Using Wireshark to Audit Your Network

I was talking with a friend about “listening” in on other peoples wireless connections. He didn’t realize how easy it is for someone to audit an open network and begin tracking online activity. Like most things mischievous online, the barrier to entry is an indicator of how likely an attack is. Take WEP cracking for example, all you need is a packet capture program and rainbow tables and you’re in. Most of the hard work is done for you. However, listening in on networked conversations is even easier, which means, potentially more people are doing it.

Here’s how:

  1. Download Wireshark.
  2. Install and start a packet capture.
  3. Right click and follow a TCP stream.

That’s it. You’ll literally be able to read anything over your network in plain text as long as the connection is not through https and the wireless network is not encrypted.

It gets more complicated if you want it to be. I’m sure everyone is well aware, but I’ll reiterate, one should never use Wireshark to audit a network that one doesn’t have permission to audit. However, bad apples do exist, so if you have an unsecured wireless network, consider it public and never login to important sites while on it.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.