Is Someone Sniffing Around Your Data!?

Sniffing WI-FI networks has become a security issues for the most predominant method for people in the US to access the internet whether it be via hot spots, a home router, or on a work or business WI-FI network.  It is a great convenience, but a wireless network can also leave you open to security breaches. An attack can come from a great distance and apprehending a perpetrator can be very difficult.

How sniffing is done

A WI-FI sniffer is one of the main tools used in WI-FI attacks. Sniffer is now technically a trademark name, but they can also be called network probes, wireless sniffers, Ethernet sniffers, packet sniffers, or packet analyzers. A WI-FI sniffer is similar to wiretapping on a phone line. Someone else has access to the “conversation” or information being transmitted via the WI-FI network. The sniffer collects and inspects data “packets” traveling along a network.

A WI-FI-Network is like a street of cars in traffic. Each car is a packet full of passengers that are data. Your computer is like a home on that street. As cars drive by, you do not stop and inspect each car. Usually, you only think about the cars that actually stop at your house. With a sniffer, however, the computer will check every single packet of data. It would be like you stopping every car on your road before letting them pass your house. A sniffer may also have a filter that determines which specific type of package and data to inspect. The filter may tell the sniffer to only stop every 10^th car, or every red car, or only cars with more than 2 passengers.

Catapult Tech Solutions wants you to know that sniffers have a valid use in the business environment. Network administrators use commercial grade sniffers on hardware devices to perform diagnostic tests on their own network. They can troubleshoot problems and detect if there has been any unauthorized access. They can even detect bandwidth “hogs” clogging up the network.

What are sniffers?

Although it is perfectly legal to use a sniffer on your own network to monitor what is going on, it may not coincide with the privacy laws in your jurisdiction to use it elsewhere. Cybercriminals can use social engineering and phishing scams to fool a victim to download their sniffer. Then they have access to everything on the victim’s network. A cybercriminal can use a sniffer to access passwords, emails, and track online movements

WI-FI sniffers come in two forms- hardware or software. The software may be more popular in many cases, but both complete the same function.

Software: WI-FI sniffer software can be obtained for virtually any operating system: Windows, Mac, and mobile. Some examples of software sniffers are Wireshark, Network Miner, Aircrack-ing, Zanti, and KisMAC.

Hardware: Sniffer hardware is typically small and portable and will easily fit into a laptop bag or even your pocket. You point the device in the direction you believe there to be a WI-FI network and the device alerts you when one is in range of your device. Using the device to find a network is not illegal, but to use it to intercept network security and gather data certainly is!

Two types of sniffing: passive and active

A network connects several devices together in a single network connected to a hub. All the data travels along the same network, and all the devices on the network receive all the data. A sniffer can easily, and passively, intercept all the data on the network. The sniffer does not have to actually DO anything, the data comes to it, and it is extremely hard to detect. In a larger network the amount of traffic on the network can become overwhelming. Switches are installed to regulate the data. Data is only sent to the device that is intended to receive it. A sniffer cannot sit back and just let the data come by. Instead, it must actively negotiate around the switches to gather information. The activity can help make the sniffer a bit easier to detect.

How can you protect yourself from a sniffer? Sniffing is one of the sneakiest hacking techniques out there. There are some simple steps can help you protect your personal data.

• Be sure you are using a strong antivirus tool.
• At home, you will want to be sure your WI-FI router is set to WPA encryption and choose a WI-FI password that is at least 9 characters long. (12 characters is virtually impossible to crack!)
• When accessing WI-FI out and about, especially when the network is not secure, you need to assume that your data is at risk. Be sure you refrain from doing any banking or financial business while on an unsecure network.
• Only use https encrypted websites.
• Finally, use a VPN to route your internet use through an encrypted network.

The best way to protect your business network from sniffing is to employ managed security. Catapult Tech Solutions has you covered! From security assessments to policy development to ongoing security management we can protect your network and keep it running smoothly and safely!

Are you on Facebook? We are, too. Let’s be friends!