel the wifi channel you are on. Again, not a great security measure, but its not obvious, and will stop interference from other networks in area that might be on same freq.

Both these options are easy, and free, and like all good security provide a another couple layers that need to be peeled back. They are about as effective as a screen door to protect you from intruders, but will keep the bugs out.

Whoa! What the heck am I doing in this backpack?

I can see by the smile on your face that they obviously found somewhere else to attach the rope :cool:

If I could do that, I would never leave the house.

If you could do that, I'd never leave the house!

But yes, usually if you look down quickly, you can see the tops of their heads.

Whoa! What the heck am I doing in this backpack?

It's the only solution.

you neglect to notice the "rabid" part. Hope you got health insurance when I get out...