undefined | Better HN

story

0 pointschaorace1y ago0 comments

It's just semantics... but I'll throw my hat into the ring nevertheless:

The "eavesdropping" attack happens when you capture unecrypted packets. From there, you could either try to hijack the session by inserting yourself into the local conversation (effectively launching a "MITM" attack) or completely independently of the local conversation attempt to impersonate the login session (effectively launching an "impersonation" attack).

0 comments

cricketlover1y ago

How fan we capture unencrypted packets from the network? I thought you had to run tcpdump or something like that to be able to do that. But you won't be able to run tcpdump if you don't have access to the interface (source or destination), no?

chaoraceOP1y ago

I'm speaking in the context of the parent conversation ("unencrypted WiFi packets"). On wireless networks, all devices share the same "wire", so to speak. Normally that traffic is useless when captured due to encryption, but that's not the case on unencrypted (i.e. public) WiFi.

Control88941y ago

It doesn't matter if the wifi is encrypted or not. All that matters is that you share the network with an attacker. You can ARP poison just fine, encrypted or open, wifi or wired.

chaoraceOP1y ago

Well, actually... you can only successfully launch an ARP poisoning attack if you're on the same network segment as the impersonated host.

(Yes, I am indeed being pedantic on purpose to prove a point. I offer this parenthetical to you in place of an apology)

j / k navigate · click thread line to collapse

0 comments

cricketlover1y ago

chaoraceOP1y ago

Control88941y ago

It doesn't matter if the wifi is encrypted or not. All that matters is that you share the network with an attacker. You can ARP poison just fine, encrypted or open, wifi or wired.

chaoraceOP1y ago

Well, actually... you can only successfully launch an ARP poisoning attack if you're on the same network segment as the impersonated host.

(Yes, I am indeed being pedantic on purpose to prove a point. I offer this parenthetical to you in place of an apology)

j / k navigate · click thread line to collapse