Hey /g/, quick netsec question.
What techniques are there to allow one to spy on his home network? I'm asking because I got the feeling that a family member is spying on us, so I'm trying to uncover the truth.
If it helps, most computers are on a wired connection, with laptops an phones on wifi. It's run by the router that we got from our ISP. From what I've seen, its settings haven't been modified, so it's not simply the router redirecting requests through the spy's computer. The settings available are also pretty limited, I don't even think there is a way to do this from the router.
The wired connections go through the walls, so there's no way to tamper with the network cables, plus I checked the connections, everything seems fine.
Where else can I go looking?
>>45605767
>pls respond
>>45606378
>ergodox
My nigga.
This is also helpful for me.
My sister is autistic and I'm pretty sure she's talking to crazy people on the internet because she's lonely (she dropped out of school). I need to observe what she's doing.
>>45606378
>eject button
>man_falling_from_sky_scraper.webm
>>45605767
Unecrypted packet sniffing
well you used to just be able to run a packet sniffer, but now that all home APs/ routers are switches, I don't know. You'd have to set up some kind of MiM attack I would think.
>>45606451
Not mine sadly
>one day you may
>>45606473
As I said, I took a look in the router's configuration to see if any custom DNS servers were set, but it was still configured to the ISP's default servers. What could be done however, is set the DNS server to your own computer and simply log the requests. I have an OpenWRT router which I could use for that, but I have no desire to spy on my own family. You could even somehow resolve all domains to your PC's address and just forward all traffic, but that would be much more complicated. It might also look suspicious when all sites resolve to 192.168.1.123. And it might fuck up HTTPS.
>>45606687
How to do that without touching the ethernet wires?
>>45606473
>>45606765
PS: the DNS thingy probably only works on DHCP clients, and then only if no custom DNS is set on the client. Though I doubt your autistic sister cares about DNS, unless she is /g/-grade "autistic"
>>45606765
>it might fuck up HTTPS.
Not him, but how?
>>45606765
Go learn how packets are broad casted
>>45606765
Have you even ordered a kit to begin with?
Mine with blues inc soon™
>there will never be a keyboard with an ergodox-like layout with scissor switches
>>45606834
Nope, I'm not in the US, so Massdrop et al isn't really an option, although I recently discovered that falbatech.pl sells cases, boards all the components needed, at decent prices. I was ready to order until I calculated the price of the whole unit. So I'll wait until I actually got some money to spend. Plus I'm sure I'll be disappointed because I got the wrong switches...
>>45606822
Oh man that brings me back to my uni lectures about networks, I hated that. Something about layers and ARP or whatever... Care to give me some clues on what direction I should start looking?
>>45606819
I don't know how exactly, maybe it'll work fine if you just forward all traffic as-is. But it's possible that the SSL certificate contains the IP address it is supposed to certify and your browser will give you an "untrusted connection" error. Just speculations.
>>45606977
>Nope, I'm not in the US, so Massdrop et al isn't really an option
Neither am I, so I had to shell out the extra 25 dollarridoos.
>>45606977
Not the samefag here bit from what I remember, packets are broadcasted to every machine in the network, and since the packet contains the destination Mac address so the Internet cards accept it or not. At least that's the case for wifi
For ethernet the router has an Internal table corresponding every port to the mac address. And the router constantly send packet ( I think they are called ARP packets) to know what address is who on the network, so he could theoretical poison the internal table of the router, and it will send all the packet to his computer, and after that he can redirect them.
But again that's what I remember on the top of my head and it might be wrong.
P. S To spy any ssl connection he would have to setup a mim ( man in the middle) attack, which is a bit more complex but doable
>>45605767
Ettercap.Piss easy.You'll need to change it's config file to get it to work. Google the details.
>>45607234
Looked into ettercap, this shit looks pretty powerful. However I have a problem, could you maybe help me?
The home network is on the 192.168.1.0/24 subnet, however, my computer is on 10.0.0.0/24. How can I tell ettercap to look outside of my own subnet? Is this even possible?