At home, I have an encrypted wireless network that myself and my house mate use to access the Internet with our laptops.
My house mate is an IT technician so his job is to manage the network at his work etc, and i guess he knows what he is doing. Is there anyway he can covertly spy on my Internet activity? What kind of information can he obtain without direct access to my computer and without his spying being easily noticed?
I found this website http://forums.techguy.org/networking/496409-need-simple-way-monitor-network.html that deals with this topic but I don’t know enough about this to work it out on my own.
Someone please help me cos this guy is kind of creepy and i don’t like the thought of him prying.
Why would you share an internet connection with someone you don’t really trust? Get your own modem and wireless router and then you don’t have to worry about it.
Does he have the access name and password to the wireless router? That would make it a lot easier for him, that’s for sure.
But I’m guessing that if he really knows what he’s doing, and since he is on the same, very simple, network as you, he probably could if he felt like it. But I suspect more often than not it’s more effort than it’s worth…why would he care to find out you browse the SDMB, or that your Aunt Sally sent you an email?
And if he really is so creepy you feel there is legitimate concern he’s “snooping” on you, I suggest getting a new house mate as soon as you can.
He does have the password to get full access to the router and incidentally, I am trying to move to my own one bedroom place but I have to find someone to take my place here as the contract is not yet up, but that is another story.
So it is technically feasible for something like this to happen?
If you ever leave your computer unattended he can put something on it. As a callow youth, I did this with people at work, simple things like patches to make their printout appear as mirror images, one time, and then erase itself. Great fun, until the boss got wind of it and asked us to cut it out, no names mentioned but we each got the hard stare of death.
He could run a sniffer which can easily capture what you are sending out and receiving. Its possible to sniff switched and wireless connections with ease (ettercap, wireshark, etc).
So he can probably see what sites you go to and what you post to forums, emails, and other plaintext things, but he wont be able to see things that use encryption like an HTTPS connection to your bank. Some webmail providers offer an https connection and if you get your email with a client, you may be able to use encrypted mail.
You really dont want an untrusted party on your LAN. Its difficult to protect yourself from them. Its much easier to just move or get a new roommate, unless you want to run a VPN somewhere all the time.
Your wireless router allows anyone with admin access to see the ip address of all sites being visited. Depending on the router it may even resolve the domain for you, and show the exact url you are visiting.
There are tools that make it possible to do this without router access, such as Kismet for OSX.
Your only two reasonable solutions are to get your own internet connection or to route all of your traffic through a proxy server.
Really skilled and motivated hackers can break into most things. Just check out the news stories from banks and other big companies. That said, your LAN probably isn’t your major point of weakness. Couldn’t he just figure out a way to log into your computer when you aren’t around? That is much easier. However, why do you think he would want to do something like that? An untrustworthy person living with you is a whole lot more danger than just snooping on what web sites you go to. Is there a reason to think he would do such a thing?
With a little work, assuming he knows what he’s doing, he can probably find out most of what you’re doing over the internet. The exceptions are: strongly encrypted connections like SSH and SSL (HTTPS) connections with a known/trusted key. This does NOT include typical WIFI encryption, but probably includes your online banking, and maybe your email if it’s set up correctly (and many times it isn’t).
If you’re that worried, yes, most of the things said here are true. Are you sure it’s not just paranoia? Can you differentiate “creepy” from “geeky and awkward”, which a lot of IT people tend to be?
Some comments:
The LAN is definitely a “point of weakness”. Actually, it’s more like standing on a podium with a megaphone and screaming out all your personal info. All network traffic flows through that same LAN and can be monitored by anybody with freely downloadable programs (as HorseloverFat pointed out).
And HTTPS is no guarantee of security unless every other avenue of attack is also secure. For example, if you use the same password for your bank as you do for the Dope and he catches you logging in to the Dope, bam, he has your bank password HTTPS or no HTTPS.
If your computer isn’t safe (is it unpatched? does it run a multitude of third-party programs with untold holes? etc.), it’s conceivable (though more difficult) that he can install monitoring software on your system.
If your computer isn’t physically secure, he can install programs (or perhaps hardware listening devices) that way. Or maybe he has a spy cam set up above your keyboard (and in the shower).
Do you access your email through encrypted channels? Few ISPs offer secure email, and that’s another way for him to get your password.
Did you download any programs from insecure sites recently? If he has control of the router, he could reroute internet traffic to fake websites made by him and feed you malicious programs that way. He could also redirect HTTPS sites to fake versions and if you ignore the browser warning, oops.
None of this would be easily detectable for you if you’re a layman. Move out or get some sort of proxy service, as alterego suggested… if it’s not already too late (cue evil music).
I’ve sniffed 3 months of traffic for an important matter and I have to say it’s the most boring thing in the world. If he is really interested in what you’re doing, he would probably just install a keylogger on your computer which could email him daily with every keystroke you made, what time, in what window etc. It’s soooo much easier.
If he’s an expert and you’re not, he would have no problems – especially if he has physical access to the router itself.
What you might be able to do is use three routers. The first is the main router (usually a cable modem or DSL modem). On this connect two separate WiFi routers. On the first WiFi router, change the password and set it to use WPA2 encryption. This is your router. Setup the second router however he wants. This is his router. Keep the DSL modem out of his hands, and you’ll be pretty safe.
The other thing you can do is always use SSL in your communications. That means setup Email to use SSL encryption or use the email website with the https:// prefix on the URL name. Even if he somehow gets access to the main router and is sniffing your communications, he cannot read this information. As long as your websites are all https://, he cannot read any information.
BTW, there are anonymiser websites out there that allow you to surf with https:// any website you want. See https://www.the-cloak.com. Understand that these websites themselves might not be the most reputable resources either. Otherwise, they couldn’t be anonymous.
By the way, make sure your anonymizer also uses https://! The whole purpose is to make sure that you are using encrypted communication from your computer down to the anoynmiser, so your friend can’t read your packets.
This might help you too: Anonymous proxy - Wikipedia
To watch what you are doing when he’s not there, either:
-He installs something on your PC (keylogger logs keystrokes, or back door to read your browsing history, etc.) At very least, for privacy, use InPrivate or delete browser history on exit; run Malwarebytes free scan every so often… Use the system snapshot tool and go back to before he could have done anything if you can, or rebuild your system…
-he has a very fancy router - most home routers don’t have capture or reroute (port monitor) so he won’t be using that.
-he leaves his PC on and logging whenever you are using the network. Your unencrypted (not https) traffic is open for him to capture. Plug your own wifi router into the wired ports of the house one, use that with your own encryption and password.
Maybe some other experts can answer, but without heroic measures, AFAIK it’s not easy to monitor traffic from a wired port with wifi unless the router has port monitor features. Few dinky home routers do AFAIK. If necessary, burn out the existing router (short out the power plug brick when he’s not home? Careful!) so that it needs to be replaced if it’s a cheap home one with that capability…
He can see every IP you make a connection to through the router administration, and if he really wanted to, he can read all un-encrypted traffic to each of those sites with a tool like wireshark. He is probably reading this thread right now.
If he’s an expert and you’re a non-expert, there isn’t going to be a whole lot you can do other than basic security stuff such as change your password often, don’t use the same password, run spyware checks, etc.
If he’s skilled in computers, he’ll be able to find a way around whatever you do most likely.
That said. Most people in IT don’t care what’s on your computer. IT people have access to so many peoples data all the time that you get a bit immured to it all. Not only do we not care which porn sites your visiting, we don’t WANT to know.
A way no one else mentioned is get access to his laptop. See what programs are installed, maybe what his recent activity has been. Counter-espionage.
But most cheapo home routers don’t have the memory or programming to do SYSLOG or other record techniques.Those el-cheapo routers don’t have the programming or RAM space to record your activity. Unless his PC is turned on and actively recording, he’s not watching.
This link, for example:
http://www.myopenrouter.com/article/10917/Port-Mirroring-Span-Port-Monitor-Port-with-iptables-on-NETGEAR-WGR614L/
Some NetGear routers allow you to load a Linux-based OS so that you can program all sorts of actions that the pre-programmed home routers don’t do. However, you’ll notice this if you login- it won’t be the simple web-based programming of the factory routers.
Otherwise, unless he’s recording your (non-HTTPS) traffic off the air, he isn’t listening.
This guy really has to want to know where you are going and actively try to figure it out. Unless he’s a super creep with an obsession for knowing everything about you (like some bad movie), odds are he doesn’t give a shit and isn’t watching.
Like I said, get a second router, plug it in wired, and cascade. Use WPA2 encryption and change the password every few days…
Paranoia strikes deep ♫ ♬
Into your life it will creep
It starts when you’re always afraid
You step out of line, the man come and take you away
We better stop, hey, what’s that sound
Everybody look what’s going down ♩ ♪
another Computer guy here
This, a hundred times over, this. Although the packet sniffing route can yeild fruit, its like panning for gold, you sift 5000 pounds of mud in hopes of finding a gram of gold.
Programs like spector or eblaster will defeat every measure everyone has suggested in this thread. They can often be used even against very computer saavy targets successfully. All the SSL and proxy stuff in the world isnt going to stop them decisively.
If he is any good at his job, nothing you do will be a real impediment to him. There are very few ways to stop a skilled tech who has physical access to your PC.
What’s worse is when a three year old zombie thread spies on you!
Yeah, he’s captured so much info he’s got two and a half years of backlog to go through.